Indoc Systems Cookies Policy

Last Updated: March 17, 2026
This Cookies Policy (the “Cookies Policy”) explains how Indoc Systems Inc. (“Indoc”, “us”, “we”, or “our”) uses cookies and related technologies (e.g., pixel tags or beacons) (collectively “cookies” or “cookie”), on (i) our company website https://www.indocsystems.com and (ii) our software product, Pilot (each, a "Site"). You may encounter different cookies depending on which environment you are visiting.

Please take a minute to read and understand this Cookies Policy. This Cookies Policy should also be read in conjunction with our Privacy Statement.

1. Distinction Between Our Online Environments

We operate two online environments:​​
  • Corporate website – used for informational content and marketing
  • Pilot web application – our software product used by registered customers and their end users to access our platform and services.
Each environment uses cookies for different purposes. The corporate website may use cookies that require your prior consent under applicable data protection laws. Pilot primarily uses cookies that are strictly necessary for authentication, security, and service functionality. Where Pilot uses non-essential cookies (such as analytics), we request consent when required.

The specific cookies used in each environment are listed separately in this Cookies Policy.

2. What Are Cookies?

Cookies are small text files that a website places on your device while you browse. Your browser saves and processes these files so the website can perform functions such as remembering your settings or measuring how many people are looking at a website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Site. Our use of cookies is governed by our Privacy Statement. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. However, if you do not consent to our use of cookies or select this setting you may be unable to access certain parts of our Site.

Cookies are described in two different ways in this Policy according to how they operate (technical categories) and why they are used (purpose-based categories).

3. Technical Categories Of Cookies

These technical categories describe how long a cookie stays on your device and who places it.

3.1 Session Cookies or Persistent Cookies

Session cookies are temporary cookies that contain encrypted information and are placed on your browser each time you visit the Site. They help the platform recognize your device during your visit and allow essential features such as page navigation and secure login to work properly. These cookies are required for the Site to function and are deleted when you close your browser.
Persistent cookies stay on your device after you close your browser unless you delete them manually. How long they remain depends on the specific cookie and your browser settings. These cookies help us remember you as a returning user so you can access the Site or our services more easily. They may also help us understand how you interact with our content over time, including when you access our resources from other websites (for example, through an advertisement).

3.2 First- and Third-Party Cookies

Cookies that we place directly on your device are called "First-party cookies" and the cookies placed by our third-party partners and service providers are called "Third-party cookies."

We do not use third-party cross-site tracking cookies in our products and services.

3.3 Cookies Used by Third-Party Products and Services

We may use third-party services to help operate, maintain, and improve our Site. These third parties may use cookies or similar technologies (such as web beacons) to collect information about how you use our Site. In some cases, the information they collect may be associated with your Personal Information or may relate to your activity across different websites and online services.

We do not control how these third parties use their cookies or similar technologies, or the data they collect. If you have any questions about how a particular third party handles your information, we encourage you to review their privacy policies or to contact them directly.

4. Purpose-Based Categories of Cookies

The categories below describe the types of cookies and similar technologies, including local storage and session storage, the purposes for which they are used, and whether consent is required under applicable data protection and ePrivacy laws.

4.1 Strictly Necessary Cookies

Strictly necessary cookies and similar technologies are essential for our Site to work. They enable core functions like security, page navigation, authentication, and access to secure areas of the Site. These technologies are used only to provide the services you requested and do not require your consent under applicable data protection and ePrivacy laws.

Some Pilot workspace applications use small cookies that are needed for the service to work properly, such as keeping your session active or remembering basic interface preferences. Although some browsers may label these as “functional,” we treat them as strictly necessary because the applications cannot run reliably without them.

These cookies do not store personal information, and they are not used for tracking or advertising. Because they are required for core functionality, they can’t be turned off through user settings. Blocking them in your browser or network level may limit access or prevent the application from working as expected.

We only use the minimum cookies needed to provide a secure, stable, and consistent user experience.

4.2 Functional (Preference) Cookies

Functional cookies and similar technologies improve your experience by allowing the Site to remember choices you make or preferences you set, such as display settings and other configurations, to provide a more consistent and personalized experience. Where required by applicable law, these cookies are used only with your consent.

4.3 Analytics Cookies

Analytics cookies and other similar technologies collect information about how users interact with the Site, including usage patterns, navigation paths, and system performance metrics. This information is used to understand how the Site is used and to improve its reliability, performance, and usability. The information collected is analyzed in an aggregated manner and is not used to directly identify individual users. Where required by applicable law, these cookies are used only with your consent.

4.4 Targeting/Advertising Cookies

Targeting cookies and other similar technologies track users across websites or services to deliver content or communications that may be relevant to your interests. These cookies may also be used to measure the effectiveness of marketing campaigns or analyze user engagement with our content. Targeting cookies are often set by third-party partners and may be used to build profiles of interests based on your interactions with our Site and other services. The information collected may include identifiers such as device or browser information, IP addresses, or other technical data. Where required by applicable law, these cookies are used only with your consent.

