ISO 27001:2022 Annex A 6.6 Confidentiality or non-disclosure agreements

In this guide, I will show you exactly how to implement ISO 27001 Annex A 6.6 and ensure you pass your audit. You will get a complete walkthrough of the control, practical implementation examples, and access to the ISO 27001 templates and toolkit that make compliance easy.

I am Stuart Barker, an ISO 27001 Lead Auditor with over 30 years of experience conducting hundreds of audits. I will cut through the jargon to show you exactly what changed in the 2022 update and provide you with plain-English advice to get you certified.

Key Takeaways: ISO 27001 Annex A 6.6 Confidentiality or Non-Disclosure Agreements

ISO 27001 Annex A 6.6 requires organizations to identify, document, and regularly review confidentiality or non-disclosure agreements (NDAs) that reflect the organization’s needs for protecting information. This control ensures that everyone with access to sensitive data, including employees, contractors, and third-party vendors, is legally and formally bound to keep that information secret. The goal is to establish a clear, enforceable framework for data protection throughout the entire lifecycle of a relationship.

Core requirements for compliance include:

100% Coverage: NDAs or confidentiality clauses must be in place for all relevant parties. This includes standard employment contracts for staff and specific legal agreements for external partners or suppliers.
Risk-Based Terms: Agreements should not be generic. They must be tailored based on the classification of the data being shared, the purpose of the disclosure, and the specific legal or regulatory environment (e.g., GDPR for EU-based data).
Clear Definitions: Every agreement must explicitly define what constitutes “Confidential Information,” what the “Permitted Use” is, and the “Duration” of the obligation (which often extends beyond the end of the contract).
Right to Audit: For third-party agreements, it is best practice to include a “Right to Audit” clause, allowing you to verify that the recipient is actually protecting your data as promised.
Regular Reviews: NDAs are not “set-and-forget.” You must review them periodically to ensure they remain legally enforceable and aligned with current business risks or changes in law.

Audit Focus: Auditors will look for “The Signature Trail”:

Existence & Validity: “Show me the signed NDA for your top three critical suppliers. Is the agreement still in force, or has it expired?”
Onboarding Integration: “Show me how you ensure a new employee has signed their confidentiality clause before they are given access to the customer database.”
Legal Soundness: Auditors will check if your agreements were drafted based on professional legal advice to ensure they are actually enforceable in a court of law.

NDA Requirements Table (Audit Prep):

Mandatory Clause	Operational Purpose	ISO 27001:2022 Mapping
Definition of Info	Clearly states what data is protected to prevent legal ambiguity.	5.12 (Classification of Information)
Duration	Defines the temporal scope of protection (Survival Clauses).	5.31 (Legal and Regulatory Requirements)
Permitted Use	Restricts processing activities to authorised business intents.	5.15 (Access Control)
Return/Destruction	Ensures the secure disposal of assets upon contract termination.	8.10 (Information Deletion)
Breach Notification	Mandates immediate reporting of suspected data exfiltration.	6.8 (Information Security Event Reporting)

What are Confidentiality Or Non-Disclosure Agreements?
Benefits of implementing Confidentiality Or Non-Disclosure Agreements
Watch the ISO 27001 Annex A 6.6 Tutorial
ISO 27001 Annex A 6.6 Explainer Video
ISO 27001 Annex A 6.6 Podcast
ISO 27001 Annex A 6.6 Implementation Guidance
How to implement ISO 27001 Annex A 6.6
NDA Requirements Table
How to pass the ISO 27001 Annex A 6.6 audit
What the auditor will check
Top 3 ISO 27001 Annex A 6.6 mistakes and how to avoid them
Applicability of ISO 27001 Annex A 6.6 across different business models.
Fast Track ISO 27001 Annex A 6.6 Compliance with the ISO 27001 Toolkit
ISO 27001 Annex A 6.6 FAQ
Related ISO 27001 Controls
External Links
ISO 27001 Annex A 6.6 Attributes Table

What are Confidentiality Or Non-Disclosure Agreements?

