Cookie Statement

Cookie Statement Vrije Universiteit Amsterdam

• 1. What are cookies?

  Cookies are small information files that are stored on your computer, telephone or tablet when you visit our website(s). Besides cookies there are other similar technologies that we or other parties can use to store and/or read information on your computer, telephone or tablet, such as web beacons, flash cookies, JavaScript and tracking pixels. For the sake of convenience these technologies are also referred to as cookies.

  Cookies enable your web browser to be recognised. That is useful because it means that you do not need to re-enter your data, restate your preferences or change your settings every time you visit the website(s), for example. This way we can also ensure better functionality of our website(s), understand visitors’ use of the website(s) and display social media content on the website(s).

• 2. What does VU Amsterdam use cookies for?

  Different categories of cookies are used for the following purposes:

  Functional
  These cookies are used to make our website function properly.

  Analytical
  These cookies are used to measure (analyse) website usage based on your behaviour on our websites, such as click behaviour and session duration. This measurement data is used to create statistics that we use to improve the website. Some of this data is shared with Crazy Egg and Google.

  Personalisation
  These cookies are used to analyse how you use our website. This allows us to customise the content of our website with information that matches your interests.

  Social media
  These cookies are set by Vimeo and YouTube. The cookies enable videos from these external platforms to be visible on vu.nl. Once you play the video, Vimeo and YouTube may collect data about your usage and combine it with any data previously collected about you, such as browser and device data, the page you visit, and your interaction with the video. This data may be used by Vimeo and YouTube for analysis, personalisation and possibly advertising purposes.

  Advertisements
  These cookies are set by VU Amsterdam and our advertising partners Google, LinkedIn, Meta and Snapchat. These third parties track your browsing behaviour across multiple websites in order to display relevant ads. They may combine this information with other data that you have provided to them, for example if you are logged in to one of their services, or that they have collected through your use of their platforms. These cookies also allow VU Amsterdam to measure whether our campaigns on different channels are effective by seeing how you came to our website.

  NB: Even if you do not give us your permission to set advertising cookies, it is still possible that you will see advertisements for VU Amsterdam. In that case they will not be based on your internet behaviour on the VU Amsterdam website(s).

• 3. Which cookies can be dropped?

  The following table shows the types of cookies that can be dropped when you visit the VU Amsterdam website(s). VU Amsterdam will try to keep this table as up to date as possible. If you find that a cookie has been dropped that is not included in the list, please report this by sending an e-mail to vu.nl@vu.nl. We will then amend the list as soon as possible.

  Not all of the cookies below will be dropped immediately when you visit our website(s). This depends on the specific page you are visiting and often also on the activity you are performing on the page concerned, such as filling in a form or clicking on a social media button.

  Cookies relating to the analysis of website use, social media and advertisements will only be set with your permission. VU Amsterdam is not required to obtain your permission to set functional cookies.

