What are cookies?

It’s often the very first thing your customers see when they visit your website.

Before your slogan, your offer, and even your branding: your cookie popup.

By accepting your cookies, your customers have granted you access into their world, and a chance for you to gain their trust. 

But do you actually know what your company is asking from them?

This picture is a quote from Havas Group. It reads : "47% less than half of brands are actually seen as trustworthy. Amidst this culture of chaos and uncertainty, we are sadly, globally aligned."

In a world where brand trust is at an all time low (Havas Media Group), good cookie consent management has the potential to make or break your business. That’s why companies need to learn about cookies and consent now.

As end-users on the other hand — it’s just as important to understand what we are sharing with companies: what do cookies track? Do we have to accept them? Which ones?

In this blog post, we’ll answer all of the burning questions you’ve been wanting to ask about cookies. 

Don’t worry, the type of cookies we’re talking about today won’t add to your waistline.

What are cookies

In a nutshell, a cookie is a piece of data with small pieces of text, sent by a website you visit to your browser. This data is then stored on your browser, allowing the website that you’ve just visited to retrieve this information at a later time.

How do cookies work?

Here’s a great analogy from cybersecurity company Kapersky to help you illustrate the process. Think of cookies like ‘getting a ticket for a coat check’: 

  • You give your coat to the coat check employee
    In this case, your data is your ‘coat’ and can include things like the pages you have visited, items in your shopping cart, and your account details
  • They give you in return a ticket to identify that the coat you gave them is yours
    The website gives you a cookie with a unique ID and it’s stored in your browser
  • If you leave and come back, you can get your coat with your unique ‘ticket’
    When you revisit the site your browser provides them with your unique cookie, allowing them to retrieve the information from your past visits

In reality, cookies are so much more than a ‘coat check ticket’, because they can tell websites a lot more about you than just your name and which coat you own.

What is the purpose of cookies?

First and foremost: personalization.

The reason why businesses like Netflix and Amazon are so successful is because they know you want something before you even tell them. They are able to predict your choices based on your past behaviors on their website, thanks to cookies.

“Every website you visit places cookies on your browser. The purpose of the cookie is to allow a website to recognize a browser. That’s why you can return to a site and be recognized, even if you don’t always log in. It’s why the stuff in your shopping cart is still there the next day, or that article remembers where you stopped reading. You don’t have to “introduce” yourself every time you visit a site,” (Wired)

Photo source: Makeuseof

Cookies aim to give you the ‘Netflix’ experience of web browsing. By using them, you allow the website to tailor your browsing experience based on your actions and preferences, such as:

  • Customizing advertisements for you
  • Tracking your website or internet activity
  • Streaming online shopping to your preferences

Basically, it's a way for a website to remember you, your preferences, and your behaviors.

Secondly, cookies also provide a number of functional and analytical data to help make your browsing experiences more efficient: 

  • They help track information about your visit (such as your login ID and passwords), which can make your future visits to the website easier
  • Recognizing the different devices you use
  • Remembering your preferences such as language

Imagine if everyday you went to work and you had to introduce yourself to every single person you met in detail? Cookies aim to help simplify your web browsing experience, but more importantly, make it more intuitive — that’s a smart cookie.

What are the different types of cookies?

Unfortunately none of the cookies we’re talking about here are chocolatey nor delicious. 

They do, however, help websites track different types of relevant and important information.

  • Session cookies: they only track during your session. They are not saved once you quit your browser.
  • Persistent cookies: these cookies are coded with an expiration date and they are stored on your hard drive until you or your browser deletes them. Their expiration date depends on the issuing website.
  • First party cookies: these are directly stored on to your device by the website you visit. They allow the website to collect functional and analytical data that help provide better user experience.
  • Third party cookies: are placed on your device by websites other than the one you are visiting directly (first party). They are stored on your device by advertisers, data partners, or visitor-tracking analytic tools.

Photo Source: Clearcode

  • Strictly necessary cookies: are essential for you to browse a website’s content and use its features.
  • Functionality/ preference cookies: allow a website to retrieve practical data such as user name + passwords, address, contact, and preferred payment method so you don’t need to enter it every time.
  • Statistics cookies: are also known as ‘performance cookies’, record your browsing behavior on a website such as the pages and links you clicked and visited. This information is anonymous and can’t be used to identify you.

