WHAT IS A COOKIE?
A cookie is a small file, typically of letters and/ or numbers which
is placed/ downloaded on to a user’s device or browser when a user
visits a website. It can store and transmit information to the server of
websites (re)visited from that browser/ device.
WHY ARE THEY USED?
Cookies are widely used in order to make websites work, or work more
efficiently, as well as to provide information to the owners of the
website. Cookies do lots of different and useful jobs like letting a
user navigate between pages efficiently, remembering a user’s
preferences and generally improving a user’s browsing experience.
Cookies can also be used to customise areas of online content to be more
tailored to a user’s interests. When a user(re)visits a website that
uses the same cookies, those cookies and the browsing device, are
recognised.
A COOKIE AUDIT?
One of the two strict requirements under the Regs (see earlier
article) other than (1) requiring user consent, is that for each cookie
used, the website owner must(2) have “provided clear and comprehensive
information about the purposes of the storage of, or access to, that
information” to a user (the “Requirement/s”). This means ensuring that
you include accurate and clear information about each cookie in your
Privacy Policy or preferably, provide a separate Cookie Policy.
Complying with this Requirement is likely to require a so-called cookie
audit which might involve confirming:
1. which cookies are operating on or through your website(Name of Cookie);
2. the purpose(s) of each of these cookies(Specific Purpose);
3. what data each cookie holds(Typical Content);
4. whether it is a first or third party cookie(First party/ Third party);
5. the cookie category(Cookie Category);
6. the type of cookie i.e. session or persistent (Session/ Persistent);
7. the lifespan of any persistent cookies (Lifespan);
Together, these can be referred to as (“Cookie Identifiers”)
There are many ways to comply with this Requirement in practice. One
such way is to provide a table and insert in a number of columns
inserting two or more of the Cookie Identifiers listed above in bold.
TYPES OF COOKIES
Session Cookies allow a site to link the actions of a visitor during a
single browser session. They expire after a browser session and are
considered “less privacy intrusive” than persistent cookies.
Persistent Cookies allow one or several sites to remember details
about the visitor and remain on the user’s device between sessions. They
may be used for a variety of purposes including remembering users’
preferences and choices when using a site or to target advertising.
First Party Cookies are set by the specific website visited by the user i.e. the website displayed in the URL window.
Third Party Cookies are issued by a different server to that of the
domain being visited. It could be used to trigger a banner advert of a
third party provider based on the visitor’s viewing habits.
COOKIE CATEGORIES
Based on the International Chamber of Commerce guide to cookie
categories ICC UK cookie guide – the type of cookie used can be put
into 1 of 4 categories:
1. Strictly Necessary Cookies are essential. They enable a user to
move around a website and use its features, such as accessing secure
areas. Without these, the requested services cannot be provided.
These
cookies don’t gather information about a user that could be used for
marketing or remembering where a user has been online.
2. Performance Cookies collect information about how a user uses a
website, for example which pages a user goes to most often. These
cookies are only used to improve how a website works and collect
anonymous information only.
3. Functionality & Profile Cookies allow a website to remember
choices that a user makes (e.g. a user’s name) and can tailor the
website to provide enhanced features and online marketing content. They
can remember log-in details and allow a user to watch videos. The
information these cookies collect may be anonymous and they cannot track
browser activity on other websites.
4. Targeting Cookies gather information about browsing habits. They
remember what websites a user has visited and share this information
with other organisations to enable them to conduct behavioural
advertising. Although they track visits to other websites, they don’t
usually know whoa user is.
Cookies in category 1 represent the limited exception to having to
comply with the Requirements and these cannot be restricted or blocked.
The cookies in categories 2, 3 and 4 can be restricted or blocked.
If you would like further cookie advice or if you require a Privacy Policy and/ or a Cookie Policy tailored to your website, please contact Hanne & Co on 020 7228 0017 or at info@hanne.co.uk and ask to be referred to one of our commercial team.
Further general information about cookies can be found at:
- http://www.allaboutcookies.org
- http://www.allaboutcookies.org
- Internet Advertising Bureau: Guide to online advertising and privacy
- International Chamber of Commerce United Kingdom: ICC UK cookie guide
- Directgov article: Internet Browser cookies – what they are and how to manage them
- ICO cookie guidance: Download the ICO guidance on Cookies
No comments:
Post a Comment