This Cookie Policy explains how Yhost uses cookies and similar technologies on our website (yhost.io) and client portal (my.yhost.io). It should be read together with our Privacy Policy.
Cookies are small text files stored on your device when you visit a website. They help the site remember information about your visit. We also use similar technologies (such as local storage, session storage, pixels/tags, and scripts) for comparable purposes. In this policy, "cookies" refers to all such technologies unless otherwise specified.
We set cookies in accordance with the UK Privacy and Electronic Communications Regulations 2003 (PECR), the EU ePrivacy Directive (2002/58/EC as amended by 2009/136/EC), and equivalent laws. Strictly necessary cookies do not require consent. For all other cookies (analytics and marketing), we obtain your consent before setting them, where required by Applicable Law. You can withdraw consent at any time through our cookie settings or browser controls.
We operate two web properties. Both may use analytics and marketing cookies, but only with your consent.
| Property | Domain | Purpose | Cookie types |
|---|---|---|---|
| Website (Frontend) | yhost.io | Marketing site, product pages, blog, knowledge base | Strictly necessary, analytics, marketing |
| Client Portal (Billing) | my.yhost.io | Account management, billing, ordering, support, service management | Strictly necessary, analytics (Enhanced Ecommerce), marketing |
Both domains display a cookie consent mechanism. Non‑essential cookies (analytics and marketing) are loaded only after you give consent. You can change your preferences at any time through the cookie settings link available on each domain.
| Category | Purpose | Consent required? |
|---|---|---|
| Strictly necessary | Essential for site functionality, security, authentication, session management, CSRF protection, DDoS mitigation, and storing your cookie consent preferences. The site cannot function properly without them. | No |
| Analytics / Performance | Help us understand how visitors use our website and client portal so we can improve them. On the client portal, this includes Google Analytics Enhanced Ecommerce to understand purchasing patterns and improve the ordering experience. | Yes |
| Marketing / Advertising | Used to measure the effectiveness of advertising campaigns, track conversions, and build audience segments for remarketing. On the client portal, marketing tags may fire on order completion pages to measure ad conversion. | Yes |
| Cookie / Technology | Provider | Purpose | Duration |
|---|---|---|---|
__cf_bm | Cloudflare | Bot management — distinguishes humans from bots to protect the site from automated abuse | 30 minutes |
cf_clearance | Cloudflare | Records that the visitor has passed a Cloudflare security challenge | Up to 1 year (configurable) |
__cfruid | Cloudflare | Rate limiting — identifies individual visitors behind a shared IP | Session |
| Cookie consent state | Yhost (or consent tool) | Stores your cookie consent preferences so we do not ask again on every visit | 12 months |
| Cookie / Technology | Provider | Purpose | Duration |
|---|---|---|---|
_ga | Google Analytics | Distinguishes unique visitors by assigning a randomly generated ID | 2 years |
_ga_<ID> | Google Analytics | Maintains session state for Google Analytics 4 | 2 years |
_gid | Google Analytics | Distinguishes visitors within a 24‑hour period | 24 hours |
_gat | Google Analytics | Throttles request rate to Google Analytics servers | 1 minute |
| Cookie / Technology | Provider | Purpose | Duration |
|---|---|---|---|
_fbp | Meta (Facebook Pixel) | Identifies the browser for ad delivery and conversion tracking on Facebook / Instagram | 3 months |
_fbc | Meta (Facebook Pixel) | Stores click‑through information from Facebook ads | 3 months |
Facebook Pixel (fbevents.js) | Meta Platforms, Inc. | Tracks page views and conversion events for Facebook/Instagram advertising | Script (no persistent cookie beyond _fbp/_fbc) |
_gcl_au | Google Ads (via Google Tag) | Stores conversion information for Google Ads campaigns | 3 months |
_gcl_aw | Google Ads | Records which Google Ad was clicked to arrive at the site | 3 months |
_uetmsclkid | Microsoft (Bing Ads / UET) | Stores click ID from Bing Ads for conversion tracking | 3 months |
_uetvid | Microsoft (Bing Ads / UET) | Identifies unique visitors for Bing Ads remarketing and conversion attribution | 13 months |
MUID | Microsoft | Microsoft user identifier used across Microsoft services for ad targeting | 13 months |
| Cookie / Technology | Provider | Purpose | Duration |
|---|---|---|---|
__cf_bm, cf_clearance, __cfruid | Cloudflare | Bot management, security challenge, and rate limiting (same as Section 5.1) | 30 min / up to 1 year / session |
PHPSESSID | Yhost (PHP) | Standard PHP session identifier — maintains your authenticated session | Session (expires when you close the browser or after server‑side timeout) |
laravel_session | Yhost (Laravel) | Laravel framework session cookie — securely identifies your session | 2 hours (configurable) |
