Cookies

NHS.UK puts small files (known as ‘cookies’) onto your computer to collect information about how you browse the site.

Cookies are used to:

  • measure how you use the website so it can be updated and improved based on your needs
  • remember the notifications you’ve seen so that we don’t show them to you again

NHS.UK cookies aren't used to identify you personally.

You'll normally see a message on the site before we store a cookie on your computer.

Find out more about how to manage cookies.

How cookies are used on NHS.UK

Measuring website usage (Google Analytics and Webtrends)

We use Google Analytics and Webtrends software to collect information about how you use NHS.UK. We do this to help make sure the site is meeting the needs of its users and to help us make improvements, for example improving site search.

Google Analytics and Webtrends store information about:

  • the pages you visit on NHS.UK
  • how long you spend on each NHS.UK page
  • how you got to the site
  • what you click on while you’re visiting the site

We don't collect or store your personal information (for example your name or address) so this information can't be used to identify who you are.

We don't allow Google to use or share our analytics data.

Google Analytics sets the following cookies:

Name Purpose Expires
_ga This helps us count how many people visit NHS.UK by tracking if you've visited before 2 years
_gat Used to manage the rate at which page view requests are made 10 minutes
_utma Like ga, this lets us know if you’ve visited before, so we can count how many of our visitors are new to NHS.UK or to a certain page 2 years
_utmb This works with utmc to calculate the average length of time you spend on NHS.UK 30 minutes
_utmc This works with utmb to calculate when you close your browser when you close your browser
_utmz This tells us how you reached NHS.UK (eg from another website or a search engine) 6 months

You can opt out of Google Analytics cookies.

Webtrends sets the following cookies:

Name Purpose Expires
ACOOKIE This lets us know if you've visited before, so we can count how many of our visitors are new to NHS.UK or to a certain page 2 years
WT_FPC This cookie is used to identify the visitor and the session to allow us to track usage of our websites so we can improve them 2 years

You can opt out of Webtrends cookies.

Hotjar sets the following cookies:

Name Purpose Expires
_hjUserId This cookie is set as soon as a user loads a page which contains the Hotjar code. The cookie contains a universally unique identifier (UUID) which allows Hotjar to track the same visitor across multiple pages and sessions 365 days
_hjClosedSurveyInvites This cookie is set once a visitor interacts with a Survey invitation modal popup. It is used to ensure that the same invite does not re-appear if it has already been shown 365 days
_hjDonePolls This cookie is set once a visitor completes a poll using the Feedback Poll widget. It is used to ensure that the same poll does not re-appear if it has already been filled in 365 days
_hjMinimizedPolls This cookie is set once a visitor minimizes a Feedback Poll widget. It is used to ensure that the widget stays minimizes when the visitor navigates through your site 365 days
_hjDoneTestersWidgets This cookie is set once a visitor submits their information in the Recruit User Testers widget. It is used to ensure that the same form does not re-appear if it has already been filled in 365 days
_hjMinimizedTestersWidgets This cookie is set once a visitor minimizes a Recruit User Testers widget. It is used to ensure that the widget stays minimizes when the visitor navigates through your site 365 days

You can opt out of Hotjar cookies.

Our introductory message

You may see a pop-up welcome message when you first visit NHS.UK. We'll store a cookie so that your computer knows you've seen it and knows not to show it again.

Name Purpose Expires
nhsuk_seen_cookie_message Saves a message to let us know that you've seen our cookie message 1 month

Preventing malicious attacks

We use a cookie to try to prevent cross site request forgery (CSRF) attacks through form submissions.

Name Purpose Expires
_csrf Saves a unique token so we can check against it during form submissions 1 month