Cookies and your information

By now you know that cookies can track all kinds of information about you. This includes your search queries, links you’ve clicked on, ads you’ve seen, as well as things like your location, language preference, device information, and so on. 

So how do you know which cookies you should accept? Let’s dive a little deeper.

Should I accept cookies? Which ones?

On most occasions, accepting cookies from websites won’t have a huge impact on you. As we mentioned, most of the data tracked is to help make your browsing experience smoother. 

But it’s important that websites ask you to consent. It’s kind of like when your coworker borrows your belongings: it’s not a big deal, but it would be nice if they told you about it beforehand.

“Many companies have you click “yes” so that they’re compliant with current privacy laws. This means that once you click, you’ve given the company permission to use your information as they see fit without the worry of legal backlash.” (Reader’s Digest)

There are exceptions when you shouldn’t accept:

  • If they’re from an untrustworthy site that is unencrypted or you’re browsing on public wifi.
  • If they’re third party cookies, because the website can sell your personal information to other sites with your consent.
  • If the information being shared is very sensitive or personal, such as your medical or banking information.

At the end of the day, it’s up to you and what information you are comfortable sharing. Trust your intuition and use your best judgement.

What happens if I don’t accept cookies?

If you ever feel like you want to decline the acceptance of cookies for whatever reason, most websites will still function the way they are meant to — but perhaps without the full user experience.

Can cookies steal passwords?

The short answer is no: 

“Cookies do not store passwords. Cookies help websites “remember” that you’re logged in, so you don’t have to enter your credentials every time you visit. The design of cookie storage makes persisting passwords inside them insecure.”(Data Overhaulers)

However, the exception again, is if you’re accepting cookies on a fake/ sketchy website.In this case, a cybercriminal can steal your personal information that is stored in the cookie: “the criminal can then put that cookie in their browser and impersonate you online.”(McAfee)

Why are cookies pop ups everywhere now?

Once upon a time, we were not bombarded by pesky ‘accept cookie’ popups, every time we visited a website. 

But since the European Union (EU) passed the General Data Protection Regulation (GDPR) in 2018, and the US followed with the CCPA (California Consumer Privacy Act) — many companies have suffered anxiety attacks and thus added cookie policies and processes to their websites. 

For the sake of not giving you a migraine (you’re welcome) — we’re just going to give you a brief overview of both laws today.

Cookies and the law

Both the GDPR and CCPA were introduced to give consumers more control over the information that is collected from them. And you should be compliant to them because gaining your customer’s trust is the single most important thing for your company.

But the other reason?

Cha-ching: money. 

“We love paying hefty fines for mistakes we could have easily prevented.” Said no company ever. 

And if you’re a global business who has customers in the EU and in California? Both laws will likely apply to you.

Cookies, the GDPR, and the CCPA

Here are two great infographics on the GDPR and the CCPA that sum up the key points nicely:

Photo Source 1: SEPA for Corporates

Photo Source 2: The National Law Review

The bottom line is, both laws can have very expensive consequences if your business fails to comply.

Getting started with consent management 

So by now you know that you need to take cookie consent management seriously — in order to gain the trust of your customers, but also so to be compliant. 

But where do you start? What do you need?

To implement an entire process can seem overwhelming, and this is where a consent management platform can help.

What are consent management platforms?

A consent management platform (CMP) is a tool or technology that obtains and manages user consent to process their personal information. This type of tool can automate the consent process, helping websites get permissions to use cookies and store cookies, but allowing the end user to modify their preferences as they wish.

In other words: CMPs can make your life a lot easier!

How Axeptio can help you start consent management on the right foot

We know that consent management isn’t the sexiest topic in the world. But it’s essential to both your customers and your business.

That’s why Axeptio was created: we wanted to make consent management friendly, sleek, and fun:

Our cookie widget is powerful and completely customizable, designed to work seamlessly with your own branding. You’ll finally be able to implement cookie popups that your customers actually want to see.

But don’t take our word for it, try it out for yourself risk-free

So there you have it, you’ve learned everything you needed to know to get started with cookies and consent management.

Piece of cake, right? Or perhaps — you’re more in the mood for a cookie?