Cookie name | Purpose | Duration | Cookie source and ownership | Information recorded | Cases in which it is used | Access to information | Cookie and Privacy Policy of any third parties who have access to information |
[FormName]_[Number] | Antiforgery Cookie. This cookie is used as a security token in order to prevent other sites to clone forms. (CSRF vulnerabilities) | Session | YNAP | In general any Form of the page will produce a a token identifiying the Form instance | Whole site | YNAP | Not applicable |
__Secure-HSID | These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier for tracking purposes | 6 Months | Google | | Whole site | Google | https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en |
__Secure-SSID | These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier for tracking purposes | 6 Months | Google | | Whole site | Google | https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en |
_abck | Security Detections. The purpose is hidden as they will not give information to the attackers of what each cookie is doing in terms of functionality. | Session | Akamai | | Whole site | Akamai | https://www.akamai.com/uk/en/privacy-policies/manage-preferences.jsp |
ak_bmsc | Security Detections. The purpose is hidden as they will not give information to the attackers of what each cookie is doing in terms of functionality. | Session | Akamai | | Whole site | Akamai | https://www.akamai.com/uk/en/privacy-policies/manage-preferences.jsp |
ak_wfSession | Security Detections. The purpose is hidden as they will not give information to the attackers of what each cookie is doing in terms of functionality. | Session | Akamai | | Whole site | Akamai | https://www.akamai.com/uk/en/privacy-policies/manage-preferences.jsp |
AKA_A2 | Used to improve site performance | 1 hour | Akamai | Akamai Internal Data | Whole site | Akamai | https://www.akamai.com/it/it/multimedia/documents/akamai/akamai-privacy-statement-july-2018.pdf |
AWSELB | This cookie is used to enable session affinity to correctly access WCS API behind the api load balancing system. | Session | YNAP | WCS API Token, returned by WCS API. | Whole site | YNAP | Not applicable |
bm_mi | Security Detections. The purpose is hidden as they will not give information to the attackers of what each cookie is doing in terms of functionality. | Session | Akamai | | Whole site | Akamai | https://www.akamai.com/uk/en/privacy-policies/manage-preferences.jsp |
bm_sv | Security Detections. The purpose is hidden as they will not give information to the attackers of what each cookie is doing in terms of functionality. | Session | Akamai | | Whole site | Akamai | https://www.akamai.com/uk/en/privacy-policies/manage-preferences.jsp |
bm_sz | Security Detections. The purpose is hidden as they will not give information to the attackers of what each cookie is doing in terms of functionality. | Session | Akamai | | Whole site | Akamai | https://www.akamai.com/uk/en/privacy-policies/manage-preferences.jsp |
dtCookie | | Session | Dynatrace | Alphanumeric ID | Whole site | YNAP | https://www.dynatrace.com/support/help/data-privacy-and-security/ |
dtLatC | Measures server pings to monitor performance | Session | Dynatrace | Number calculated on Latency Value | Whole site | YNAP | https://www.dynatrace.com/support/help/data-privacy-and-security/ |
dtPC | Necessary to identify endpoints for beacon transmission; includes session ID for association | Session | Dynatrace | Alphanumeric ID | Whole site | YNAP | https://www.dynatrace.com/support/help/data-privacy-and-security/ |
dtSa | Saves the names of user actions, such as clicks on “Log in” on various pages. It is necessary because loading a new page causes JavaScript code to restart; therefore all contextual information must be memorised in the cookies. | Session | Dynatrace | String including the Action Performed by the end-user | Whole site | YNAP | https://www.dynatrace.com/support/help/data-privacy-and-security/ |
EGAIN_CONF_[Number] | Used to retrieve all site information (e.g. language, brand, country etc.) and used by the Customer Care portal to share information between the store and eGain | 1 year | YNAP | All information linked to the section: LANG_ID, SITE_CODE, area, areaId, configurationId, countryCode, countryId, countryName, domain, ip , mDevType (mobile configuration), mEnablemRes (mobile configuration), sitename_redirect, store, storeId | Only on Customer Care pages | eGain | Not applicable |
fastregFirstVisit | Cookie that establishes if the user has already seen the newsletter on landing or not. If false, the newsletter is shown; if true, it is not. | 1 year | YNAP | Boolean value | Whole site | YNAP | Not applicable |
