Nosto sets up persistent first party cookies using site's own domain (as a source domain) in order to identify browsers between their visits and during their visit. Cookie list (IDs) and behaviour listed below. Nosto keeps right to add/remove/change user status related cookies in order to develop the service to offer new features and benefits to merchants. All cookies have 4 year expiration time, but please note that retention time for personal data is notably shorter.
2c.cId - To identify browsers between their visits to the site.
2c.dId - If cross-device support (feature) enabled: To store previous customerId as device id when merging multiple devices as 1 customer profile
2c.dc - If pop-ups (feature) enabled: for storing status of various discount popups, ie. which pop-ups have been already shown and minimised etc.
If you want to disable Nosto script from loading and effectively disable Nosto personalisation on your site, read documentation here.
If you discovered this article in process of finding more information what kind of data Nosto processes and stores to fulfil requirements of GDPR article 30, two useful resources for you are Nosto's Data Processing Policy / Addendum and account-based Record of Processing Activities in the Nosto admin.
The tooling under Data Controls allows you to adjust what types of personal data Nosto processes, whereas Customer Removal Tool helps you to remove personal data from Nosto, should you receive "forget-me requests" by your customers.