Criteo sets 4 cookies on websites that load its scripts. Below is the full list with purpose, expiry, and whether each one needs GDPR / ePrivacy consent.
cto_bundleAdvertisingExpires: 13 monthsCriteo's primary retargeting cookie. Stores an encoded bundle that links the visitor to Criteo's ad-bidding profile for personalised display ads.
cto_tld_testAdvertisingExpires: SessionUsed by Criteo to determine the highest-level domain on which it can set cookies. Set briefly during the test, then expires.
cto_idcpyAdvertisingExpires: 13 monthsStores a Criteo identifier copied from a related domain to maintain retargeting state across multiple TLDs.
cto_sidAdvertisingExpires: SessionCriteo session identifier used to deduplicate ad impressions and conversion events within a single browsing session.
CookieSentry scans your site, identifies every Criteo cookie set before consent, and gives you an evidence-grade PDF for your DPO.
Run a free scan →