Cookie Policy “Xchange”
Last revised: July 2022
This Cookie Policy explains how OSRAM uses cookies on The Xchange website.
Scope of data collection and Cookies employed
Our websites use cookies. Cookies are text files that are stored in or by the web browser on the user’s computer system. If a user calls a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be identified unambiguously when the website is called again.
Our Xchange website only uses cookies which are necessary for the operation of the website and the online offer (technically necessary cookie).
The following data may be stored in the cookies in order to make the website more convenient:
· Language settings;
· Articles in a shopping cart;
· Log-in information.
A detailed description of the cookies can be found in the Cookie Table below.
Cookie Table:
| What cookies do we use? | What are they called? | How long are they active | What do they do? | Which application does it use? |
| Required | apex__effacc | Persistent - 50 days | Used to store the effective account-ID | Salesforce |
| Performance | BT_sdc | Throughout the session | Contains non user specific data of the current visitor session (referrer, number of pages, number of seconds since session start). This cookie consists of a randomly generated string of numbers and letters and is used to uniquely assign data to the correct Internet browser of the user. | eTracker |
| Required | idccsrf | Throughout the session | Used for SSO authentication as CSRF protection.
SF: "Tracks CrossSiteRequestForgery validation for certain SSO flows." | Salesforce |
| Required | RSID | Throughout the session | Used for an admin user to "log in as" one of their org user.
SF: "Session ID and login-as session ID. In this case the cookies are copied to the response and in a proxy situation cause the target URL to rebuild appropriately. The cookies aren't created, examined, or modified." | Salesforce |
| Required | RRetURL | Throughout the session | Used for "log in as" to return to original page.
SF: "Used with 'Log in As' to restore the original state." | Salesforce |
| Required | inst | Throughout the session | Holds the instance information.
SF: "Used to redirect requests to an instance when bookmarks and hardcoded URLs send requests to a different instance. This type of redirect can happen after an org migration, a split, or after any URL update." | Salesforce |
| Required | oid | Persistent - 2 Years | Used to redirect a user to the correct Salesforce org and assist the user for the next login.
SF: "Stores the last logged in org for redirecting requests. Used for logging whether the cookie is present in site and community guest-user requests." | Salesforce |
| Required | x-ms-cpim-admin | Throughout the session | Holds user membership data across tenants. The tenants a user is a member of and level of membership (Admin or User). | Microsoft Azure |
| Required | x-ms-cpim-slice | Throughout the session | Used to route requests to the appropriate production instance. | Microsoft Azure |
| Required | x-ms-cpim-trans | Throughout the session | Used for tracking the transactions (number of authentication requests to Azure AD B2C) and the current transaction. | Microsoft Azure |
| Required | x-ms-cpim-sso:{Id} | Throughout the session | Used for maintaining the SSO session. | Microsoft Azure |
| Required | x-ms-cpim-cache:{id}_n | Throughout the session | Used for maintaining the request state. | Microsoft Azure |
| Required | x-ms-cpim-csrf | Throughout the session | Cross-Site Request Forgery token used for CRSF protection. | Microsoft Azure |
| Required | pctrk | Persistent - 1 Year | Used to deliver requested pages and content based on a user's navigation. Used to count page views by unauthenticated users against license usage.
SF: "Used to track unique page visitors in Experiences." | Salesforce |
| Preference | BT_pdc | Persistent - 1 Year | Contains Base64-coded visitor history data (is customer, newsletter recipient, visitor ID, displayed smart messages) for personalization. | eTracker |
| Performance | isSdEnabled | Persistent - 1 Day | Detection of whether the visitor's scroll depth is measured. | eTracker |
| Required | sid | Throughout the session | Used to validate user session.
SF: "SessionID." | Salesforce |
| Required | apex__cclgtkn | Throughout the session | Used for admin debugging | Salesforce - Cloud Craze |
| Preference | _et_coid | Persistent - 2 Years | Helps to detect activated cookies | eTracker |
| Required | sid_Client | Throughout the session | Used to validate orgid and userid on the client side.
SF: "Used to detect and prevent session tampering." | Salesforce |
| Required | CookieConsentPolicy | Persistent - 1 Year | Used to apply end-user cookie consent preferences set by our client-side utility. | Salesforce |
| Required | LSKey-c$CookieConsentPolicy | Persistent - 1 Year | Used to apply end-user cookie consent preferences set by our client-side
utility.
