Cookie Notice.
How TORTUS uses cookies and similar technologies on our website.
Introduction
This Cookie Notice informs visitors to our website about the use of cookies and similar technologies. It outlines what cookies are and where we use them, in line with our responsibilities under the Privacy and Electronic Communications Regulations (PECR) and the UK GDPR.
We are committed to protecting and respecting your privacy. If you have any questions about this notice or our approach to privacy, email us at support@tortus.ai.
Who we are
TORTUS AI LTD (‘Tortus’) is registered as a limited company (Companies House No. 14487060) in the United Kingdom. To enable us to offer services that process personal data in the UK we are registered with the Information Commissioner’s Office (ICO) under registration no. ZB512995.
What is a cookie?
Cookies are small text files placed on your computer by websites you visit. They are widely used to make websites work, or work more efficiently, and to provide information to the owners of the site. Cookies allow websites to recognise a user’s device and store information about preferences and past actions.
A cookie usually contains the name of the website it came from, a lifetime, and a randomly generated unique value. They do not, on their own, identify you as an individual but they do require your consent in most cases. Personal information we store about you may be linked to the information obtained from cookies.
To find out more about cookies, visit AllAboutCookies.org.
Cookies on the TORTUS website
The tables below list the cookies we use and the purposes they serve, grouped by provider.
Website analytics & marketing
| Cookie | Purpose | Duration | Type | Domain |
|---|---|---|---|---|
| __cf_bm | Cloudflare bot protection for HubSpot's CDN. Learn more. | 30 minutes | Necessary | .hubspot.com |
| _cfuvid | Cloudflare rate-limiting for HubSpot's CDN. Learn more. | Session | Necessary | .hubspot.com |
| __hssc | Tracks HubSpot sessions to determine if the session counter should increment. | 30 minutes | Analytics | .tortus.ai (HubSpot) |
| __hssrc | Set whenever HubSpot changes the session cookie, to detect browser restarts. | Session | Analytics | .tortus.ai (HubSpot) |
| __hstc | The main HubSpot cookie for tracking visitors. | 6 months | Analytics | .tortus.ai (HubSpot) |
| hubspotutk | Tracks a visitor's identity; passed to HubSpot on form submission and used to deduplicate contacts. | 6 months | Analytics | .tortus.ai (HubSpot) |
| _ga | Google Analytics — distinguishes unique users. | 2 years | Analytics | .tortus.ai |
| _ga_0SMZZMR1KF | Google Analytics — persists session state. | 2 years | Analytics | .tortus.ai |
| _gcl_au | Measures ad and campaign performance and conversion rates for Google Ads. | 3 months | Personalised Advertising | .tortus.ai |
| ar_debug | Used by Google Analytics to debug ads. | 1 year | Functional | .region1.google-analytics.com |
| _fbp | Used by Facebook to track activity across different websites. | 90 days | Analytics | .tortus.ai |
| datr | Identifies the browser connecting to Facebook for security and integrity. | 2 years | Security | .facebook.com |
| oo | Helps users opt out of Meta ads based on third-party activity. | 5 years | Advertising | .facebook.com |
| cookieyes-consent | Stores your cookie consent preferences. | 1 year | Functionality | .tortus.ai |
LinkedIn Insight Tag
| Cookie | Purpose | Duration | Type | Domain |
|---|---|---|---|---|
| bcookie | LinkedIn browser identifier used to recognise the browser across visits. | 1 year | Advertising | .linkedin.com |
| bscookie | LinkedIn secure browser identifier for authenticated sessions. | 1 year | Advertising | .www.linkedin.com |
| lidc | Used by LinkedIn for data centre routing. | 1 day | Functional | .linkedin.com |
| li_sugr | Used by LinkedIn to make a probabilistic match of a user's identity outside designated countries. | 90 days | Advertising | .linkedin.com |
| li_gc | Stores consent of guests regarding the use of cookies for non-essential purposes. | 6 months | Necessary | .linkedin.com |
| UserMatchHistory | LinkedIn Ads ID syncing — measures the performance of LinkedIn campaigns. | 30 days | Advertising | .linkedin.com |
| AnalyticsSyncHistory | Stores information about the time a sync took place with the lms_analytics cookie. | 30 days | Advertising | .linkedin.com |
PostHog product analytics
| Cookie | Purpose | Duration | Type | Domain |
|---|---|---|---|---|
| ph_<project-key>_posthog | PostHog product analytics — stores the distinct ID, session ID and feature-flag state to attribute events to a user across visits. | 1 year | Analytics | .tortus.ai |