A Confidentiality or Non-Disclosure Agreement (NDA) is a legal contract that prohibits a person or entity from disclosing confidential information to others. This type of agreement is often used in business, employment, and other situations where sensitive or confidential information needs to be shared. In ISO 27001 this is known as ISO27001:2022 Annex A 6.6 Confidentiality Or Non-Disclosure Agreements. It is one of the 93 ISO 27001 Annex A controls.

The requirement is that confidentiality or non-disclosure agreements reflecting the organisation’s needs for the protection of information should be identified, documented, regularly reviewed and signed by personnel and other relevant interested parties.

ISO 27001 Annex A 6.6 Confidentiality or Non-Disclosure Agreements is an ISO 27001 Annex A control that wants you to ensure that you have non disclosure agreements or confidentiality in contracts. It wants this to be documented, signed, communicated and enforced. Which usually means having a relevant clause in your contracts.

Benefits of implementing Confidentiality Or Non-Disclosure Agreements

The main benefit is that is allows you to protect confidential information, bound by a legally enforceable framework. The benefits of implementing confidentiality and non disclosure agreements include:

Reducing the risk of data breaches by ensuring and effective legal framework is in place
Reduced cost of incidents by catching and managing events early and assigned responsibility and accountability
Mitigating legal liability by having an agreed and enforceable legal framework in place
You cannot get ISO 27001 certification without it
Protection of confidential information
Building trust with employees and third parties
Reputation Protection
Intellectual Property Protection
Mitigating legal liability

Watch the ISO 27001 Annex A 6.6 Tutorial

In the video ISO 27001 Confidentiality or Non Disclosure Agreements Explained – ISO27001:2022 Annex A 6.6 I show you how to implement it and how to pass the audit.

ISO 27001 Annex A 6.6 Explainer Video

In this beginner’s guide to ISO 27001 Annex A 6.6 Confidentiality Or Non-Disclosure Agreements, ISO 27001 Lead Auditor Stuart Barker and his team talk you through what it is, how to implement in and how to pass the audit. Free ISO 27001 training.

ISO 27001 Annex A 6.6 Podcast

In this episode: Lead Auditor Stuart Barker and team do a deep dive into the ISO 27001 Annex A 6.6 Confidentiality Or Non-Disclosure Agreements. The podcast explores what it is, why it is important and the path to compliance.

ISO 27001 Annex A 6.6 Implementation Guidance

You are going to have to ensure that:

you have engaged a legal professional
your contracts include confidentiality of information using terms that are legally enforceable
information that requires protecting has been identified
information has been classified
Non-disclosure agreements or contracts are signed and in place where required

How to determine what terms you need to include

First, the advice is to consult a legal professional. For general guidance when deciding terms consider:

What information will be accessed
What classification is the information
What will the information be used for

How to identify the requirements you need to include

When deciding on the requirements to include in the non disclosure agreement or confidentiality clause:

A definition of what confidential information is
How long the agreement will last for
What will happen when the agreement ends
What are the responsibilities of all signing the agreement
Who owns what information, intellectual property, trade secrets
What is the permitted use of confidential information
A right to audit
How to inform each other of a breach
What to do if people don’t stick to the agreements
What laws apply

The key steps in drafting a confidentiality or non-disclosure agreement

The steps involved in drafting a confidentiality agreement include:

Identifying the information that needs to be protected
Determining the scope of the agreement
Defining the terms of the agreement
Reviewing and negotiating the agreement
Obtaining signatures on the agreement

Key terms that should be included in a confidentiality or non-disclosure agreement

The key terms that should be included in a confidentiality agreement include:

The definition of confidential information
The scope of the agreement
The obligations of the parties
The duration of the agreement
The remedies for breach of the agreement

Challenges of using confidentiality or non-disclosure agreements

The challenges of using confidentiality agreements include:

Ensuring that the agreements are properly drafted and implemented
Obtaining signatures on the agreements
Enforcing the agreements

Legal implications of confidentiality or non-disclosure agreements

Confidentiality agreements are legal documents, and they should be drafted and implemented in accordance with applicable law. It is best to engage with a legal professional. In some jurisdictions, confidentiality agreements may be unenforceable if they are not drafted in a certain way or if they do not include certain terms.

