A cookie (also known as an "HTTP cookie," "browser cookie," or "web cookie") is a data file that is stored on your computer or device when you visit a website.
Cookies do several different jobs. One of the most basic jobs cookies do is to remember your activities on a website. For example:
- The contents of your shopping cart
- The text you have entered in a form
- Whether you're signed in to your account
Cookies can also be used for analytics. This is a way for a website operator to monitor how users interact with their site.
Cookies do some more complicated jobs, too, such as tracking you as you move around the internet. They can gather information about your habits and preferences, and this information can be used to deliver tailored advertising.
Websites warn users about cookies because it's the law to do so.
In certain countries, there are rules requiring website operators to inform users about how they use cookies. Almost every website displays a Privacy Policy and/or a Cookies Policy which explains how the website owner uses cookies.
And in some countries, there are also rules requiring website operators to ask permission before setting cookies on a users' device.
Due to these rules, many websites display a "cookie banner" or "cookie notice" when a user visits their site.
But why are cookies regulated by law in this way? The reason cookies are legally-regulated is because they can reveal information about you.
Cookies can reveal a lot about you, including your web browsing history, the information you've entered into forms, your web search history, and even your location.
Cookies are not designed to "identify"
you, as in your name or your "real-world" identity. They associate information with a unique ID: a random string of characters assigned to your web browser.
However, because of the volume of data you transfer over the internet, cookies can reveal some highly sensitive information. And the data sets stored by cookies could also quite easily reveal your "real-world" identity.
Whether or not cookies count as "personal information" depends on what job a cookie is doing, and which legal jurisdiction the user is based in.
One of the first regions to recognize cookies as personal information was the European Union (EU). The EU's tough privacy laws are what has led to the abundance of "cookie banners" across the internet over the
past few years.
The EU's definition of personal information (or "personal data") is found in an important law known as the General Data Protection Regulation (GDPR):
This definition includes
any information relating to a person, either directly or indirectly.
So, a cookie that reveals your activity on a website might not be sufficient to identify you on its own. But it still reveals something about you, and could indirectly contribute to your identification.
It's not just the EU that considers cookies to be a type of personal information. There are other laws with similar definitions of personal information being enacted all over the world, including in the United States (specifically, California), Canada, and India.
In the EU, website operators must ask for your consent (permission) before they set certain types of cookies. This is due to a law known as the ePrivacy Directive.
According to the ePrivacy Directive, websites have to ask consent before they set most types of cookies. There are two exceptions. Under the ePrivacy Directive, websites do not have to ask for users' consent
before setting cookies that are either:
- Used for "carrying out the transmission of a communication"
- "Strictly necessary" for providing an online service that you have requested
So, under EU law, websites might not have to ask you for consent to set cookies that do the following jobs:
- Storing your items in a shopping cart as you move around the site
- Verifying your identity on secure websites (such as internet banking)
- Ensuring the website runs smoothly via "load balancing"
So what cookies do require consent in the EU? Well, any cookie that is
not
used for carrying out the transmission of a communication, or that is
not strictly necessary
for providing an online service.
This includes cookies used for:
-
Analytics: Website operators use analytics to see how you navigate their website and to check how well it's working, fix bugs, and test their design. They can also use analytics to count how many people are
visiting their website, and where they are visiting from.
-
Advertising: Businesses can use cookies to see what you've been doing online, both on their website and on other websites. This allows them to deliver "personalized" or "targeted" advertising: ads that are
tailored to your preferences based on your online activity.
Take a look at this cookie banner from the Information Commissioner's Office (ICO):
The ICO website sets two types of cookies. It doesn't give you an option about setting the first type of cookies because these are necessary. When it comes to analytics cookies,
the website asks for your consent. This demonstrates the rule about cookies in the ePrivacy Directive.
Technically, cookies can represent a security threat. For example, if you transmit sensitive personal information over an unsecured Wi-Fi network, the information could be collected by a session cookie. This information could,
in theory, be targeted by hackers.
However, these situations are very rare. Most of the time, it's perfectly safe to agree to cookies.
Cookies aren't really a security threat, so why would anyone care about cookies? Why do we even get the option to refuse them?
The reason some people object to cookies is to do with
privacy rather than security. Tracking cookies allow businesses, such as Google and Facebook, to build up a "profile" about you by observing your online activities.
Given the vast amount of personal information you submit online every day, this act of profiling can give a reasonably accurate picture of who you are, where you live, and what things you might be likely to buy.
Cookies that are used to store the information you enter into websites could certainly represent a privacy risk. However, this data is almost always encrypted. This means the only people capable of reading
the information stored by these cookies are you and the intended recipient.
A greater privacy risk comes from third-party cookies. These cookies are set by companies that don't even own the website you're visiting. There could be several of these on any given website, all loading themselves
onto your device so they can track you around the web.
