Why FullStory uses First Party Cookies

The FullStory recording script sets a single first-party cookie containing your end-user’s fs_uid when recording their activities on your site. This cookie uses your domain as the host, instead of “fullstory.com,” which is what distinguishes it as a first-party cookie. First-party cookies come with a variety of benefits over third-party cookies, both for you and your users.

Why first-party cookies matter to your users

Cookies are tiny pieces of identifying information, like digital name tags, that are stored on a user’s computer. When a user wants to access your website or app, their browser sends the cookie as part of their request to your server, as if to say, “Hello! It’s me again!” This is how your servers know whether to send back stateful information, such as items in an online shopping cart, or sensitive information about the user’s account (if they’re logged in).

The user’s browser will only send up a cookie that matches a domain it’s trying to access. If they’re trying to load the website “example.com,” the browser will send up any cookies that have “example.com” as their host. This prevents other websites from reading any information on cookies that don’t pertain to them, thus protecting the user’s sensitive information from prying eyes.

Importantly, this means an end user’s identity cannot be connected between multiple sites using FullStory. Each site sets a separate fs_uid cookie which can only be read by that site. Your customers don’t have to worry that FullStory is using their data to build profiles for sale or for ad delivery purposes—we couldn’t, even if we wanted to, which we don’t.

Why first-party cookies matter to you

Frankly, several browsers and even more browser extensions are set by default to block third-party cookies. That’s not without good reason: third-party cookies are most famously set by ad networks and are used to covertly build profiles of users’ activities all over the Internet. Most people fall into the categories of not knowing or caring about this type of tracking, but the segment of users who know, care, and actively avoid being tracked is growing.

We know you’re using FullStory to make your site better for your users, and we don’t want your fs_uid cookie to get caught up erroneously in third-party cookie blockers. So we only use first-party cookies. It’s a win-win situation: a better guarantee of privacy for your users, and a higher effective rate of cookie-setting for you!

Can’t find what you’re looking for?

The FullStory team awaits your every question.

Contact Us