  Category	Set by	Cookie	Expiration time	Purpose
  Functional	Coosto	COOSTO_WEBCHAT_LAST_MESSAGE COOSTO_WEBCHAT_USER_ID	1 day Session	We use these cookies to capture unique user id's and to check if the conversation is still active. The timestamp of the last sent or received message will therefore be saved.
  Functional	Formdesk	rvtoken*	Session	Processing web forms. This cookie is dropped on the Formdesk domain.
  Functional	Google Tag Manager (GTM) Google Analytics Google	_dc_gtm_* _gat_* cookie_ga4_event_sent	1 minute 1 minute Session	Limiting the number of communication connections. The Google cookie statement specifies the purposes for which Google uses cookies and the Google privacy statement specifies how privacy law is complied with (including any transfer to third countries). cookie_ga4_event_sent  records whether you have made a choice in the cookie banner.
  Functional	Microsoft Azure	x-ms-cpim-cache|jxfdl-o_80uelidfnecska_0 x-ms-cpim-rc:378a68cc-0f7d-40fb-97cd-020b6a2192e2 x-ms-cpim-sso:vunlbc.onmicrosoft.com_0 x-ms-cpim-trans	Session Session Session Session	Supports the Microsoft Azure AD B2C login service for the authentication process. Used to maintain the request state. Supports the Microsoft Azure AD B2C login service. This is a security cookie for the request context during the session. Supports the Microsoft Azure AD B2C login service for maintaining the Single Sign-On (SSO) session. Supports the Microsoft Azure AD B2C login service for tracking authentication transactions.
  Functional	sc-static.net	X-AB	1 day	A cookie used for A/B testing or experimentation to show different versions of the website to users.
  Functional	Selligent	.VuWeb.ST	1 day	An authentication token cookie to fetch VU for Professionals profiles.
  Functional	VU	Clickpath:*	Session	Optimising browser session.
  Functional	VU	cookie_consent_level	Permanent	This cookie records which cookies you have given permission for.
  Functional	VU	Ras	Session	The "Ras” cookie is used to determine whether a user is logged in. This is necessary to provide the user with the correct information appropriate to their role (employee, student, prospective student, etc.).
  Functional	VU	SESS#	Session	Helps to facilitate a secure login process. With this, VU Amsterdam can check in the background the identity of the user, without saving sensitive information like login details on the computer of the user. Instead, a key (a 'token') will be used which is saved securely on the servers of VU Amsterdam. This cookie retrieves said key once the user logs in.
  Functional	VU	sess_auth_vu_nl	1 year	Processing webforms.
  Functional	VU	Sessie_auth_vu_nl	Session	Facilitates a secure login process. This allows VU Amsterdam to verify the user's identity in the background, without storing sensitive information such as login credentials on the user's computer. Instead, a key (a "token") is used that is securely stored on VU's servers. This cookie retrieves that key each time the user logs in.
  Functional	VU	VuWeb.AF	Session	Helps prevent Cross-site request forgery (CSRF), an attack where a user visits a malicious site that sends an unauthorized request to a legitimate site.
  Analytical	Crazy Egg	_ceir, is_returning _CEFT _ce.cch _ce.clock_data _cer.s _cer.v _ce.s _ce.gtld ce_need_secure_cookie ce_successful_csp_check cebs cebsp_	1 year 1 year 1 second 1 day Session 1 month 1 year 1 second 1 second 1 day Session Session	Tracking and analysing the use of VU Amsterdam webpages (such as where the user clicks or how a mouse is moved) to improve VU Amsterdam webpages. Crazy Egg's privacy policy explains how they handle the data.
  Analytical	Google Analytics	_ga _ga_* _gac_* _gd* _gid	2 years 2 years 90 days 1 second 1 day	Tracking and analysing users' website behaviour (such as the number of visitors and the time each visitor spends on a webpage) to improve VU Amsterdam webpages. _gd* stores temporary session information to link your actions during a visit and accurately measure site interactions and performance.
  Analytical	Microsoft	AI_buffer	Session	Used in context with the "AI_sentBuffer" in order to limit the number of data-server-updates (Azure). This synergy also allows the website to detect any duplicate data-server-updates.
  Analytical	Microsoft	AI_sentBuffer	Session	Used in context with the "AI_buffer" in order to limit the number of data-server-updates (Azure). This synergy also allows the website to detect any duplicate data-server-updates.
  Analytical	Selligent	sbss_* sbt_i	1 year 1 year	Optimising shown content on VU.nl according to the preferences of the visitor. sbss_* is a tracking cookie from Site-See (Selligent Marketing Cloud) used for website analytics, statistics, and tracking user behavior.
  Analytical	VU	ai_session	1 day	Marks the start of a web session and expires after 30 minutes of inactivity. Application Insights uses this to measure how long users stay on the website and how many pages they view per session. This allows you to see the average session duration and pages viewed per session in the reports.
  Analytical	VU	ai_user	1 year	Stores a unique ID in the browser to identify users. Application Insights uses this ID to count how many different people visit the website. The cookie remains valid for one year so that returning visitors can be recognized. In the Application Insights dashboards, you can see statistics about unique users and new vs. existing visitors.
  Personalisation	Selligent	sb_test	1 day	Temporary cookie to check if there is communication between the browser and Selligent.
  Personalisation	Selligent	sb_* sbt_*	6 months 1 year	sb_* stores profile information and sends this data to the appropriate VU environment on the back end. sbt_* stores profile information and transmits it to the correct VU environment on the backend. It is a variant of the sb_ cookie created to comply with the new Google Chrome third-party cookie policy.
  Social media	Google	SOCS	3 months	This cookie is set by Google to store user preferences related to cookie settings. It records whether the user has given consent or made specific choices regarding cookies and privacy settings on Google services.
