Effective Date: May 14, 2018
Cookies are small text files that are sent to the user´s terminal equipment (usually to the user´s browser) by visited websites; they are stored in the user´s terminal equipment to be then re-transmitted to the websites on the user´s subsequent visits to those websites. When navigating a website, a user may happen to receive cookies from other websites or web servers, which are the so-called "third party" cookies. This happens because the visited website may contain items such as images, maps, sound files, links to individual web pages on different domains that are located on servers other than the one where the page being visited is stored.
Cookies are present as a rule in substantial numbers in each user´s browser and at times they remain stored for long. They are used for several purposes ranging from IT authentication to the monitoring of browsing sessions up to the storage of specific information on user configurations in accessing a given server, and so on.
In order to appropriately regulate these devices, it is necessary to distinguish them by having regard to the purposes sought by the entities relying on them, as there are no technical features that allow differentiating them. This is actually the approach followed by Parliament, which provided for the obligation to obtain the users´ prior informed consent to the installation of cookies for purposes other than those of a merely technical nature – pursuant to EC directive 2009/136 (see Section 1(5), letter a), of legislative decree No. 69 of 28 May 2012, which amended Section 122 of the Code).
From this standpoint and for the purposes of this decision, cookies may be distinguished into two major group: "technical" cookies and "profiling" cookies.
a. Technical Cookies
Technical cookies are those used exclusively with a view to "carrying out the transmission of a communication on an electronic communications network, or insofar as this is strictly necessary to the provider of an information society service that has been explicitly requested by the contracting party or user to provide the said service." (see Section 122(1) of the Code).
They are not used for further purposes and are usually installed directly by the data controller or the website manager. They can be grouped into browsing or session cookies, which allow users to navigate and use a website (e.g. to purchase items online or authenticate themselves to access certain sections); analytics cookies, which can be equated to technical cookies insofar as they are used directly by the website manager to collect aggregate information on the number of visitors and the pattern of visits to the website; functional cookies, which allow users to navigate as a function of certain pre-determined criteria such as language or products to be purchased so as to improve the quality of service
Users´ prior consent is not necessary to install these cookies, whilst information under Section 13 of the code has to be provided in the manner considered to be most appropriate by the website manager – if only such cookies are relied upon
Profiling cookies are aimed at creating user profiles. They are used to send ads messages in line with the preferences shown by the user during navigation. In the light of the highly invasive nature of these cookies vis-à-vis users´ private sphere, Italian and European legislation requires users to be informed appropriately on their use so as to give their valid consent.
These cookies are referred to in Article 122(1) of the Code where it is provided that "Storing information, or accessing information that is already stored, in the terminal equipment of a contracting party or user shall only be permitted on condition that the contracting party or user has given his consent after being informed in accordance with the simplified arrangements mentioned in section 13(3)."
Opting Out. You can set your browser to not accept cookies, but this may limit your ability to use the Services. We currently don’t respond to DNT:1 signals from browsers visiting our Services. You can also opt out of receiving interest-based ads from certain ad networks here (or if located in the European Union, here).
Device Identifiers. Squarespace use device identifiers on web and mobile applications to track, analyze and improve the performance of the Services and our ads.
Third Party Tags. About Squarespace. We use and manage third party tags on the website and associated domains of www.squarespace.com and on Squarespace web and mobile applications. Third party tags may take the form of pixels or tracking snippets. We use pixels to learn how you interact with our site pages and emails, and this information helps us and our ad partners provide you with a more tailored experience. We use tracking snippets to capture data from your browser, make requests to a third party partner or set cookies on your device to store data. For example, if you see a Squarespace ad on a social media platform and choose to use Squarespace, we may use a tag to reduce the number of Squarespace ads you see on that platform. We use Google Tag Manager to manage our third party tag usage. This may cause other tags to be activated which may, for their part, collect data and set cookies under certain circumstances. Google Tag Manager does not store this data.
Cookies on Your Sites. For information about the cookies and similar technologies used on Your Sites click here.
About the cookies Squarespace uses
Last updated June 11, 2019
What are cookies?
Cookies are small pieces of data that websites store on a device. Cookies can improve your visitors’ browsing experience because they help websites remember preferences and understand how people use different features.
Functional and Required Cookies
Squarespace uses some necessary cookies because they allow visitors to navigate and use key features on your site. These cookies vary from site to site depending on the features it uses. For example, Functional and Required Cookies help these features work:
Name Type Duration Purpose
Crumb Cookie Session Prevents cross-site request forgery (CSRF). CSRF is an attack
vector that tricks a browser into taking unwanted action in an
application when someone’s logged in.
RecentRedirect Cookie 30 minutes Prevents redirect loops if a site has custom URL redirects. Redirect
loops are bad for SEO.
CART Cookie 2 weeks Shows when a visitor adds a product to their cart
hasCart Cookie 2 weeks Tells Squarespace that the visitor has a cart
Locked Cookie Session Prevents the password-protected screen from displaying if a
visitor enters the correct site-wide password.
SiteUserInfo Cookie 3 years Identifies a visitor who logs into a customer account
SiteUserSecureAuthToken Cookie 3 years Authenticates a visitor who logs into a customer account
Commerce-checkout-state sessionstorage Session Stores state of checkout while the visitor is completing their order
squarespace-popup-overlay localstorage Persistent Prevents the Promotional Pop-Up from displaying if a visitor
squarespace-announcement-bar localstorage Persistent Prevents the Announcement Bar from displaying if a visitor
ss_sd Cookie Session Ensures that visitors on the Squarespace 5 platformremain
authenticated during their sessions.
Test Cookie Session Investigates if the browsersupports cookies and prevents errors.
squarespace-likes localstorage Persistent Shows when you've already "liked" a blog post.
CHECKOUT_WEBSITE Cookie Session Identifies the correct site for checkout when
Checkout on Your Domain is disabled.
Analytics and Performance Cookies
We use Analytics and Performance cookies to collect information on your behalf about how visitors interact with your site. Storing these cookies is how we populate the data you find in Squarespace Analytics, such as traffic sources, unique visitors, and cart abandonment.
You can disable Squarespace Analytics and Performance cookies at any time.
Cookie Name Duration Purpose
ss_cid 2 years Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cvr 2 years Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cvisit 30 minutes Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cvt 30 minutes Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cpvisit 2 years Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cookieAllowed 30 days Remembers if a visitor agreed to placing Analytics cookies on their browser if a site is restricting the placement of cookies
Check your cookies
For the most common browsers, you can:
See which cookies are active in your browser’s settings.
Clear cookies from your browser or device, either globally or from a specific website.
For help locating cookies on your device, visit your browser's documentation: