X (Twitter) sets 4 cookies on websites that load its scripts. Below is the full list with purpose, expiry, and whether each one needs GDPR / ePrivacy consent.
personalization_idAdvertisingExpires: 2 yearsUsed by X (formerly Twitter) to integrate and share features for social media and to personalise content and ads across the X ad network.
guest_idAdvertisingExpires: 2 yearsUsed by X to identify and track website visitors (including non-logged-in users) for embedded content, analytics, and ads.
muc_adsAdvertisingExpires: 2 yearsSet by X to measure and improve the relevance of advertising shown on the X platform and via the X Audience Platform on third-party sites.
gtFunctionalExpires: SessionGuest token used by X to authorise non-logged-in visitors when loading embedded tweets and timelines. Required for the embed to render — case-by-case necessity assessment when the embed itself is optional.
CookieSentry scans your site, identifies every X (Twitter) cookie set before consent, and gives you an evidence-grade PDF for your DPO.
Run a free scan →