I searched through Elfsight’s entire documentation and forum to learn more about the cookies and site data injected into our website by Elfsight and its widgets.
The only thing I could find concerning cookies and site data was the following:
Please explain in detail the purpose of each cookie and site data, type of data recorded, who has access to the site data, where is the data stored, and for how long is the data stored.
Due to privacy concerns, please provide a method that wil allow us to block and/or disable the above cookies and site data – as deemed necessary by the widget user.
Please update your documentation to cover this topic (and any other cookies and site data not mentioned in this topic).
The only cookie that the visitors of your website interact with is elfsight_viewed_recently - a cookie that prevents hyped-up views.
All the other cookies are the technical ones that influence only you as the widget owner, and they are necessary for the widget to work correctly. Your website visitors don’t see them, that’s why we haven’t included the article.
This way, your visitors will not interact with any of the other cookies you’ve specified on the page. You can make sure of it by checking your website in incognito mode:
The on-device site data you’re seeing appears because of the widget’s installation code. The code fetches resources and content from our external servers (elfsight.com and core.service.elfsight.com) to ensure that the widget functions properly on your website. This is completely normal, as it allows the widget to load and display content dynamically.
Please let me know if this clarifies things or if you have any questions left
Due to internal concerns, I still need a detailed reply for each cookie mentioned above. If it helps, I can take this topic this offline (i.e., send an email to Elfsight Support) Please advise.
Concerning the on-device site data, I’m OK with that. However, I was wondering why Elfsight pulls data from two (2) sources (i.e., URLs) instead of only one (1).
I’ve requested the info about these cookies from the devs. I’ll update you as soon as I have their response
As for the domains from your screenshot:
elfsight.com — this is where the platform’s script is loaded from; it scans the page to find widgets.
core.service.elfsight.com — when a widget is detected, a request is sent here to identify its type so the correct script can be loaded, and to retrieve the widget’s configuration.
The developers’ reply will help both us and all of your customers. When our team sees eight (8) plus Elfsight cookies loading in the backend/frontend, flags are automatically raised.
Our team has never seen this happen before with any other plugin or app. I hope you will understand.
Unfortunately, the dev who can answer this question is currently on vacation. As soon as he’s back in the office, he’ll check your request and I’ll update you here
Devs confirmed that only widget owners interact with these cookies. All of them serve to marketing purposes. They are stored up to 1 year and there is no way to disable/remove them.
I highly recommend Elfsight update its documentation (i.e., Cookie Policy, etc.) to list and explain all cookies (per GDPR and ePrivacy requirements), the data they are collecting, and provide instructions to restrict (i.e., block or reject ) all non-essential cookies at both a server and/or browser level.
I have analyzed several other AI Chatbot widgets and none of them come close to injecting the number of cookies that Elfsight does. Full transparency is appreciated.
To assist you guys, please review WordPress’ documentation concerning Cookies:
Again, thank you for your help and patience on this topic.
Yep, these cookies are not essential, since only the widget owner interact with them.
I got your point regarding adding the info about all cookies (including non-essential) tot the articles, and I’ve shared your feedback to the team. We’ll think about it