Who is responsible for drafting and implementing confidentiality or non-disclosure agreements?

The organisation is responsible for drafting and implementing confidentiality agreements. The organisations legal department is typically responsible for drafting the agreements, and the organisation’s human resources department is typically responsible for implementing them. Seek legal advice whether that is internal or external resource.

How to implement ISO 27001 Annex A 6.6

Implementing ISO 27001 Annex A 6.6 requires a systematic approach to identifying and legally protecting sensitive information assets. By following these steps, organisations can ensure that all internal and external parties are bound by enforceable confidentiality requirements that mitigate the risk of unauthorised data disclosure and maintain compliance with the Information Security Management System (ISMS).

1. Categorise Sensitive Information Assets

Identify the specific data sets and intellectual property that require legal protection to determine the appropriate depth of confidentiality agreements.

Review the Information Asset Register to classify data according to sensitivity levels.
Identify high-risk areas such as trade secrets, personally identifiable information (PII), and proprietary software source code.
Map data access requirements to specific IAM roles to ensure confidentiality agreements cover the correct personnel.

2. Formalise Standard Confidentiality and NDA Templates

Develop legally reviewed templates that cover the essential security requirements mandated by the ISO 27001 standard.

Define the specific scope of “Confidential Information” to avoid legal ambiguity during enforcement.
Include mandatory clauses regarding the permitted use of data and the return or destruction of information upon contract termination.
Specify the duration of confidentiality obligations, ensuring they survive the termination of the business relationship.
Incorporate requirements for reporting suspected or actual breaches of confidentiality.

3. Provision Agreements for Internal and External Parties

Execute the signing of agreements across all relevant stakeholders before granting access to the organisation’s information systems.

Embed confidentiality clauses within formal employment contracts for all internal staff.
Provision standalone Non-Disclosure Agreements (NDAs) for third-party contractors, freelance consultants, and vendors.
Utilise digital signature platforms to maintain a timestamped and tamper-proof record of all signed agreements.
Cross-reference signed NDAs with the Physical Access Control System (PACS) to ensure no visitor enters secure zones without a valid agreement.

4. Execute Regular Compliance Reviews

Establish a periodic review cycle to ensure that existing confidentiality requirements remain aligned with changing business needs and legal landscapes.

Review existing agreements at least annually or when significant changes occur in the business relationship.
Update templates to reflect new regulatory requirements such as GDPR or sector-specific data protection laws.
Verify that agreements are still legally enforceable in the jurisdictions where the organisation or its partners operate.
Maintain a centralised tracking log of agreement versions and review dates for auditor inspection.

5. Formalise Exit and Termination Procedures

Ensure that departing personnel and entities are reminded of their ongoing legal obligations regarding the organisation’s protected data.

Incorporate a formal confidentiality reminder into the standard staff exit interview process.
Obtain a signed declaration confirming the return of all organisational assets and the destruction of any local copies of sensitive data.
Revoke logical access to all systems and physical access to secure areas immediately upon the end of the contract.
Record the completion of these exit requirements in the Register of Entrants (ROE) or HR records.

NDA Requirements Table

Clause	Purpose	ISO Requirement?
Definition of Confidential Info	Clearly states what data is protected.	Yes
Duration	How long the secret must be kept (e.g., “Indefinite”).	Yes
Permitted Use	What the receiver can actually do with the data.	Yes
Return/Destruction	Obligation to delete data when the contract ends.	Critical (Links to A.8.10)
Breach Penalties	Consequences of leaking data.	Recommended

How to pass the ISO 27001 Annex A 6.6 audit

To comply with ISO 27001 Annex A 6.6 and pass the audit you are going to implement the ‘how’ to the ‘what’ the control is expecting. You are going to:

Get legal help to draft your confidentiality and non disclosure agreements
Ensure that you can evidence they have been reviewed
Produced documents and agreements for relevant third parties
Demonstrate that they are signed, dated, in date and legally enforceable

What the auditor will check

The audit is going to check a number of areas for compliance with ISO 27001 Annex A 6.6. Lets go through them

1. That your confidentiality and non disclosure agreements are based on legal advice

It is easy to download templates or to reuse documents that you already have to cut corners but the auditor will look for evidence that your legal documents are based on legal advice. This may include evidence of engagement, purchase or meetings with legal professionals.