  Social media	Snapchat	sc_at	1 year	Set by Snapchat to show relevant ads to users by tracking user behavior across different websites. The cookie policy of Snap specifies the purpose for which Snapchat uses cookies.
  Social media	Snapchat	EssentialSession Marketing Performance Preferences sc-a-nonce sc-cookies-accepted sc-language	1 year 1 year 1 year 1 year 1 year 1 year 1 year	This cookie is set by Snapchat to store user preferences related to cookie settings. Snap’s cookie policy outlines the purposes for which Snap uses cookies, and its privacy policy explains how privacy laws are upheld (including any data transfers to third countries). sc-a-nonce stores a unique security token (nonce) to verify legitimate user requests and prevent replay attacks. sc-language is part of Snapchat’s Preferences cookies, aimed at remembering visitors’ language preferences.
  Social media	Vimeo	__cf_bm	1 day	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
  Social media	Vimeo	_cfuvid	Session	This cookie is a part of the services provided by Cloudflare - Including load-balancing, deliverance of website content and serving DNS connection for website operators.
  Social media	Vimeo	vuid	2 years	Collects data on the user's visits to the website, such as which pages have been read.
  Social media	YouTube	__Secure-ROLLOUT_TOKEN	6 months	Used for phased rollouts of new features or experiments (A/B testing) to assign users to specific test groups.
  Social media	YouTube	__Secure-YEC __Secure-YNID #-# iU5q-!O9@$ LAST_RESULT_ENTRY_KEY LogsDatabaseV2:V#||LogsRequestsStore remote_sid ServiceWorkerLogsDatabase#SWHealthLog TESTCOOKIESENABLED LOGIN_INFO PREF VISITOR_INFO1_LIVE YSC yt-remote-cast-available yt-remote-cast-installed yt-remote-connected-devices yt-remote-device-id yt-remote-fast-check-period yt-remote-session-app yt-remote-session-name ytidb::LAST_RESULT_ENTRY_KEY YtIdbMeta#databases VISITOR_PRIVACY_METADATA	Session 6 months Session Session Session Permanent Session Permanent 1 day 13 months 13 months 6 months Session Session Session Permanent Permanent Session Session Session Permanent Permanent 6 months	Display VU webpages with YouTube elements. YouTube's cookie statement explains the purposes for which YouTube uses cookies, and YouTube's privacy statement explains how it complies with privacy regulations (including any transfers to third countries).
  Advertisements	Google DoubleClick	IDE	1 year	Used by Google’s DoubleClick service to register and report the website user’s actions after viewing or clicking on an ad, with the purpose of measuring the effectiveness of ads and presenting targeted advertising to the user across sites.
  Advertisements	Google Search Ads	APISID HSID NID SAPISID SID SIDCC SSID _gcl_au _gcl_aw* _gcl_gs GCL_AP_P 1P_JAR	13 months 13 months 13 months 6 months 13 months 13 months 1 year 3 months 3 months 3 months 3 months 1 month	Displaying VU advertisements on other websites. Google's cookie statement explains the purposes for which Google uses cookies, and Google's privacy statement explains how it complies with privacy regulations (including any transfers to third countries). NID registers a unique ID that identifies a returning user's device. The ID is used for targeted ads. _gcl_au helps Google measure whether and how often someone who views or clicks an ad eventually performs a desired action (conversion). _gcl_aw* captures the click ID (gclid) from the URL when someone lands on vu.nl after clicking a Google Ads advertisement. _gcl_gs stores the session context of the user session on VU.nl. This is used to analyze whether the user performs a desired action (conversion) within the same session. GCL_AP_P is used by Google Ads to measure conversions (e.g., a registration or purchase) after a user clicks on an advertisement.
  Advertisements	LinkedIn	aam_uuid bcookie lang lidc li_fat_id li-oatml li_gc UserMatchHistory	1 month 1 year Session 1 day 1 month 1 month 6 months 30 days	The LinkedIn cookie policy specifies the purpose for which LinkedIn uses cookies and the LinkedIn privacy policy specifies how privacy law is complied with (including any transfer to third countries). li_gc stores the user's consent preferences for LinkedIn cookies to comply with privacy regulations. lidc is set by LinkedIn and is used to facilitate the selection of the LinkedIn data center. It ensures the correct routing of a user's browser data.  bcookie is a browser identifier cookie used by LinkedIn to recognize the browser or device over time, helping associate ad interactions (clicks or views) with subsequent actions (conversions) on this website.
  Advertisements	Meta	fr	3 months	Displaying advertisements for VU Amsterdam on Facebook. The Facebook cookie statement specifies the purposes for which Facebook uses cookies and the Facebook privacy statement specifies how privacy law is complied with (including any transfer to third countries).
  Advertisements	Meta	_fbc	3 months	Captures the click ID (fbclid) from the URL when someone arrives at your site after clicking a Facebook/Instagram ad.
  Advertisements	Meta	_fbp	3 months	Identifies browsers visiting your site so Facebook can measure ad performance (conversions, attribution).
  Advertisements	Meta	sb	3 months	Security cookie for storing information that allows us to recover your account if you forget your password or to require additional verification when you report that your account has been hacked. This is set when logged into Facebook/Instagram.
  Advertisements	Snapchat	_sca _sctr _scu	1 month 1 year 3 months	Displaying advertisements for VU Amsterdam on Snapchat. The cookie policy of Snap specifies the purpose for which Snapchat uses cookies and the privacy policy of Snap specifies how privacy law is complied with (including any transfer to third countries).
  Advertisements	Snapchat	_ScCbts	1 week	Used to optimize the delivery of content based on user behavior. The cookie has a retention period of 7 days.
  Advertisements	Snapchat	_scid _scid_r	1 year 1 year	_scid is used to display VU Amsterdam ads on Snapchat. _scid_r is a variant of _scid, used to display VU Amsterdam ads on Snapchat.
  Advertisements	Snapchat	_schn1	1 year	This cookie is set by Snapchat to store user preferences regarding cookie settings.