4.5 Use Of Web Beacons and Other Similar Tracking Technologies

Our Site, applications, and electronic communications may incorporate web beacons, GIFs, pixel tags, unique identifiers, and similar technologies that enable the placement of cookies, understand how our Site is used, and evaluate the effectiveness of our communications and Site operations. Where required by applicable law, these technologies are used only with your consent.

We may also use technologies from third-party data security providers to maintain online security and protect our websites and other services against fraud and abuse.
5. Cookies and Other Similar Technologies Used on Our Site

5.1 Cookies and Similar Technologies Used on Our Corporate Website

Cookie Name

Issuer

Purpose

Category

When do cookies expire

bSession

indocsystems.com

Used for system effectiveness measurement.

Strictly necessary

30 Minutes

consent-policy

indocsystems.com

Stores the user’s cookie consent preferences.

Strictly necessary

1 Year

hs

indocsystems.com

Used for security reasons.

Strictly necessary

Session

server-session-bind

indocsystems.com

API protection.

Strictly necessary

Session

ssr-caching

indocsystems.com

Indicates how a site was rendered.

Strictly necessary

12 Seconds

svSession

indocsystems.com

Identifies unique visitors and tracks a visitor’s sessions on a site.

Strictly necessary

400 Days

XSRF-TOKEN

indocsystems.com

This cookie is written to help with site security in preventing Cross-Site Request Forgery attacks.

Strictly necessary

Session

tildasid

tilda.cc

Used for visitor session identification and Tilda’s built-in website statistics.

Strictly necessary / Analytics

Session

tildauid

tilda.cc

Used to identify website visitors for Tilda’s built-in website statistics.

Strictly necessary / Analytics

Persistent

TILDAUTM

tilda.cc

Used to store UTM campaign parameters when a visitor comes to the website through a tagged link.

Strictly necessary / Analytics

Persistent

tdc_geo_info

tilda.cc

Used to determine the visitor’s region and display relevant regional website content, where applicable.

Strictly necessary / Functional

Persistent

ipp_uid

tilda.cc

Used for website security and protection against suspicious activity or DDoS attacks.

Strictly necessary

Persistent

rerf

tilda.cc

Used for website security and protection against suspicious activity or DDoS attacks.

Strictly necessary

Persistent


5.2 Cookies and Similar Technologies Used on The Pilot Web Application

Cookie Name

Issuer

Purpose

Category

When do cookies expire

AUTH

Pilot Portal

Used to authenticate users, manage user sessions, and maintain security of user data during a session. It is essential for the secure operation of the website and the user's privacy.

Strictly necessary

Session

sessionID

Pilot Portal

Identifies the current user to the backend API, ensuring the integrity of file and system actions such as file uploading.

Strictly necessary

Session

closedNotifications

Pilot Portal

Stores global maintenance banner view history to prevent users from receiving notifications repeatedly.

Strictly necessary

Session

AUTH_SESSION_ID

Pilot/Keycloak

Used to manage the state of a user's interaction with the Keycloak authentication flow.

Strictly necessary

Session

INGRESSCOOKIE

Pilot/Ingress

Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience.

Strictly necessary

Session

KEYCLOAK_IDENTITY

Pilot/Keycloak

Contains a JSON Web Token (JWT) with identity-related information, including user IDs. It lives with the browser session and is used to remember the user across different applications integrated with Keycloak.

Strictly necessary

Session

KC_AUTH_SESSION_HASH

Pilot/Keycloak

A cryptographically strong hash used to uniquely identify and verify a user's authentication session.

Strictly necessary

1 Min

KC_RESTART

Pilot/Keycloak

Supports re-creation of authentication flow when browser root session is expired.

Strictly necessary

Session

KEYCLOAK_SESSION

Pilot/Keycloak

Stores the state and ID of the user's Keycloak session.

Strictly necessary

10 Hr

LastAnnouncement

Pilot Portal

Local storage that records the project announcement view history to ensure users only see notifications when a new announcement is received.

Strictly necessary

Persistent

bellNotificationOpenTime

Pilot Portal

Local storage that stores global bell notification view history in device to prevent users from receiving reminders unless a new notification has been sent.

Strictly necessary

Persistent

loglevel

Pilot Portal

Local storage used for system monitoring/debugging.

Strictly necessary

Persistent

persist:fileExplorer

Pilot Portal

Local storage used in the file explorer to maintain opened tabs and lock file items to avoid conflicting behavior.

Strictly necessary

Persistent

persist:root

Pilot Portal

Local storage used by redux persist to store the root-level state of a Redux store in web browser storage.

Strictly necessary

Persistent

portal-uploadList

Pilot Portal

Local storage that records the list of files being processed to prevent users from logging out during file uploads.