XSRF-TOKEN | Yhost (Laravel) | CSRF protection token — prevents cross‑site request forgery attacks | 2 hours (matches session) |
| Cookie consent state | Yhost (or consent tool) | Stores your cookie consent preferences for the client portal | 12 months |
| Cookie / Technology | Provider | Purpose | Duration |
|---|---|---|---|
_ga | Google Analytics | Distinguishes unique visitors. On the client portal, used with Enhanced Ecommerce to understand purchasing behaviour (product views, add‑to‑cart, checkout steps, completed orders) so we can improve the ordering experience. | 2 years |
_ga_<ID> | Google Analytics | Maintains session state for GA4 Enhanced Ecommerce tracking | 2 years |
_gid | Google Analytics | Distinguishes visitors within a 24‑hour period | 24 hours |
Enhanced Ecommerce data sent to Google includes: product names/categories viewed, items added to cart, checkout initiation, and order completion (order value, product category). It does not include your name, email, payment details, or Account credentials — only anonymised transaction data linked to a randomly generated visitor ID.
On order completion and key conversion pages in the client portal, we may fire marketing tags to measure advertising campaign effectiveness. These use the same third‑party technologies as described in Section 5.3 (Facebook Pixel, Google Ads conversion tracking, Bing UET). The cookies set are identical to those listed in Section 5.3.
These tags are loaded only with your consent. If you decline marketing cookies, no marketing tags will fire, even on order completion pages. Your order will still be processed normally.
Both yhost.io and my.yhost.io display a cookie consent mechanism. You can accept or reject non‑essential cookie categories (analytics and marketing) individually. You can change your preferences at any time by clicking the cookie settings link in the footer of either domain.
You can also control cookies through your browser settings. Most browsers allow you to block or delete cookies. Note that blocking strictly necessary cookies may prevent the site and client portal from functioning properly (for example, you will not be able to log in).
We respect browser‑based opt‑out preference signals (such as the Global Privacy Control, "GPC"). If we detect such a signal and you are located in a jurisdiction where such signals are legally binding (such as California under CCPA/CPRA), we will treat it as a valid request to opt out of non‑essential cookies and any sharing of personal information for advertising purposes.
The analytics and marketing cookies described above are set by third‑party providers (Google, Meta, Microsoft). When you consent to these cookies, data about your visit (such as pages viewed, IP address, device information, and on the client portal, anonymised transaction data) may be transmitted to servers operated by these providers, which may be located in the United States or other countries.
We have assessed these transfers and rely on the following safeguards:
If you do not consent to analytics or marketing cookies, these third‑party scripts will not load and no third‑party cookies will be set. See their privacy policies: Google, Meta, Microsoft.
This Cookie Policy applies only to the Yhost website (yhost.io) and client portal (my.yhost.io). If you host a website using our Services, you are responsible for your own cookie consent mechanism, cookie policy, and compliance with the ePrivacy Directive / PECR and other applicable cookie laws for your own users. We do not set any cookies on your customers' browsers through the hosting service itself.
Information collected through cookies may constitute personal data. For details on how we process personal data, your rights (including access, deletion, and objection), and how to exercise them, please see our Privacy Policy.
California residents (CCPA/CPRA): The use of marketing cookies (Facebook Pixel, Google Ads, Bing Ads) may constitute "sharing" of personal information for cross‑context behavioural advertising under the CCPA/CPRA. You can opt out by: (a) declining marketing cookies in our consent tool; (b) enabling the GPC signal in your browser; or (c) contacting us at [email protected]. When marketing cookies are declined or GPC is detected, no sharing occurs.
We may update this Cookie Policy from time to time. The updated version will be posted with a new effective date. If we introduce new categories of cookies or new third‑party providers, we will update this policy and request your consent before setting new non‑essential cookies.
If you have questions about this Cookie Policy, please contact us at [email protected] or through the client portal.
Subscribe to get Exclusive offer & updates in your Email
Yhost Hosting provider uses the most up-to-date technologies in order to provide you with the most powerful, high-performing servers possible. Best Web & VPS Hosting Services, Cloud & NVMe VPS.
Copyright © 2014‐2026 Yhost. All Rights Reserved
