Published:
10 March 2023
Last updated:
19 March 2025
Cookies are small files that are saved on your device when you visit a website. We explain below what cookies we use and why.
Strictly necessary cookies
These cookies make our websites work as they should. They do things like:
- remember your selections or preferences so that you don't have to set them again
- help our servers cope with changes in site traffic
- protect websites against attacks.
We use necessary cookies on the following domains:
- Ofcom: https://www.ofcom.org.uk
- Workday: Please see separate workday cookies policy
- The Office of the Telecommunications Adjudicator: http://www.offta.org.uk
- The Office of the Adjudicator – Broadcast Transmission Services: http://ota-bts.org.uk/*
- The Office of the Adjudicator – Contracts Rights Renewal (CRR): http://www.adjudicator-crr.org.uk/*
- Ofcom mobile and broadband checker: https://checker.ofcom.org.uk*
- Ofcom online licensing services: https://ofcom.force.com/licensingcomlogin*
- OPIR, SPECTRAsc, Payments, and Business radio management portal: secure.ofcom.org.uk*
- Number management system: https://ofcom.force.com/NMS_LoginPage*
- PMSE: https://pmse.ofcom.org.uk/Pmse/Ecom/LoginPage.aspx*
- Various legacy subsites beginning https://static.ofcom.org.uk/*
You can restrict or block these cookies through your browser settings, but this may impact your experience of our websites.
| Name | Purpose | Expiration |
|---|---|---|
| ARRAffinity | This cookie is set by websites run on the Azure cloud platform. It is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. | When User closes browser |
| ARRAffinitySameSite | This cookie is set by websites run on the Azure cloud platform. It is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. | When User closes browser |
| .AspNetCore.Antiforgery.xxxxxx | This cookie used by the Optimizely and protects the user against cross-site request forgery (CSRF). | When User closes browser |
| OpenIdConnect.nonce.xxxxxx | The OpenIdConnect.nonce.xxxxxx cookie is used to identify internal maker sessions when a site is in private mode. It also associates a client session with an ID token and mitigates replay attacks. | When User closes browser |
| EPiStateMarker | This cookie is functionality-related. Indicates how session-based information on the visit should be stored, using sessions or cookies. | When User closes browser |
| AspNetCore.Session | Cookies(Created at the time of login CMS ) created for Ofcom, DRCF, Ofta and online safety. | When User closes browser |
| _cfuvid | The _cfuvid cookie is only set when a site uses this option in a Rate Limiting Rule, and is only used to allow the Cloudflare WAF to distinguish individual users who share the same IP address. | When User closes browser |
| SiteWideAlertBanner | This cookie is used to set the dismissed status of Site wide alert in Ofcom website. | When User closes browser |
| is | This cookie identifies a visitor's session. This cookie is used in conjunction with the iv cookie, and is erased when the visitor closes the browser. | Same day |
| ai_session | This cookie supports the monitoring of the website's performance via Application Insights. | Same day |
| .EPiForm_BID | This cookie is used when a visitor submits data to via an Optimizely form. This cookie allows us to identification of the form submission made to the site. | 3 months |
| .EPiForm_VisitorIdentifier | This cookie is used when a visitor submits data to via an Optimizely form. This cookie allows us to identification of the form submission made to the site. | 3 months |
| AEC | Google security cookie used to confirm visitor authenticity, protect visitor data and prevent fraudulent use of credentials | 6 months |
| _grecaptcha | Functional google cookie used for risk analysis in spam protection and may store browsing device | 6 months |
| ai_user | This cookie supports the monitoring of the website's performance via Application Insights. | 1 Year |
| ToastPopupBlocked | This cookie is used get the Toast consent and allow or block the Toast notifications in Ofcom website. | 1 year |
| PageSpecCookie | This cookie is used to set the dismiss 30 days state of Page specific information banner in Ofcom website. | 1 year |
| .Azure.Cookies | This cookie is used by Microsoft Azure to help direct your request to the correct server. This cookie is used as part of a defence against a malicious online attack wherein a hacker tricks an unsuspecting user into clicking on an unintended link. | 1 year |
| LSKey-c$CookieConsentPolicy | Salesforce cookie to apply cookie consent preference set by our client-side utility | 1 year |
| __Secure-ENID | Google security cookie used to confirm visitor authenticity, protect visitor data and prevent fraudulent use of credentials | 1 year |
| EPi:NumberOfVisits | This cookie is only used when using the Visitor Group 'Number of Visits' criteria. It is used to store what the number of times you access pages on the site. It allows personalisation of content based on the frequency you have viewed content on the site. | 1 Year |