ferraricookieconsent | Indicates which cookie categories the user consents to. | 13 Months | Ferrari | Boolean value | | Ferrari | https://www.ferrari.com/en-EN/cookie-policy |
initialTrafficSource | Referral traffic source information. | Session | Ferrari | | | Ferrari | |
JSESSIONID | This cookie is used to enable session affinity to correctly access WCS API behind the api load balancing system. | Session | YNAP | WCS API Token, returned by WCS API. | Whole site | YNAP | Not applicable |
OGPC | This cookie enables the functionality of Google Maps. | 1 month | Google | | Whole site | Google | https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en |
pushbar | Used to show the open push bar on first landing and when cookies have been cleared. | 1 year | YNAP | A value that corresponds to the first site landing | Whole site | YNAP | Not applicable |
RESOURCEINFO | The cookie persist information about browsing device type | Session | YNAP | It contains browsing device type (desktop, tablet, mobile) | Whole site | YNAP | Not applicable |
RT | It contains various pieces of information about the user’s session | Persistent | mPulse | Session data (IDs,Timestamps,URLs) | Whole site | YNAP | https://developer.akamai.com/tools/boomerang/#Cookies |
rxVisitor | Visitor ID to associate sessions | Persistent | Dynatrace | Alphanumeric ID | Whole site | YNAP | https://www.dynatrace.com/support/help/data-privacy-and-security/ |
rxvt | Session timeout | Session | Dynatrace | Timestamp | Whole site | YNAP | https://www.dynatrace.com/support/help/data-privacy-and-security/ |
sec_cpt | | Session | Akamai | | Whole site | Akamai | https://www.akamai.com/uk/en/privacy-policies/manage-preferences.jsp |
simpleSSO_auth_cookie | Single sign-on (SSO) is a session/user authentication process that permits a user to enter one name and password in order to access on entire ferrari’s world (ex. “.ferrari.com”). | 2 years | Ferrari | | Whole site (only if the user is logged in) | Ferrari | https://www.ferrari.com/en-EN/cookie-policy |
tc_cj_v2 | Deduplication storage for Customer Journey (CJ) | 1 year | Commanders Act | CJ storage of deduplication (parameter “med”) | Whole site | Commanders Act | https://www.commandersact.com/en/privacy/ |
tc_sample_{idsite}_{idrule} | Used if “sampling” method is used within the container | 1 year | Commanders Act | Information on container sampling | Whole site | Commanders Act | https://www.commandersact.com/en/privacy/ |
TCPID | Used by the TRUST v1 and v2 privacy module | 396 days | Commanders Act | TRUST module identifier | Whole site | Commanders Act | https://www.commandersact.com/en/privacy/ |
TS0xxxxxxxx (nome cookie randomico, comincia sempre con TS) | Site security | 1 day | YNAP | Randomic number not used by the application | Whole site | YNAP | Not applicable |
UI | This cookie is used as a key for akamai staticization. | Session | YNAP | It contains information useful to define an unambiguos key to allow Akamai staticization (device type, cache key, abtests, language). | Whole site | YNAP | Not applicable |
UI-PERSISTENT | It's a long term copy of the cookie UI, it's used to render accessibile markup when relevant. | 1 year | YNAP | It contains information useful to define an unambiguos key to allow Akamai staticization (device type, cache key, abtests, cache key, language). | Whole site | YNAP | Not applicable |
VISIT | This cookie persist the country the User is browsing | Session | YNAP | country, isocode, sitecode of the country the user is currently navigating. | Whole site | YNAP | Not applicable |
Y-Country-Language | | 1 day | Akamai | Country/language selected by the user | Whole site | YNAP | Not applicable |
YEDGESESSION | Used to identify the website | Session | Akamai | User login | Whole site | YNAP | Not applicable |
yTos.CookieLaw | This cookie store the information about whether the cookie law was accepted or not | 1 year | YNAP | whether or not cookie law has been accepted by current user | Whole site | YNAP | Not applicable |
yTos.IdpLoginData | This cookie is used only on stores with identity provider login (only Ferrari at the moment), in order to allow the user to login through a third party identity provider. | 10 minutes | YNAP | tokens returned by the identity provider, used to access the site as a logged user. | Whole site (only if the user is logged in) | YNAP | Not applicable |
yTos_accengage | This cookie store the behavior of the user with the web push notification | 1 year | YNAP | Boolean value | Whole site | YNAP | Not applicable |
ytos-session-FERRARI | This cookie store the identifier of the user's session | 1 year | YNAP | A simple id that refers to a session on our database. | Whole site | YNAP | Not applicable |