Cookie Policy

What are cookies?

Cookies are small text files stored in your web browser. A website can ask your web browser to remember a cookie, and then send the cookie back whenever you view a page on that website.

They improve things by:

  • Remembering settings, so you don’t have to keep re-entering them whenever you visit a new page
  • Remembering information you’ve given (eg your postcode) so you don’t need to keep entering it
  • Measuring how you use the website so we can make sure it meets your needs

You can view, manage and delete these small files using your web browser's settings whenever you want. It is possible to turn off all cookies, or decide which websites can use them.

This page describes how Indiid.net uses cookies, and what each cookie contains. Cookies are very important for Indiid.net - it is impossible to log in to Indiid.net without cookies.

Cookies used by Indiid

Indiid Session Cookies

A 'session' is a temporary record of whether you have logged in and how you are currently using Indiid.net. Your session information is stored on the Indiid.net servers, but to match your web browser to your session, we store a unique number for your session in a cookie. Indiid.net is made up of a different applications, so each has its own session and session cookie.

Without these cookies you would be unable to log in, as Indiid would immediately forget what you had done.

Name Purpose Expires
_indiid-info_session Your session id number. Sessions store if you have logged in. 1 year
_indiid-login_session Your session id number. Sessions store if you have logged in. 1 year
_indiid-account_session Your session id number. Sessions store if you have logged in. 1 year
_indiid-signup_session Your session id number. Sessions store if you have logged in. 1 year
_indiid-recover_session Your session id number. Sessions store if you have logged in. 1 year
_indiid-organize_session Your session id number. Sessions store if you have logged in. 1 year

Preferences

Login preferences are stored in cookies - they are used before you have logged in so they can't be stored in your account settings or session.

These cookies can be deleted without a problem - removing them will just clear the login settings and any remembered usernames, just as if you were logging in on a new PC.

Name Purpose Expires
remembered_login_prefs Settings for the Indiid.net login page 1 year
remembered_login_personas Usernames and user avatars shown on the login page. 1 year

Data Cookies

Data cookies are used to temporarily store and share data between Indiid.net applications. They are very short-lived.

You will probably never see these cookies.

Name Purpose Expires
chocolate Used to pass data between Indiid.net applications 5 minutes

Showing Fewer Irritating Messages

An EU law requires us to show you a message telling you that Indiid.net uses cookies. To avoid showing you this message every time you view a page, we use another cookie.

These cookies can be removed or blocked but you'll have to read various irritating messages on every page.

Name Purpose Expires
eu_cookie Indicates that a user has seen the EU cookie warning 1 year
browser_warning Indicates that a user has seen the unsupported web browser warning 1 year

Cookies Used By Applications

Indiid.net uses a variety of other web-based applications and other software. These may use their own cookies.

Shibboleth IDP Cookies

Indiid.net uses Shibboleth Identity Provider software to handle secure single sign on (SSO). The Shibboleth IDP requires its own cookies.

You will not be able to use Indiid.net without these cookies.

Name Purpose Expires
_idp_authn_lc_key contains only information necessary to identify the current authentication process (which usually spans multiple requests/responses) and is deleted after the authentication process completes seconds
_idp_session This cookie contains only information necessary for identifying the user's IdP session. This cookie is created as "session" cookie and will be removed when the browser chooses to remove such cookies (often when the browser is closed). Until browser is closed, normally.

Shibboleth SP Cookies

Websites using the Shibboleth Service Provider software to require logging in also require cookies.

You will not be able to use Indiid.net without these cookies.

Name Purpose Expires
_shibsession_6542[...] Contains the user's Shibboleth SP session (the parts of Indiid that require Shibboleth authentication) seconds

Tracking Cookies and Third-Party Cookies

Advertising and Tracking

Indiid.net does not use any advertising or tracking cookies, and never will.

Flash Cookies

Adobe Flash, a web browser plugin to display games, videos and interactive software, can store its own cookies away from normal web browser cookies. Flash is often used to store hidden tracking cookies. Indiid.net does not use Flash and does not store any Flash cookies.

Measuring Website Usage: Gauges

We use the Gauges service to record some simple usage statistics for Indiid.net. Gauges stores a few cookies to count your page views on Indiid.net. It does not record any personal information, or track you across websites.

These cookies are not required to use Indiid.net.

Name Purpose Expires
gauges_unique Contains a unique number to help count page views. Does not expire
gauges_unique_day Contains a unique number to help count page views. One day
gauges_unique_month Contains a unique number to help count page views. One month
gauges_unique_year Contains a unique number to help count page views. One year

Cookie Security

All cookies created by Indiid.net itself and by the Shibboleth software can only be sent over HTTPS (an encrypted connection) and can't be accessed by Javascript. Gauges cookies are not as strictly controlled but don't contain any private information.

How to manage cookies

Your web browser will have settings that let you view and delete cookies, and choose which websites can store cookies.

Session cookies should be removed when your browser is closed, but many recent browsers no longer do this - they keep session cookies so that pages can be quickly re-opened later.

More information

This page was influenced by the excellent cookie policy page on Gov.UK


To keep our terms as open and accessible as possible we make working copies of them available on Github. We encourage others to fork them (they are Creative Commons licensed) and reuse them.

Do you have ideas about how we can improve our terms and policies? Please send us a pull request (a bit techie) or raise an issue on Github, or just send us an email.