Info from SF Support 2022-03-17:
LSKey-c$CookieConsentPolicy cookie is same as “CookieConsentPolicy”. LSKey[c], it's the prefix for Locker Service. This is an essential cookie if you have locker services turn on in experience cloud. | Salesforce |
| Required | apex__guestSalesOrg | Throughout the session | Stores the selected salesorg for guest user | OSRAM Website |
| Functional | et_allow_cookies | Persistent - 480 days | Used to indicate whether etracker may set cookies | eTracker |
| Required | apex__RRetURL | Throughout the session | To store return URL after logging in | OSRAM Website |
| Required | esctx | Throughout the session | AAD authn flow related | Microsoft Azure |
| Required | fpc | Persistent - 30 days 1h 1min 31s | First Party cookies for visitor tracking whenever third-party cookie blocks are in place. e. | Microsoft Azure |
| Required | stsservicecookie | Throughout the session | AAD authn flow related | Microsoft Azure |
| Required | x-ms-gateway-slice | Throughout the session | AAD authn flow related | Microsoft Azure |
| Required | SignInStateCookie | Throughout the session | AAD authn flow related | Microsoft Azure |
| Required | buid | Persistent - 1 Month | AAD authn flow related | Microsoft Azure |
| Required | ch | Persistent - 3 Months | AAD authn flow related | Microsoft Azure |
| Required | ESTAUTH | Throughout the session | AAD authn flow related | Microsoft Azure |
| Required | ESTAUTHPersistent | Persistent - 3 Months | AAD authn flow related | Microsoft Azure |
| Required | x-mx-RefreshTokenCredential | Throughout the session | AAD authn flow related - Primary Refresh Token | Microsoft Azure |
| Required | ESTSSC | Throughout the session | AAD authn flow related | Microsoft Azure |
| Required | ESTSAUTHLIGHT | Throughout the session | AAD authn flow related | Microsoft Azure |
| Required | ESTSSSOTILES | Persistent - 10 years | AAD authn flow related - Seamless SSO status | Microsoft Azure |
| Required | brcap | Persistent - 1 Year | AAD authn flow related | Microsoft Azure |
| Required | CCState | Persistent - 4 Days | AAD authn flow related - login user context (base64 encoded) | Microsoft Azure |
| Required | wlidperf | Persistent - 10 Days | AAD authn flow related | Microsoft Azure |
| Functional | et_oi_v2 | Persistent - 480 days for YES & 50 years for NO | Opt-In Cookie stores the visitor's decision when the tracking opt-in is played on the customer's page. Also used for an eventual opt-out. | eTracker |
| Required | apex__xCCookiePolicy | Persistent - 1 Year | This cookie will store the current user's cookie selection for the defined duration. | OSRAM Website |
Xchange website does not employ cookies for customer advertising and analysis purposes.
Personalized tracking for Marketing Purposes
Personalized Tracking via etracker
The etracker technology based on the use of specific etracker cookies is used for personalized tracking with aim of further customer advertisement or analysis of your customer behaviour, if you accept application of these cookies for this purpose in the Cookie Banner or agree to it in Your Cookies Settings. In this case, the data on visitor behaviour (e.g. your preferences, visited subpages, goods in your shopping cart, etc.) may be analysed in order to detect customers trends and potentially make proposals in regard to items that be interesting to you.
Changes to Cookie settings for and withdrawal of consent to cookies
Since some basic functions of this website, e.g. shopping cart, contact form, etc., cannot be used properly without cookies, the user has no possibility of objection to these technically necessary cookies; these cookies can only be deactivated by setting the respective browser. In this case these functions can no longer be used.
You can change your cookie settings in your web browser. The browser settings for cookies are usually found in the “Options,” “Tools” or “Preferences” menu of your web browser. You can also refer to your browser’s “Help” menu. Different browsers may use different mechanisms to disable cookies.
You can find more information on changing your cookie settings at:
· Cookie settings in Firefox
· Cookie settings in Chrome
· Cookie settings in Safari
You can find more information on blocking or deleting cookies at: www.allaboutcookies.org
In case you provided a consent for the processing by etracker cookies for personalized tracking, this consent can be withdrawn anytime in the Your Cookie Settings.
Purpose of data processing
The purpose of technically necessary cookies is to make it easier to use websites. Some functions of our website cannot be offered without the use of cookies. It is necessary for these cookies to be recognized again by the browser when the user moves to another page. The user data collected by technically necessary cookies is not used to create user profiles.
Functional cookies enable the website to provide enhanced functionality. They may be set by us or third-party providers whose services we have added to our page.
Contact data
If you have any further questions on OSRAM’s Cookie Policy, please do not hesitate to contact us at privacy@ams-osram.com or at:
OSRAM GmbH
CDPO - Corporate Data Protection Office
Marcel-Breuer-Str. 6
80807 Munich
Germany