Surfshark Cookie Policy
Last Update 2025.10.13.
Most sites on the internet, including Surfshark’s, use cookies, pixels, web beacons, and other similar technologies (collectively called “cookies”), as they are pretty convenient to help provide, protect, and improve our Services and Website.
1. What is a cookie?
A cookie is a small string of data that transfers to your computer for identification purposes.
Surfshark utilizes cookies for several reasons, all aimed at enhancing your experience and ensuring the security of our services. These small data files help us maintain the efficient and secure functioning of our Website, allowing us to detect and prevent fraud effectively. Cookies also enable us to remember your preferences and recognize you as a returning visitor, tailoring your browsing experience by analyzing your habits and personalizing content. Furthermore, we gather statistical information on Website traffic and usage, and to display customized advertisements that are more relevant to your interests.
2. What categories of cookies does Surfshark collect?
Surfshark uses the following categories of cookies:
By cookie purpose
| Necessary cookies | These cookies are crucial for the core operations of our Website, and they're automatically placed on your devices to keep things running smoothly — no explicit consent needed. |
|---|---|
| Analytic cookies | These cookies help us to understand your browsing behavior. They track which parts of our Website you find most engaging and flag any areas where you hit an error. They allow us to make improvements to our Website and analyze their performance. |
| Marketing cookies | These cookies are used to track user activity and sessions so that we can deliver a more personalized service. Marketing cookies are set by third parties with whom we execute marketing campaigns and allow us to provide marketing relevant to you. |
| Affiliate | Affiliate cookies allow us to identify the customers referred to our Website by our partners so that we can grant the referrers their commission. |
By cookie origin
| First-party cookies | These are placed directly by our Website on your device. |
|---|---|
| Third-party cookies | These are placed by other services that are integrated into our Website, like analytics or advertising platforms. For example, if you click a partner's link to reach our site, a third-party cookie might be used to track that interaction so that the partner can provide you with relevant offers. |
By cookie duration
| Session | These are temporary and are deleted as soon as you close your browser. |
|---|---|
| Persistent | These stay on your device for a set amount of time, which can range from a few days to several years. They will remain there unless you delete them yourself. You can learn how to do this in the "How to control cookies" section of the Cookie Policy. |
There are many great resources to learn about the different types of cookies and how they work. You can check out websites like https://knowcookies.com/ or https://allaboutcookies.org/.
3. What specific cookies Surfshark collects?
We may occasionally test new cookies on our Website, and any that are permanently adopted will be added to the table below:
| Cookie name | Cookie expiry | Provenance | Purpose | Cookie Category |
|---|---|---|---|---|
| surfshark-locale | 29 days | Surfshark | It stores user's selected website language. | Necessary (functional) |
| surfshark-experiments | 1 year | Surfshark | It stores data for our user experience testing. | |
| surfshark-alert-coupon | Session | Surfshark | Used to store the coupon which will be used during the purchase of the Alert service. | |
| _sstk | 2 hours | Surfshark | Used for authentication purposes. | |
| _ssexp | 2 hours | Surfshark | Used for authentication purposes. | |
| _ssrtk | 2 hours | Surfshark | Used for authentication purposes. | |
| sf-la | 30 days | Surfshark | Landing page tracking cookie which indicates the source of the last visit. | |
| sf-fi | 30 days | Surfshark | Landing page tracking cookie which indicates the source of the last visit. | |
| sf-rf | 30 days | Surfshark | Referral tracking cookie. | |
| __zlcmid | Persistent | Third party (Zendesk) | To store unique user ID (for chat purposes). | |
| surfshark-cookies-consent | 6 months | Surfshark | Used to store user cookie consent. | |
| _cq_duid | 3 months | Third party (Cheq) | Used to detect domain sessions per device. | |
| _cq_suid | Session | Third party (Cheq) | Used to detect browser sessions per domain and device. | |
| _cq_tuid | Session | Third party (Cheq) | Used to detect tab sessions per device. | |
| _cq_check | Deleted immediately after insertion | Third party (Cheq) | Used to detect if the device supports cookies. | |
| cg_uuid | 365 days | Third party (Cheq) | Hosted by cheqzone.com. Used to detect when the same device is used in a separate browser session, to ensure that once a session is identified as fraudulent or malicious, it can be consistently blocked from access to the relevant customer’s website. | |
| __cf_bm | 1 day | Third party (Cloudflare) | Used to read and filter requests from bots. | |
| surfshark-uuid | 2 years | Surfshark | It identifies the same user for our user experience testing. | |
| is_eu | Session | Third party (Pinterest) | Determines whether the user is located within the EU and therefore is subject to EU's data privacy regulations. | |
| surfshark-sticky-cta-closed | Session | Surfshark | This cookie stores information about the website visitor’s actions on our promotional pop-ups. | |
| surfshark-cf-uuid | 30 min | Surfshark | This cookie is used to prevent fraud. | |
| sf-af | 30 days | Surfshark | Affiliate network tracking cookie. | Affiliate |
| _sp_ses.<website hash> | 30 min | Surfshark | Identifies if the current user session has expired. | Analytical |
