Heap’s tracking code uses first-party cookies set by your domain, and does not rely on third-party cookies for tracking. For this reason, Heap will continue to collect first-party cookies even if third-party cookies are blocked.
What about cross-site tracking?
As long as the top-level domain is the same (ex. app.example.com and example.com), any cookie set on either domain will be first-party with respect to the other domain. The exception is if any of the pages are hosted in iframes. For more information, see Installing Heap in an iFrame.
For information on what cookies Heap sets, see What cookies does Heap set and what are they used for?