Cookies used by ConvertFlow

Why does ConvertFlow use cookies?

Due to the recent changes to how browsers handle third-party cookies, ConvertFlow only relies on first-party cookies. This means the tracking cookie is limited to the scope of a root domain (example:, so the profiling won't carry over to another root domain.

Because first-party cookies are critical to the functionality of most websites, there's no worry about Chrome, Safari, Firefox, or Edge changing their privacy stance, which isn't the case for third-party "cross-domain" cookies that advertisers use for web retargeting.

This doesn't mean cross-domain personalization isn't possible with ConvertFlow. It still is.

A third-party contact database such as MailChimp, ActiveCampaign, HubSpot, etc. can be connected to each "website" sub-account implementation in ConvertFlow, and once the visitor is identified as a contact on either website, ESP/CRM targeting conditions will then apply for them to that website.

To stay compliant with GDPR, you can collect consent for both domain names in your privacy policy when collecting the visitor's email info.

If they become identified on the other website, the same ESP/CRM data could be used for targeting. There are multiple ways to identify contacts, especially if you already have their information.

First-party Cookies in ConvertFlow

The list of First-party cookies is present in the following table:

Cookie Name Cookie Type
Purpose Duration
cf_WEBSITEID_id Strictly Necessary Cookies has the unique visitor token identifier 1 Year
cf_WEBSITEID_logged_in Strictly Necessary Cookies
stores your login status 1 Year
cf_WEBSITEID_cta_CTAID Strictly Necessary Cookies stores the variant ID that succeeded in the split test 1 Year
cf_WEBSITEID_person_time Strictly Necessary Cookies when the visitor's tracking record was last fetched from our tracking database 1 Year
cf_WEBSITE_person_storage_prevent Strictly Necessary Cookies forces CF to fetch the visitor’s tracking record from the tracking database upon the next page hit 1 Year
viewedcta_CTAID Strictly Necessary Cookies marks that the CTA has been closed out so it can be suppressed for the set number of days 1 Year
cf_ctas Strictly Necessary Cookies timestamp of when we stored the CTA's info in local storage after loading it from our CDN
1 Year
cf_WEBSITEID_person Strictly Necessary Cookies tracking record of the visitor stored locally 1 Year

These cookies are necessary for the proper functioning of ConvertFlow and all campaigns.

WEBSITEID: Is the ConvertFlow website ID number that can be found in the install code or the account URL after "websites/"
CTAID: Is the campaign ID number that is found in the second part of the URL when in the campaign after "cta/"