What cookies does shiny use?

...Hi! I dont know if you could help but... Lets try!
We have created a web site with blogdown (that, as the same time, uses "Hugo"), and we have to fulfill the european normative about personal data protection. We don't know what kind cookies this kind of web sites usually use.

I have heard that blogdown doesn't use cookies itself, third services does (like google anylitics).

How can i know what cookies the web site is using?

I let you the link of the web site: http://shiny.uclm.es/

Thanks for your time!


First, welcome to the RStudio Community!

To answer your question, nothing, but it also depends on the application. Are you using any web analytics or trackers? Are you storing user information internally or sending user activity to a third party? Are you using local storage on user’s device or are you sending the data to a self-maintained database? You can also find some of this information by opening the developers tab in your browser and navigating to the “Storage” tab.

I'm assuming you are referring to GDPR?

First, if you have a GDPR officer in your organisation, I would recommend speaking with them. Alternatively, you may want contact a policy specialist or perhaps someone in the legal department (as they may know someone who has knowledge with this). Historically, when the GDPR was announced, it provided a lot of good guidelines but the information for implementation was bit vague which resulted in internet-wide panic over a year or so ago; but it's getting a lot better. Typically, many applications use popup messages or a sticky note at the bottom of the screen that state, “this site uses cookies and by closing this you are agreeing to ….”. The key is informing users what the site does and what it collects (if any). Some sites also provide a menu that allows users to opt-out of non-essential storage methods (i.e., tracking, advertising, etc.). For example, if your site uses google analytics, you will need to make sure the site handles "do not track" requests properly.

If your site is part of a larger organisation, check the main organisation website to see how it is implemented there and follow their design.

Since we also talking about compliance, I would also like to point out that web accessibility is an important aspect of creating an application. There are EU guidelines to meet web accessibility standards (possibly organisational requirements too). There are different levels of web accessibility and it would be best to follow internal guidelines. See the W3G site for more information on the guidelines. I would also recommend checkout out the a11y project and W3G tutorials for implementation and checklists.

Hopefully this provides a good start. There’s a lot of information and some of it may not be relevant. If you have any questions, I’d be happy to help.



Hello dcruvolo, sorry the late but i am a bit busy. First of all thanks for you answer, it was really completed and helpfull to me. I have contacted with the legal departament of my university. They are working to me to solve the problems.

But far to finish i have another question i hope you can answer me. I need to know what kind of cookie rscid (hopefully a cookie from R Studio) is. I mean, if it's a session cookie or not, and what kind of information (if it's the case) collects from our visitors.

I am pretty sure that is a session cookie that collects the user name, password... To administrate the entry to our apps, but i am 100% sure of it. I hope you can enlighten me with your knowledge :slight_smile: .

Thanks in advace.


Hi @Angel441995,

Good to hear that the project is coming along. I believe that session information is generated by the server (assuming you are using shiny) rather than some user-based information. I’m not family with rscid. I found something called Sierra Charts Intraday Data, but I’m not sure if that is it. Where does rscid come from? Perhaps if you identify the tool that generates and uses the rscid, you can review the source code to see what it is storing.

This topic was automatically closed 54 days after the last reply. New replies are no longer allowed.