2. That your legal documents are legally binding

The documents that you have will be checked to ensure that they are signed, dated, in date and relevant to the particular engagement with the third party.

3. That people are aware of their responsibilities

The audit is going to check for documented processes and that these have been communicated and people have been trained on what is required of them.

Top 3 ISO 27001 Annex A 6.6 mistakes and how to avoid them

In my experience, the top 3 mistakes people make for ISO 27001 Annex A 6.6 Confidentiality Or Non-Disclosure Agreements

1. Your legal documents have expired

This is the number one mistake that we see is that legal documents are not checked, they are assumed to be in place but in reality they have expired. Ensure that there is a regular review and that agreements are refreshed as and when needed.

2. Your documents are unenforceable

It is a mistake to cut corners and use non-reputable documents from the internet and assuming that they can be enforced. Ensure all documents and templates are sourced from reputable legal professionals and that they review the contracts and documents that you put in place before and after signing.

3. Your document and version control is wrong

Keeping your document version control up to date, making sure that version numbers match where used, having a review evidenced in the last 12 months, having documents that have no comments in are all good practices.

Applicability of ISO 27001 Annex A 6.6 across different business models.

Business Type	Applicability	Examples of Control Implementation
Small Businesses	Highly applicable for ensuring that the few staff, freelancers, or local IT contractors you work with are legally bound to protect your sensitive client data. The focus is on 100% coverage and clear, enforceable clauses within standard contracts.	Including a standardized “Confidentiality Clause” in all employment offers and contractor agreements. Requiring a signed mutual NDA before sharing financial records with a potential accountant or business consultant. Ensuring that confidentiality obligations are explicitly stated to remain in effect after the relationship ends (post-termination).
Tech Startups	Critical during M&A activity, fundraising, or when partnering with larger enterprises. Compliance involves managing a high volume of NDAs and ensuring they protect proprietary source code and growth strategy.	Using an e-signature platform (e.g., DocuSign) to maintain a searchable digital register of all signed NDAs with potential investors. Setting a policy that no technical documentation or API keys are shared with third-party integrators until a signed NDA is logged. Implementing a “Pre-Sales NDA” workflow that automatically triggers for any prospective client requesting a detailed security whitepaper.
AI Companies	Vital for protecting unique training datasets, proprietary algorithms, and model weights. Focus is on specialized agreements that define the “Permitted Use” of data shared for research or testing.	Drafting specific “Data Processing NDAs” that prohibit third-party researchers from using shared datasets to train their own competing models. Mandating signed confidentiality agreements for every member of an “Adversarial Testing” team or Red Team before they begin model probing. Explicitly defining “Confidential Information” in NDAs to include weights, biases, and intermediate checkpoints of proprietary neural networks.

Fast Track ISO 27001 Annex A 6.6 Compliance with the ISO 27001 Toolkit

For ISO 27001 Annex A 6.6 (Confidentiality or non-disclosure agreements), the requirement is to ensure that confidentiality or non-disclosure requirements are identified, reviewed, and documented. This applies to employees, contractors, and third-party partners.

