Knowledge BaseSecurity Measures & Privacy Policy

Security Measures & Privacy Policy

Sana Commerce 9.2
Your connector

Cookies

Sana Commerce webstore uses cookies for webstore functionality and analytics information to identify the user and remember his or her preferences for the sole purpose of providing the service required by the user.

Cookies are small, often encrypted text files, stored on your computer in the browser directories. They are used to help users navigate the web site efficiently and perform certain functions. Cookies are created when the user's browser loads a particular web site. The web site sends information to the browser which then creates a text file. Every time the user goes back to the same web site, the browser retrieves and sends this file to the web site server. Cookies allow to automatically recognize the user whenever he or she visits the web site so that we can personalize the user's experience and provide him or her with better service. Sana Commerce also uses cookies for fraud prevention and other purposes.

The user can change browser settings at any time so that it will not automatically accept cookies or to clear cookies from the browser.

Sana Commerce uses the following cookies:


Cookie Name Description Duration
Session cookies Session cookies are used by the server to store information about user's page activities. Anonymous identifier of the current session is encrypted in the session cookies and they do not contain any personal information in the unencrypted form. Session cookie is stored in the temporary memory and is removed when a user closes the Web browser.
Authentication cookies Authentication cookies contain the heavily encrypted identifier of the authenticated web site visitor (shop account):
  • ASPXAUTH_SS for non-secure (HTTP) pages
  • ASPXAUTH_SS_s for secure (HTTPS) pages
Expiration date of the authentication cookie depends on whether a user selected the option 'Remember me' while logging in the web store.
If not selected, the authentication cookie will be deleted when the Web browser is closed.
If 'Remember me' is selected, the expiration date of the authentication cookie will be set to 30 days.
Anti-forgery cookies Anti-forgery cookies are used to prevent CSRF attacks. It guarantees that the user is the one who initially requested the page form. It prevents from anybody to forge a link and have it activated by an authenticated user. Anti-forgery cookies are removed when a user closes the Web browser.
Basket cookies Basket cookies contain the encrypted anonymous identifier of the store visitor's basket and do not contain any personal information in the unencrypted form. The basket cookie is used only for anonymous webstore visitors (those who are not logged in to the webstore). When the customer logs in to the webstore, his or her account will be connected to the basket stored in the Sana database. The basket of the customer is stored in the database without expiration. Basket cookie is stored for 3 days.
Guest cookies Guest cookies store billing information of a shopper who places an order without registration.

For more information, see 'Guest Checkout'.

Guest cookie is stored for 3 days.
Last viewed products cookies This cookie is used to store information about the last viewed products that are shown at the bottom of the product and product list pages. Last viewed products cookie is removed when a user closes the Web browser.
Third party cookies Third party cookies are outside of our control (hosted on their respective owner's domain). Thus, Sana Commerce cannot be responsible neither for their behavior nor for use. This applies to the services that are integrated with Sana Commerce, like Social sharing and Google Analytics. For more information, please read how Google Analytics and AddThis for social sharing are using cookies.  

The above-mentioned cookies are those that are used in the Sana Commerce solution that is delivered out of the box.

Knowledge BaseSecurity Measures & Privacy Policy