What are Cookies?
In the context of computers, cookies are small files that contain information about browsing activity.
Whenever you visit a website, the website sends a cookie to the device you’re using to access the website. Your device automatically stores the cookie in a file that’s located within your web browser.
When you revisit a site, the website will respond in a more personalized way, remembering your preferences, providing faster page load times, and so forth.
How are Cookies used?
Cookies have many uses. Let’s take a look at some.
Cookies can also be used to display custom advertisements based on your previous search history and web browsing behavior. If you’ve been browsing the Internet searching for travel mugs, then you’ll probably see ads for travel mugs on sites that implement custom banner advertisements.
Some businesses run marketing campaigns that are designed so that first-time visitors on the website are shown certain information, while returning visitors are shown different information. Cookies can determine whether you’re a first-time visitor or a returning visitor so that the website can display the ads that are most relevant to you.
What is a Cookies Policy?
A Cookies Policy is used to inform your site’s visitors that you’re using cookies on your website, web app, or mobile app. It should include information about the types of cookies you’re using, how you’re using them, and how users can control the way cookies are managed on their devices.
Most Privacy Policies include a section on Cookies that explains all of this information.
However, if your business is based in the European Union (EU), the EU Cookies Directive requires you to have a separate Cookies Policy. You also must acquire informed consent from website users before placing cookies on their devices.
In the following sections we’ll take a closer look at the different clauses that websites include in their Cookies Policies. But before we do that, let’s quickly go over why it’s useful to post a Cookies Policy to your website, especially if your business is based in the EU.
Why is a Cookies policy useful?
However, if you are doing business that targets EU member states, then you are required to comply with the EU’s laws regarding cookies.
- Notified that you’re using cookies
- Given information about the type of cookies you’re using
- Informed of what options are available to them if they want to opt-out of having your websites cookies stored on their devices
From the context of the EU’s General Data Protection Regulation (GDPR), cookies that contain enough information to identify an individual are categorized under personal data. Cookies that are used for advertising, gathering analytics, and other functional services (such as chat tools) fall under the category of personal data.
It is important to understand the following:
- You must acquire consent before placing cookies on a user’s device. User consent must be given through affirmative action. This means that you must ask for consent through an opt-in checkbox or by allowing users to configure cookies preferences from the Settings section of your site. You cannot assume user consent.
Some companies based in the United States aren’t required by law to comply with the EU cookie law or post a separate Cookies Policy on their website. However, companies that do business with EU citizens are required by law to comply with the cookie law.
Elements of a Compliant Cookies Policy
To be compliant with privacy and cookies laws, your Cookies Policy or cookies clause should:
- Disclose what types of cookies you (or any third parties) are using.
- Let users know how they can opt out of having cookies placed on their devices.
Examples of Cookies Notices
You should provide a cookies notice to users as soon as they arrive at your website. This notice should include:
- Information about how cookies settings can be adjusted, and
At minimum, your Cookies Policy or cookies clause should address:
- What are cookies. This typically consists of a brief statement about what cookies are and that you use them on your website. The purpose is to inform and educate consumers about cookies.
Additionally, you should implement a checkbox, toggle or settings preferences method for collecting informed consent from users before placing cookies on their devices and present it in a cookies notification banner or pop-up.