Compliance Factor	SaaS Compliance Platforms	High Table ISO 27001 Toolkit	Audit Evidence Example
Legal Ownership	Rents access to your records; if you cancel the subscription, your documented agreement history and standards vanish.	Permanent Assets: Fully editable Word/Excel NDA templates and policies that you own forever.	A localized “Confidentiality Policy” and a master directory of signed NDAs on your secure internal server.
Operational Simplicity	Mandates proprietary trackers that often duplicate the functionality of e-signature tools like DocuSign or HelloSign.	Governance-First: Formalizes your existing signing workflows into an auditor-ready legal framework.	An annual contract review log proving that all active confidentiality requirements have been verified.
Cost Efficiency	Charges a “Contract Volume Tax” based on the number of vendors or signed agreements tracked.	One-Off Fee: A single payment covers your legal governance for 5 agreements or 5,000.	Allocating budget to professional legal counsel or business growth rather than monthly “dashboard” fees.
Legal Strategy Freedom	Forces users into rigid review workflows that may not align with specialized legal or HR requirements.	100% Agnostic: Procedures adapt to your specific language, review cycles, and jurisdictional needs.	The ability to evolve your legal templates and review processes without reconfiguring a rigid SaaS module.

Own Your ISMS, Don’t Rent It

Do it Yourself ISO 27001 with the Ultimate ISO 27001 Toolkit

Get the Ultimate ISO 27001 Toolkit

Summary: For Annex A 6.6, the auditor wants to see that you have a formal process for identifying confidentiality requirements and proof that agreements are in place (e.g., signed NDAs and employee contracts). The High Table ISO 27001 Toolkit provides the governance framework to satisfy this requirement immediately. It is the most direct, cost-effective way to achieve compliance using permanent documentation that you own and control.

ISO 27001 Annex A 6.6 FAQ

What is ISO 27001 Annex A 6.6?

ISO 27001 Annex A 6.6 (formerly A.13.2.4) is an information security control that requires organisations to identify, document, and regularly review confidentiality or non-disclosure requirements.

It ensures that sensitive information is legally protected from unauthorised disclosure.
It applies to all internal staff, third-party contractors, and external partners.
It supports the “Confidentiality” pillar of the CIA triad (Confidentiality, Integrity, and Availability).
It requires agreements to be legally enforceable and updated based on business changes.

Is an NDA mandatory for ISO 27001 compliance?

Yes, implementing confidentiality or non-disclosure agreements is a mandatory control under the ISO 27001:2022 standard.

Auditors expect to see signed agreements for everyone with access to sensitive data.
Lack of formal confidentiality requirements is often flagged as a non-conformity.
NDAs must be in place before any access to protected information is granted.

Who is required to sign an NDA under ISO 27001?

Any internal or external party that processes or has access to your organisation’s non-public information must be bound by confidentiality requirements.

Permanent and temporary employees.
Sub-contractors and freelance consultants.
Third-party service providers and vendors (e.g., Cloud hosts, IT support).
Potential investors or partners during due diligence.

How often should confidentiality agreements be reviewed?

ISO 27001 mandates that confidentiality requirements should be reviewed at regular intervals or whenever significant changes occur in the business relationship.

Annual reviews are considered industry best practice.
Agreements should be revisited if a staff member changes roles to a more sensitive position.
Reviews must occur if a third-party contract is renewed or modified.
Legal updates (such as GDPR or sector-specific laws) may trigger a mandatory review.

What should be included in an ISO 27001 compliant NDA?

An ISO 27001 compliant confidentiality agreement must clearly define the scope of protected information and the legal consequences of a breach.

Definition of what constitutes “Confidential Information.”
Duration of the agreement, including post-termination obligations.
Responsibilities for the return or destruction of information upon exit.
Authorised use cases and restrictions on copying or sharing data.

Does an employment contract satisfy Annex A 6.6?

Yes, confidentiality clauses embedded within a formal employment contract are generally sufficient to satisfy ISO 27001 requirements for internal staff.

The clause must be legally binding in the relevant jurisdiction.
It must explicitly state that obligations continue after the employee leaves the organisation.
Staff must be made aware of these specific clauses during their security induction.

What are the requirements for post-termination confidentiality?

Confidentiality obligations must remain in force after an individual or entity leaves the organisation to ensure ongoing data protection.