| _sp_id.<website hash> | 13 months | Surfshark | Stores non-identifiable user information that is created when a user first visits a site and updated on subsequent visits. | Analytical |
| _uetvid | 16 days | Third party (Bing) | It stores and tracks visits across websites. | Marketing |
| _uetvid_exp | Persistent | Third party (Bing) | It stores and tracks visits across websites. | |
| IDE | 1 year | Third party (Google DoubleClick) | These cookies are set by a third party (DoubleClick) and are used for serving targeted advertisements that are relevant to you across the web. Targeted advertisements may be displayed to you based on your previous visits to this website. For example, advertisements about a topic you have expressed an interest in while browsing our site may be displayed to you across the web. In addition, these cookies measure the conversion rate of ads presented to the user. | |
| MUID | 1 year | Third party (Microsoft) | It stores and tracks visits across websites. | |
| _ttp | 13 months | Third party (TikTok) | Serves targeted advertising and measures the performance of advertising campaigns. | |
| personalization_id | 2 years | Third party (X Corp.) | This cookie is set by X Corp to measure the performance of advertising campaigns through X, across different browsers and devices used by a visitor. | |
| muc_ads | 2 years | Third party (X Corp.) | This is a cookie that is set by X Corp. It is used for optimizing ad relevance by collecting visitor navigation data. | |
| _pin_unauth | 365 days | Third party (Pinterest) | This cookie is used by Pinterest to track usage of their services. | |
| _pinterest_sess | 1 year | Third party (Pinterest) | Pinterest login cookie. | |
| guest_id_marketing | 2 years | Third party (X Corp.) | Used to detect whether a user is logged into X. | |
| guest_id | 2 years | Third party (X Corp.) | Unique ID that identifies the user’s session. | |
| _uetsid | 1 day | Third party (Bing) | Used to store and track visits across websites. | |
| _uetsid_exp | Persistent | Third party (Bing) | Contains the expiry-date for the cookie with corresponding name. | |
| guest_id_ads | 2 years | Third party (X Corp.) | This cookie is set due to X integration and sharing capabilities for social media. | |
| eng_mt | Persistent | Third party (Taboola) | Tracks the conversion rate between the user and the advertisement banners. | |
| C | If C=1 - 60 daysIf C=3 - 3650 days | Third party (Adform) | Identifies if user’s browser accepts cookies. | |
| TPC | 14 days | Third party (Adform) | Identifies if user’s browser accepts third-party cookies. | |
| GCM | 1 day | Third party (Adform) | Identifies if there is a need to re-check a partner‘s cookie matching existence. | |
| CM | 1 day | Third party (Adform) | Identifies if there is a need to re-check a partner‘s cookie matching existence (set by AdServing). | |
| CM14 | 14 days | Third party (Adform) | Identifies if there is a need to re-check a partner‘s cookie matching existence (set by Cookie Matching). | |
| token | Session | Third party (Adform) | Security token for opt out functionality. | |
| otsid | 365 days | Third party (Adform) | Advertiser specific opt-out. | |
| uid | 60 days | Third party (Adform) | Unique identifier. | |
| SR<RotatorID> | 1 day | Third party (Adform) | Sequential rotator information – contains total impressions, daily impressions, total clicks, daily clicks, and last impression date. | |
| CT<TrackingSetupID> | 1 hour | Third party (Adform) | Identifies last click membership for third party pixels on advertiser’s pages. | |
| EBFCD<BannerID> | 7 days | Third party (Adform) | Identifies daily frequency capping for expanding banner. | |
| EBFC<BannerID> | 7 days | Third party (Adform) | Identifies total frequency capping for expanding banner. | |
| CFFC<TagID> | 7 days | Third party (Adform) | Compound banner frequency capping. |
4. How to control cookies?
You can control the cookies deployed on your devices. The majority of cookie types can be regulated or eradicated via your web browser's configuration options. Please be aware, however, that when you choose to reject cookies, this choice may limit the functionality of the Website and you may lose access to some of its features.
For detailed instructions on adjusting cookie preferences within various commonly used browsers, please consult the following directional links:
Also, if you would like to disable advertising cookies, please learn more at Network Advertising Initiative’s opt-out page, the Digital Advertising Alliance’s opt-out page, or http://youronlinechoices.eu.
We note that our Website may contain links to external sites that may take you outside of our Website and are beyond our control. Please note that these other sites may send their own cookies to users, collect data, or solicit personal information. We urge you to review the equivalent data protection, privacy, and cookie policies available on their websites. We do not accept any responsibility or liability for the data protection or privacy practices of third-party websites and your use of third-party websites is entirely your own responsibility.
5. Does our website respond to do-not-track signals?
Currently, it doesn’t. You can tweak your specific browser settings to achieve very similar results.
At this time, Surfshark does not recognize automated browser signals regarding tracking mechanisms, which may include “do-not-track” instructions. However, you can change your privacy preferences regarding the use of cookies and similar technologies through your browser. You may set your browser to accept all cookies, block certain cookies, require your consent before a cookie is placed in your browser, or block all cookies. Please note that blocking all cookies will affect your online experience and may prevent you from enjoying the full features offered by our Website.
Back to the Privacy Policy