| ph_<project-key>_window_id | PostHog session window identifier — groups events that belong to the same browser tab. | Session | Analytics | .tortus.ai |
Google Ads & DoubleClick
| Cookie | Purpose | Duration | Type | Domain |
|---|---|---|---|---|
| test_cookie | Google: checks whether the browser supports cookies. | 15 minutes | Functionality | doubleclick.net |
| id | Google ad personalisation across AdSense, Campaign Manager, DV360, GAM, SA360. | 13 months (EEA/UK) / 24 months elsewhere | Functionality, Advertising | doubleclick.net |
| IDE | Used by Google for ad measurement and reporting. | 13 months (EEA/UK) / 24 months elsewhere | Advertising | doubleclick.net |
| receive-cookie-deprecation | Google: Campaign Manager and Display & Video 360. | 6 months | Security, Advertising | doubleclick.net |
| pm_sess / pm_sess_NNN | Google: Campaign Manager, DV360, Google Ads, SA360. | 30 minutes | Security, Functionality | doubleclick.net, google.com |
| aboutads_sessNNN | Google: Campaign Manager, DV360, Google Ads, SA360. | 30 minutes | Security, Functionality | doubleclick.net, google.com |
| FLC | Google: Campaign Manager, DV360, SA360. | 10 seconds | Advertising | doubleclick.net |
| RUL | Google: Display & Video 360, Google Ads. | 12 months | Advertising | doubleclick.net |
| PAIDCONTENT | Google Surveys. | 30 days | Analytics, Advertising | doubleclick.net |
| APC | Google: Campaign Manager, Display & Video 360. | 6 months | Advertising, Security | doubleclick.net |
Cookies in the TORTUS app
The cookies below may be placed on your browser by our app.
| Cookie | Purpose | Duration | Type | Domain |
|---|---|---|---|---|
| Authorization | Stores session information used by the app. | Session | Necessary, Authentication | app.tortus.ai |
| __stripe_mid | Stripe security cookie used for payments and attack protection. | 1 year | Necessary, Payments | app.tortus.ai |
| __stripe_sid | Stripe security cookie used for payments and attack protection. | 30 minutes | Necessary, Payments | app.tortus.ai |
| _dd_s | Datadog RUM — TORTUS monitoring and attack protection. | 15 minutes | Necessary, Security | app.tortus.ai |
| _legacy_auth0.*.is.authenticated | Auth0 authentication. | 1 day | Necessary, Authentication | app.tortus.ai |
| _legacy_auth0.*.organization_hint | Auth0 authentication. | 1 day | Necessary, Authentication | app.tortus.ai |
| auth0.*.is.authenticated | Auth0 authentication. | 1 day | Necessary, Authentication | app.tortus.ai |
| auth0.*.organization_hint | Auth0 authentication. | 1 day | Necessary, Authentication | app.tortus.ai |
Auth0 authentication provider
| Cookie | Purpose | Duration | Type | Domain |
|---|---|---|---|---|
| auth0 | Implements the Auth0 session layer. | Session | Necessary | osler.tortus.ai |
| auth0_compat | Fallback for single sign-on on browsers without sameSite=None support. | Session | Necessary | osler.tortus.ai |
| auth0-mf | Establishes the trust level for a given device. | Session | Necessary, Security | osler.tortus.ai |
| auth0-mf_compat | Fallback for multi-factor authentication on browsers without sameSite=None support. | Session | Necessary, Security | osler.tortus.ai |
| a0_users:sess | CSRF protection in Classic Login flows. | Session | Necessary, Security | osler.tortus.ai |
| a0_users:sess.sig | CSRF protection in Classic Login flows. | Session | Necessary, Security | osler.tortus.ai |
| did | Attack protection — device identification. | Session | Necessary, Security | osler.tortus.ai |
| did_compat | Attack protection — fallback for anomaly detection. | Session | Necessary, Security | osler.tortus.ai |
Third-party service providers
Our service providers may set cookies on your device when you visit our website. We use Google Analytics to analyse website usage; it gathers information by means of cookies and produces reports about how the website is used.
Google’s privacy policy is available at google.com/policies/privacy and more information on the cookies used by Google Analytics is available at business.safety.google/adscookies.
How to change your cookie preferences
All modern browsers let you change your cookie settings in the default browser configuration. Blocking cookies may negatively affect the usability of many websites. The following links explain how to update browser cookie settings:
You can also opt out of cookies used by Google Analytics across all websites via the Google Analytics Opt-out tool.
Further information from the UK regulator
Further information from the Information Commissioner’s Office (ICO) on what you should expect from the use of cookies and your rights is available here: Cookies | ICO.