What is a cookie?
A cookie is a small, often encrypted file that is stored on a computer or browser directory or in program data files. They don’t usually contain much information except for:
- the URL (the unique address for a file that is accessible on the Internet)
- the lifetime of the cookie and;
- a value (usually a random generated, unique number).
What do cookies do?
The website that sent the cookie uses the unique number to recognise you when you return to a site. Only the server that sent the cookie can read and use that cookie. This enables them to help you resume where you left off, to remember your login, preferences etc. As a cookie only stores minimal information it cannot be used to reveal your personal or identifying information. However marketing information is valuable and cookies can in some cases be used to create a profile of your surfing habits.
Types of cookies:
Session Cookies: Are temporary and sit in the browser’s subfolder whilst it is visiting a website, for the purpose of remembering, for example, what the user has put in their shopping basket. Once the site has been left the cookie is deleted.
Persistent Cookies: Remain in the browser’s subfolder in between browsing sessions and for much longer (this will depend on the lifetime of the specific cookie). They allow preferences or actions of the user of the site and in some cases across other websites to be remembered.
First and Third Party Cookies: First party cookies are set by the website visited by the user. Third party cookies are set by a domain other than the one being visited, for example if a user visits a website and a separate company sets a cookie through that website, this would be a third party cookie.
The Privacy and Electronic Communications (EC Directive) Regulations 2011 requires that a person shall not store or gain access to information stored, in the terminal equipment of a subscriber or user unless: The subscriber or users of that terminal equipment
- Is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and
- Has given his or her consent
Obligations when setting cookies are:
- Advising that the cookies are there
- Explaining what the cookies are doing; and
- Obtaining consent to store a cookie on their device