Cookies & Storage Overview

Tag Script & Structure

The Untitled Tag is implemented by placing the following script on a website:

<script async src="https://tag.getuntitled.ai/{client-tag-name}"></script>

Structure Notes:

• {client-tag-name} is a unique identifier assigned to each customer implementation.

• The script loads asynchronously to avoid blocking page rendering.

• The tag may dynamically load additional resources required for identity resolution, session management, and activation.

• No directly identifiable personal information is stored within the script itself.

Data Collected:

• Cookie ID(s)

• JSON header (including IP address, user agent, etc)

• Page URLs (tag fire and referring page) - including UTM variables

Provider Tags

The Untitled Tag may be served from the following domains:

• https://tag.getuntitled.ai/{client-tag-name}

• https://tag.trovo-tag.com

Overview

When installed, the Untitled Tag may create:

• First-party HTTP cookies

• Third-party HTTP cookies (via integrated advertising platforms)

• HTML Local Storage entries

These technologies support identity resolution, audience building, measurement, and activation use cases.

First-Party Storage (Untitled)

1. tuid

Provider: Untitled LLC (served via .a.usbrowserspeed.com) Type: HTTP Cookie Example Value: 893d11ee-c981-4850-9b6b-1f83069303bc Maximum Storage Duration: 1 year

Purpose: Used to identify website visitors for marketing and audience-building purposes. This identifier enables:

• Recognition of returning visitors

• Audience segmentation

• Measurement and attribution support

• Activation across permitted media destinations

This cookie does not store directly identifiable personal information.

2. id_tag_session_id

Provider: Untitled (tag.getuntitled.ai) Type: HTML Local Storage Storage Duration: Persistent (until manually cleared or overwritten)

Purpose: Stores a session identifier used to manage and associate activity within a browsing session.

3. id_tag_session_last_activity

Provider: Untitled (tag.getuntitled.ai) Type: HTML Local Storage Storage Duration: Persistent (until manually cleared or overwritten)

Purpose: Tracks the timestamp of the user’s last recorded activity to help manage session logic and tag behavior.

Third-Party Cookies

The Untitled Tag may integrate with approved demand-side platforms and advertising exchanges. These partners may set cookies in connection with advertising activation and for audience use in our native DSP.

4. bito

Provider: bidr.io Partner Service: Beeswax Type: HTTP Cookie Example Value: AAAd107TLAQAAABk99Zzcw Maximum Storage Duration: 13 months

Purpose: Sets a unique identifier for the visitor that enables third-party advertisers to deliver relevant advertisements. This identifier supports real-time bidding and programmatic advertising functionality.

5. bitoIsSecure

Provider: bidr.io Partner Service: Beeswax Type: HTTP Cookie Example Value: ok Maximum Storage Duration: 13 months

Purpose: Indicates whether the user’s connection is secure and supports the delivery of relevant advertising content via real-time bidding infrastructure.

6. checkForPermission

Provider: bidr.io Partner Service: Beeswax Type: HTTP Cookie Example Value: ok Maximum Storage Duration: Persistent (until manually cleared or overwritten)

Purpose: Indicates whether the user’s connection is secure and supports the delivery of relevant advertising content via real-time bidding infrastructure.

Legal & Compliance Notes

• Storage duration may vary depending on browser policies and user settings.

• Users may clear cookies or local storage at any time through browser settings.

• These identifiers are pseudonymous and do not directly store names, email addresses, or other directly identifiable personal information.

• Websites deploying the Untitled Tag are responsible for ensuring appropriate consent mechanisms (e.g., cookie banners) are implemented in accordance with applicable laws such as GDPR and CCPA.

Console Errors & Troubleshooting

400 Bad Request Errors from International Traffic

Issue: You may observe 400 Bad Request errors in browser console logs associated with the Untitled ID Tag.

Cause: The Untitled ID Tag is restricted to fire exclusively within North America (United States and Canada).

If the tag is implemented without geographic filtering, it will still attempt to execute for all visitors. When traffic originates from outside North America, the request is intentionally rejected, resulting in a 400 Bad Request response in the console.

This behavior is expected and does not indicate a malfunction.

During testing, this issue is most commonly observed when:

• The website is accessed from outside the U.S. or Canada

• A VPN routes traffic through a non–North American location

Because of this geographic restriction, the issue can be difficult to replicate unless testing from an international IP address.

To reproduce the error while testing from a U.S.-based location, use a VPN and route your connection through a location outside of North America.

Impact

• No data is collected for visitors outside North America

• North American traffic continues to function normally

• The error appears only in developer console logs

• There is no visible site disruption

The Untitled Tag loads asynchronously, meaning it does not block page rendering. As a result:

• There is minimal to no performance impact

• Page load times are not materially affected

• No front-end functionality is disrupted

Resolution Options

You may choose one of the following approaches:

Option A: Apply Geographic Firing Rules (Recommended)

Deploy the tag via Google Tag Manager (or equivalent tag management system) with a trigger that restricts firing to U.S.-based (or North American) traffic.

This prevents the tag from attempting to execute for unsupported regions and eliminates console errors.

Option B: Reinstall and Disregard the Error

Reinstall the tag directly on the site and disregard the console error.

In this case:

• The error will only appear for international traffic

• North American data collection will resume immediately

• The console message can be safely ignored

For most U.S.-focused businesses, international traffic typically represents a minority of total sessions. You can confirm the percentage of international visitors using Google Analytics or a comparable analytics platform ahead of installation.