Nosto sets up persistent first party cookies using site's own domain (as a source domain) in order to identify browsers between their visits and during their visit. Read more about how first and third party cookies in the article Nosto and Cookies.

Cookie list (IDs) and behaviour of cookies is listed below. Nosto keeps right to add/remove/change user status related cookies in order to develop the service to offer new features and benefits to merchants. Related to cookies: nostojs - validates that Nosto is technically able to read and write cookies to the device.

Nosto debug toolbar adds two cookies, which are only written when the debugger is activated to review and debug Nosto on the site. To clarify: These are only added when a site administrator enables the debugger and never for regular visitors of the site:

All cookies have 4 year expiration time. Please note that cookie lifetime differs from data retention period: The time personal data is stored, which is noticeably shorted. In case your area's regulatory environment requires using shorter cookie lifetime or if the environment changes, cookie lifetime is also adjustable by our team The change is advisable to execute only once to avoid issues with segments, website analytics and user profiles. In case cookie lifetime should be altered, contact Nosto support or your customer success manager.

Shopper data is retained a reasonable time period, 450 days since the last transaction or interaction with the site. This is in order to retain capability to personalise experiences based on seasonality, hence the period is slightly longer than 1 year. As an example, this ensures a capability to personalise experiences for shoppers who bought summer garment the year after, but not longer than one year plus three months. Profiles and data of shoppers who bought more than 450 days ago and never returned, is automatically deleted.

In case a shopper doesn't purchase or leave contact details, but only browsed the site, data of such a shopper profile is stored for only 90 days.

Profiles of shoppers who exited immediately (bounce) is kept for 30days.

If you want to disable Nosto script from loading and effectively disable Nosto personalisation on your site, please find documentation here. For more advanced use cases such as how to use Nosto in private-mode, contact Nosto support or your customer success manager.

The tooling under Data Controls allows you to adjust what types of personal data Nosto processes, making it simple to omit and exclude data types, which you don't want Nosto to process. This is the easiest way to manage data types without any changes to integration.

Customer Removal Tool helps you to remove personal data from Nosto, should you receive "forget-me requests" by your customers.

Customer Data Takeout Tool helps you to comply to requests what data Nosto has on individual shoppers, should you receive requests by your customers.

If you discovered this article in process of finding more information what kind of data Nosto processes and stores to fulfil requirements of GDPR article 30, two useful resources for you are Nosto's Data Processing Policy / Addendum and account-based Record of Processing Activities in the Nosto admin.

The latter describes in brief for what purpose and what data Nosto uses on the selected Nosto account, which you might find useful when writing your own data privacy policy. You can find the tool under Settings > Data Controls > Legal