There’s been a lot of talk recently on some forums and message boards about what kinds of cookies Google Analytics sets on a person’s computer, what they do, and how long they last. So, I’ve decided to blog about it. However, be warned – there is a lot of “geek” talk here, but I’ll try my very best to break it all down in the simplest language possible.
The Very Basics – The Google Analytics Cookies
When someone visits a website that is properly coded with Google Analytics Tracking Code, that website sets four first-party cookies on the visitor’s computer automatically.
…Wait a Minute, What’s a “First-Party Cookie”?
A “first-party cookie” is a cookie that is set by that same website. This term exists because there are also “third-party cookies”, which are cookies that are set by other third party websites (you don’t even need to visit that third party website to have a cookie set – don’t worry, Google Analytics ONLY uses first-party cookies).
So, What Are These Four Cookies?
Well, there can be up to five different cookies that a website with Google Analytics tracking code sets on your computer. However, four of them are automatically set, while the fifth one is an optional cookie. Let’s take a look at each one.
The __utma Cookie
This cookie is what’s called a “persistent” cookie, as in, it never expires (technically, it does expire…in the year 2038…but for the sake of explanation, let’s pretend that it never expires, ever). This cookie keeps track of the number of times a visitor has been to the site pertaining to the cookie, when their first visit was, and when their last visit occurred. Google Analytics uses the information from this cookie to calculate things like Days and Visits to purchase.
The __utmb and __utmc Cookies
The B and C cookies are brothers, working together to calculate how long a visit takes. __utmb takes a timestamp of the exact moment in time when a visitor enters a site, while __utmc takes a timestamp of the exact moment in time when a visitor leaves a site. __utmb expires at the end of the session. __utmc waits 30 minutes, and then it expires. You see, __utmc has no way of knowing when a user closes their browser or leaves a website, so it waits 30 minutes for another pageview to happen, and if it doesn’t, it expires.
The __utmz Cookie
Mr. __utmz keeps track of where the visitor came from, what search engine you used, what link you clicked on, what keyword you used, and where they were in the world when you accessed a website. It expires in 15,768,000 seconds – or, in 6 months. This cookie is how Google Analytics knows to whom and to what source / medium / keyword to assign the credit for a Goal Conversion or an Ecommerce Transaction. __utmz also lets you edit its length with a simple customization to the Google Analytics Tracking code.
The __utmv Cookie
If you are making use of the user-defined report in Google Analytics, and have coded something on your site for some custom segmentation, the __utmv cookie gets set on the person’s computer, so that Google Analytics knows how to classify that visitor. The __utmv cookie is also a persistent, lifetime cookie.
That’s all Great, but What if Someone Deletes These Cookies from their Computers?
Unfortunately, you cannot do anything about someone deleting their cookies from their computers. The __utmb and __utmc cookies are gone before you know it, but the __utma, __utmz, and __utmv cookie (when applicable) will remain for a long period of time. Whenever someone deletes the __utma cookie, they are in essence deleting their history with your website. When they visit your website again, they are considered a brand new visitor, just as they were the first time they came around.
How Concerned Should I Be about This?
My thanks to Justin Cutroni’s “Google Analytics Shortcuts” book for the inspiration on this post :).