  _{The asterisk (*) is intended as a wildcard character and stands for any string of characters.}

  _{This chart was last amended on 22 October 2025.}

• 4. How do I withdraw my consent?

  You can withdraw your consent at any time via the ‘Cookie Settings’ in the footer of this website or by using the ‘Change your cookie settings’ button in the top right corner of this page. You will then be given the opportunity to update which cookies you consent to. Additionally, we recommend deleting cookies in your browser. Section 5 explains how you can delete cookies.

• 5. How do I delete cookies?

  Most cookies are stored for a fixed period of time. That means they expire automatically after a certain time and will no longer record data on your website visits. You can also delete cookies manually before the storage period expires.

  To delete cookies go to the settings of your internet browser (e.g. Microsoft Edge, Google Chrome or Safari) and choose to delete cookies or change your settings. You can also change the settings of your internet browser to notify you if a website uses cookies. You can then decide whether to give permission in each specific case. For more information you can use the help function in your internet browser.

• 6. Where can I ask questions about cookies?

  You can ask questions about the use of particular cookies at: vu.nl@vu.nl.

• 7. How do I exercise my privacy rights?

  The General Data Protection Regulation (GDPR) provides you with the right to access your processed personal data and under certain conditions the right to rectify your personal data if it contains factual errors, the right to erase your personal data, the right to restrict the processing of your personal data, the right to portability of your personal data and the right to object to the processing of your personal data.

  If you wish to exercise these privacy rights, you can notify the Data Protection Officer of VU Amsterdam at the following address:

  Vrije Universiteit Amsterdam
  Data Protection Officer
  De Boelelaan 1105
  1081 HV AMSTERDAM
  functionarisgegevensbescherming@vu.nl

  Please be aware that you will be asked for proof of identity to be able verify that the request has been submitted by you and to enable your request to be processed.

  You also have the right to submit a complaint to VU Amsterdam itself or to the Dutch Data Protection Authority (Dutch DPA) concerning the processing of your personal data by VU Amsterdam.

  More information on your rights is available from the Dutch DPA (in Dutch only).

• 8. Amendments to cookie statement

  The cookies we use for our website(s) may change, so this cookie statement may also be modified over time. We will ensure that you are informed of any substantial modification made to the use of cookies through our website(s).