| apt.sid | This cookie is used for Optimizely Telemetry data. | 1 year |
| apt.uid | This cookie is used for Optimizely Telemetry data. | 1 year |
| _fw_crm_v | The cookie named _fw_crm_v is associated with Freshworks. It is a website analytics cookie that is used to determine if a user's browser supports cookies. This cookie holds the tracker id Freshworks use to identify the user who is coming back on to the chat widget for the embedded Freshworks form on the contact page. It is required to enable the site to function. This cookie is provided by Freshworks. Please view their privacy statement here - https://www.freshworks.com/privacy/ | 1 year |
| CookieControl | Used by civic to read users cookie preferences when it loads the CMP | 1 year, 1 month and 4 days |
| iv | This cookie tracks the anonymous visitor's actions across the the site. This is a persistent cookie. | 1 year, 1 month and 4 days |
| BrowserId, BrowserId_sec | Salesforce cookies used for security protections. | 2 year |
| SLIB_AWS | Server performance data | TBC |
Analytics cookies
These cookies help us understand how people use the following websites:
- Ofcom: https://www.ofcom.org.uk
- Ofcom mobile and broadband checker: https://checker.ofcom.org.uk
- The Office of the Telecommunications Adjudicator: http://www.offta.org.uk
This includes how many people visit a website, which pages they view and how they navigate through it. We use this information to make improvements. Anonymous data is used.
| Name | Purpose | Expiration |
|---|---|---|
| hjIncludedInSessionSample | Hotjar cookie set to determine if a user is included in the data sampling defined by your site's daily session limit. | Same day |
| _hjIncludedInPageviewSample | Hotjar cookie set to determine if a user is included in the data sampling defined by your site's pageview limit. | Same day |
| _hjAbsoluteSessionInProgress | Hotjar cookie used to detect the first pageview session of a user. | Same day |
| _hjFirstSeen | Hotjar cookie used by Recording filters to identify new user sessions. | Same day |
| _hjSession* | A cookie that holds the current session data. This ensures that subsequent requests within the session window will be attributed to the same Hotjar session. | Same day |
| _gid | Google Analytics cookie to distinguish users. | 1 day |
| _gat | Google Analytics cookie used to throttle the speed of requests to the server. | 1 day |
| AWSALBCORS | Siteimprove cookie that ensures all page views for the same visit (user session) are sent to the same endpoint. | 7 days |
| _hjSessionUser* | Hotjar cookie that is set when a user first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. | 1 year |
| nmstat | Siteimprove cookie used to collect statistics about site usage. Read more about how Siteimprove process personal data in their privacy notice. | 1 year |
| ajs_anonymous_id | JIRA cookie used to store last visits to a website | 1 year |
| _ga* | Google Analytics cookie to collect data on website traffic. Please refer to Google Analytics’ data practices. | 1 year, 1 month and 4 days |
Third party/marketing cookies
These cookies support your visit on the website as well as the performance of our communications campaign activity on Google Ads. We use these cookies on Ofcom.org.uk.
| Name | Purpose | Expiration |
|---|---|---|
| OGPC | Google cookie used for ads | When User closes browser |
| ysc | Youtube cookie to remember user input and associate a user’s actions. | When User closes browser |
| APISID, SID | Google Ads Optimization cookie to collect visitor information for Youtube and Google maps | When User closes browser |
| DV | Google cookie used to provide ad delivery or retargeting on Google ads | 1 day |
| DSID | Google cookie that stores user preferences | 2 weeks |
| OTZ | Google ads used to link user website activities with other devices which have been logged in via Google account to better tailor ads | 1 month |
| visitor_info1_live | Youtube cookie used to to provide bandwidth estimations. | 1 month |
| device_info | Youtube cookie used to track user interaction with embeded content. | 5 months |
| SOCS | Google cookie used to store user preference and personalised ads | 13 months |
| AID | Google cookie used to link user website activities with other devices which have been logged in via Google account to better tailor ads | 2 years |
| __Secure* | Google cookie used to profile the interests of website visitors to serve relevant and personalised ads through retargeting. | 2 years |
| CONSENT | Google cookie used to store user preference and personalised ads | Persistent |
How to control and delete cookies
You can update your cookies preferences for Ofcom.org.uk by clicking the cog icon in the bottom left corner of the screen.
You can block or remove cookies set by our other websites – see the full list of domains under ‘Necessary cookies’ above – through your browser settings. This guide tells you how to manage cookies on a range of browsers.