Exit interviews should be used to remind departing staff of their ongoing legal duties.
Agreements should specify a “survival period” (e.g., 2 to 5 years, or indefinitely for trade secrets).
Evidence of the return of all organisational assets must be documented alongside the NDA exit review.

ISO 27001 Annex A 5.31 Identification of legal, statutory, regulatory and contractual requirements

ISO 27001 Annex A 5.32 Intellectual property rights

ISO 27001 Annex A 5.33 Protection of records

ISO 27001 Annex A 5.34 Privacy and protection of PII

ISO 27001 Annex A 5.36 Compliance with policies and standards for information security

ISO 27001 Annex A 5.22 Monitor, Review And Change Management Of Supplier Services

ISO 27001 Annex A 6.2 Terms and Conditions of Employment

ISO 27001 Annex A 5.20 Addressing Information Security Within Supplier Agreements

External Links

Non-disclosure agreements (UK GOV Guidance)

An Example of a One-way Non-Disclosure Agreement (UK GOV)

ISO 27001 Annex A 6.6 Attributes Table

Control type	Information security properties	Cybersecurity concepts	Operational capabilities	Security domains
Preventive	Availability Confidentiality Integrity	Protect	Human resource security Information protection Supplier relationships	Governance and ecosystem

Confidentiality, Governance and Ecosystem, Human Resource Security, Information Protection, Preventive, Protect, Supplier Relationships Security

Stuart Barker

Stuart Barker is a veteran practitioner with over 30 years of experience in systems security and risk management. Holding an MSc in Software and Systems Security, he combines academic rigor with extensive operational experience, including a decade leading Data Governance for General Electric (GE).

As a qualified ISO 27001 Lead Auditor, Stuart possesses distinct insight into the specific evidence standards required by certification bodies. His toolkits represent an auditor-verified methodology designed to minimise operational friction while guaranteeing compliance.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
wp_woocommerce_session_*	2 days	WooCommerce sets this cookie to make a unique code for each customer so that it knows where to find the cart data in the database for each one.
yith_wcmcs_currency	7 days	Required for currency conversion.
__stripe_mid	1 year	Stripe sets this cookie to process payments.
__stripe_sid	1 hour	Stripe sets this cookie to process payments.

Cookie	Duration	Description
yt-player-headers-readable	never	The yt-player-headers-readable cookie is used by YouTube to store user preferences related to video playback and interface, enhancing the user's viewing experience.
yt-remote-cast-available	session	The yt-remote-cast-available cookie is used to store the user's preferences regarding whether casting is available on their YouTube video player.
yt-remote-cast-installed	session	The yt-remote-cast-installed cookie is used to store the user's video player preferences using embedded YouTube video.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-fast-check-period	session	The yt-remote-fast-check-period cookie is used by YouTube to store the user's video player preferences for embedded YouTube videos.
yt-remote-session-app	session	The yt-remote-session-app cookie is used by YouTube to store user preferences and information about the interface of the embedded YouTube video player.
yt-remote-session-name	session	The yt-remote-session-name cookie is used by YouTube to store the user's video player preferences using embedded YouTube video.
ytidb::LAST_RESULT_ENTRY_KEY	never	The cookie ytidb::LAST_RESULT_ENTRY_KEY is used by YouTube to store the last search result entry that was clicked by the user. This information is used to improve the user experience by providing more relevant search results in the future.

Cookie	Duration	Description
sbjs_current	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_current_add	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_first	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_first_add	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_migrations	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_session	1 hour	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_udata	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.

Cookie	Duration	Description
PREF	8 months	PREF cookie is set by Youtube to store user preferences like language, format of search results and other customizations for YouTube Videos embedded in different sites.
VISITOR_INFO1_LIVE	6 months	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
VISITOR_PRIVACY_METADATA	6 months	YouTube sets this cookie to store the user's cookie consent state for the current domain.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
m	1 year 1 month 4 days	No description available.
_monsterinsights_uj	1 year	Description is currently not available.

Table of contents