Strictly necessary

Persistent

requestToCoreTimeRecord

Pilot Portal

Local storage that records the latest copy to core request, to notify users only when a new copy to core request has been received.

Strictly necessary

Persistent

version

Pilot Portal

Local storage that records current version of pilot for release note functionality.

Strictly necessary

Persistent

cookies_notified

Pilot Portal

Local storage that used to check if the user has agreed to cookies policy.

Strictly necessary

Persistent

mySpaceLayout:*

Pilot Portal

Local storage that stores user’s preference for dashboard page layout.

Strictly necessary

Persistent

securityReminder

Pilot Portal

Local storage that records whether the user has seen the security reminder for third-party tools.

Strictly necessary

Persistent

kc-callback-*

Pilot Portal/ Keycloak

Local storage used to handle authentication callbacks (specifically for OAuth2/OpenID Connect) within the browser.

Strictly necessary

Persistent

pathIdMap

Pilot Portal

Session storage that caches folder path and ID mappings to reduce file explorer computation.

Strictly necessary

Session

datasets_published

Pilot Portal

Session storage that caches published dataset records to prevent multiple notifications for the same publish event.

Strictly necessary

Session

dataset_file_ops

Pilot Portal

Session storage that caches dataset operation records (delete, import) to prevent multiple notifications for the same event.

Strictly necessary

Session

jupyterhub-session-id

JupyterHub

Authentication cookie used to maintain the user session in JupyterHub.

Strictly necessary

Session

jupyterhub-user-{username}

JupyterHub

Stores the logged-in username for JupyterHub UI and routing.

Strictly necessary

30 Days

_xsrf

JupyterHub

Security cookie used by JupyterHub to prevent cross-site forgery request (CSRF) attacks.

Strictly necessary

Session

INGRESSCOOKIE

Pilot/ Ingress

Used by the server to keep a session connected to the same Superset instance for a smooth experience.

Strictly necessary

Session

session

Superset

Cookie that keeps the user signed into Superset by maintaining their active session.

Strictly necessary

Session

@jupyterlab/services:UserManager#user

JupyterLab

Local storage that stores the logged-in user info (username, admin flag) to maintain session state in the browser.

Strictly necessary

Persistent

@jupyterlab/statedb:StateDB:beacon

JupyterLab

Local storage that stores the frontend heartbeat timestamp to maintain session state.

Strictly necessary

Persistent

@jupyterlab/statedb:StateDB:window

JupyterLab

Local storage that stores the JupyterLab window layout and UI state to restore the workspace.

Strictly necessary

Persistent

tab_id

Apache Superset

Session storage used to distinguish application tabs.

Strictly necessary

Session

dashboard_*

Apache Superset

Local storage that stores dashboard layout or edit-mode UI state.

Strictly necessary

Persistent

last_tab_id

Apache Superset

Local storage used to manage multi-tab application behavior.

Strictly necessary

Session

redux

Apache Superset

Local storage used to persist application user interface state.

Strictly necessary

Persistent

is_datapanel_open

Apache Superset

Local storage used to remember user interface panel visibility preferences.

Strictly necessary

Persistent

chart_split_sizes

Apache Superset

Local storage to stores panel size preferences in chart / Explore views.

Strictly necessary

Persistent

homepage_collapse_state

Apache Superset

Local storage to remember the collapsed/expanded sections on the homepage.

Strictly necessary

Persistent

GUAC_AUTH

Apache Guacamole

Local storage that keeps you logged into Guacamole so you don’t have to sign in repeatedly.

Strictly necessary

Session

GUAC_HISTORY

Apache Guacamole

Local storage that remembers your recently used Guacamole connections so you can access them quickly.

Strictly necessary

Persistent

GUAC_PREFERENCES

Apache Guacamole

Local storage that remembers your Guacamole interface settings so your workspace looks the way you like.

Strictly necessary

Persistent


6. How To Manage Your Cookie Settings

If optional cookies are used, our websites will provide a tool that allows you to view or manage your cookie settings. You also may be able to block or delete cookies at any time through your browser’s settings, including refusing certain cookies through the cookie banner or adjusting your browser controls to prevent them from being set.

Certain content and features in our services depend on cookies to function. For example, authentication cookies are used to identify and recognize registered users and to enable them to gain access to requested content or features. If you choose to block cookies, you cannot sign in or access certain content or features. If you choose to delete cookies, any settings and preferences dependent on those cookies will be lost.

You can also visit the below link for an overview of how to block or delete cookies on the most common browsers: https://www.allaboutcookies.org.

7. How to Contact Us

For any further queries or information related to this cookies policy, please contact us with the subject line “Cookies Policy” at:

Privacy Officer, Indoc Systems, 1 Richmond Street West, Suite 401, Toronto, ON M5H 3W4, Canada, or by email: privacy@indocsystems.com.

If you have questions about our website or our products and services, please contact info@indocsystems.com.