Knowledge BaseSecurity Measures & Privacy Policy

Security Measures & Privacy Policy

Sana Commerce 9.0
Your connector

Cookies

Sana Commerce webstore uses cookies for webstore functionality and analytics information to identify the user and remember his or her preferences for the sole purpose of providing the service required by the user.

Cookies are small, often encrypted text files, stored on your computer in the browser directories. They are used to help users navigate the web site efficiently and perform certain functions. Cookies are created when the user's browser loads a particular web site. The web site sends information to the browser which then creates a text file. Every time the user goes back to the same web site, the browser retrieves and sends this file to the web site server. Cookies allow to automatically recognize the user whenever he or she visits the web site so that we can personalize the user's experience and provide him or her with better service. Sana Commerce also uses cookies for fraud prevention and other purposes.

The user can change browser settings at any time so that it will not automatically accept cookies or to clear cookies from the browser.

Sana Commerce uses the following cookies:


Cookie Name Description Duration
Session cookies Session cookies are used by the server to store information about user's page activities. Anonymous identifier of the current session is encrypted in the session cookies and they do not contain any personal information in the unencrypted form. Session cookie is stored in the temporary memory and is removed when a user closes the Web browser.
Authentication cookies Authentication cookies contain the heavily encrypted identifier of the authenticated web site visitor (shop account):
  • ASPXAUTH_SS for non-secure (HTTP) pages
  • ASPXAUTH_SS_s for secure (HTTPS) pages
Expiration date of the authentication cookie depends on whether a user selected the option 'Remember me' while logging in the web store.
If not selected, the authentication cookie will be deleted when the Web browser is closed.
If 'Remember me' is selected, the expiration date of the authentication cookie will be set to 30 days.
Anti-forgery cookies Anti-forgery cookies are used to prevent CSRF attacks. It guarantees that the user is the one who initially requested the page form. It prevents from anybody to forge a link and have it activated by an authenticated user. Anti-forgery cookies are removed when a user closes the Web browser.
Basket cookies Basket cookies contain the encrypted anonymous identifier of the visitor's basket and do not contain any personal information in the unencrypted form. Basket cookie is stored for 3 days.
Last viewed products cookies This cookie is used to store information about the last viewed products that are shown at the bottom of the product and product list pages. Last viewed products cookie is removed when a user closes the Web browser.
Third party cookies Third party cookies are outside of our control (hosted on their respective owner's domain). Thus, Sana Commerce cannot be responsible neither for their behavior nor for use. This applies to the services that are integrated with Sana Commerce, like Social sharing and Google Analytics. For more information, please read how Google Analytics and AddThis for social sharing are using cookies.  

The above-mentioned cookies are those that are used in the Sana Commerce solution that is delivered out of the box.

Cookie bar

European laws require that web site owners inform their users about the use of cookies. Without any development you can add a cookie bar to your web store which makes it simple and clear to the web store visitors that cookies are in use.

To add a cookie bar to your web store copy the code from the 'cookiebar' txt file and paste it to the following location in Sana Admin: Setup > Page elements & messages > HTML injections > Body end.

This code will add a cookie bar to the top of the web store from which web store visitors can agree with the use of cookies ('I agree') and read the detailed information about it on the 'Privacy policy' page ('More information').

If you open the 'cookiebar' txt file you will see the configuration section at the beginning. There you can change the text of the message shown on the cookie bar and the text of the buttons.

Knowledge BaseSecurity Measures & Privacy Policy