So, for example, if you visit a website about baking that contains an advertisement from Google Ads, Google's tracking cookies will note that you're interested in baking. Some days later, you might see an ad for rolling pins when
you visit a completely unrelated website.
Many people don't have a problem with this. But privacy advocates point out that the big tech companies are amassing huge quantities of data about us, often without our permission.
If you live in the European Union or the United Kingdom, you shouldn't actually need to opt out of cookies because websites should be asking you whether you consent to them (opt in). However, in reality,
many websites break the rules.
If you live in the United States, Australia, or many other countries outside of the European Union, there's actually no legal obligation on most companies to let you opt out of cookies.
In the US, where privacy law is very weak, there are a few laws relating to cookies. Several of these apply only to California residents.
The California Online Privacy Protection Act (CalOPPA) requires operators of commercial websites to create a Privacy Policy explaining how they collect personal information.
This includes an explanation of whether the website sets tracking cookies, and how it responds to "Do Not Track" (DNT) signals.
The California Consumer Privacy Act (CCPA) requires certain big businesses and "data brokers" (companies whose main trade is in personal information) to allow
California consumers to opt out of the "sale" of their personal information. This can apply to the use of certain cookies.
Even if websites don't have to let you opt out of cookies, there are several ways to avoid them. For example, you can use a privacy-focused browser like Mozilla Firefox or Brave Browser, or you can opt delete cookies using the
method we describe below.
We use three categories of cookies on our sites:
Necessary Cookies
These cookies are necessary for the website to operate. Our website cannot function without these cookies. Diabling them might break functionality of the site.
Analytical/Performance Cookies
These cookies allow us to measure and report on website activity by tracking page visits, visitor locations and how visitors move around the site. The information collected does not directly identify visitors. We drop these cookies to help us analyse the data.
Functional Cookies
These cookies being used by the site for several function, animation preferences and other important task which can be opt-out by the visitors.
Marketing/Advertising Cookies
Marketing cookies help us provide you with personalised and relevant services or advertising, and track the effectiveness of our digital marketing activities. Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
We utilise cookies, and other online identification technologies such as web beacons, or pixels to provide users with an improved user experience.
Signed up Users
We use these technologies to make navigation of the websites easier for you and to better deliver tailored content to you. If you choose to become a registered user, we will use cookies to facilitate your registration and remember your preferences.
Analytical and site statistical data
Analytics and site statistics We also use these technologies to gather usage information and statistics regarding use of the websites. For example, we collect information about page visits and navigation to determine what articles and topics are of greatest interest and if users are able to find content easily. Likewise, we collect information about which articles and videos are viewed and whether videos are viewed in their entirety to determine what content is of most interest to users. We also use usage information to generate various reports regarding use of the websites. These reports contain aggregated information about users and do not single out users individually. If you are a registered user we may also collect information on what specific interests you have, including what articles you have viewed on the site in order to understand what content interests you most.
Information about the cookies used on our websites can be found below. Please review the cookie information on the for more information.
Counting on our activities
We used to track a visitor's behavior on a website, such as the pages they visit, the videos, images they view, and the length of time they spend on the site. This data can be used to personalize the visitor's experience and display targeted ads to them. We use advertising campaigns to track the effectiveness of our site by measuring the number of visitors who complete a desired action or filling out a form. This data can be used to optimize advertising campaigns and improve our effectiveness.
The following section explains the types, categories, and purpose of cookies on the Websites. By continuing to use these websites you consent to the deployment of cookies for the stated purpose.
Type of cookies:
Session cookie: these cookies remain in your browser during your browser session only, i.e. until you leave the website.
Persistent cookie: these cookies remain in your browser for a set period of time after the browser session (unless deleted by you).
Please see our privacy policy for more details on how we handle your data shared with us.
Strictly Necessary cookies
Provider |
Name |
Description |
Type |
Duration |
Electale |
sessionid |
This cookie used to identify the unique… (More) |
First Party, Session Cookie |
Session |
cloudflare.com |
__cf_bm |
Cloudflare’s bot products identify and … (More) |
Third Party, Persistent Cookie |
30 Mins |
Electale |
csrftoken |
A CSRF attack works because browser req… (More) |
First Party, Persistent Cookie |
30 Mins |
cloudflare.com |
cf_clearance |
Clearance Cookie stores the proof of ch… (More) |
Third Party, Session Cookie |
Session |
Google |
_GRECAPTCHA |
The purpose of this cookie is to provid… (More) |
Third Party, Persistent Cookie |
6 months |
Electale |
cookie-accepted |
Store the value of Cookie acceptance. |
First Party, Persistent Cookie |
1 year |
Electale |
user-consents |
Stores the consent given by the end use… (More) |
First Party, Persistent Cookie |
365 days |
Electale |
page_visited |
This cookie used to store the last visi… (More) |
First Party, Session Cookie |
Session |
Performance cookies
Provider |
Name |
Description |
Type |
Duration |
Google |
_ga_<container-id> |
Used to persist session state. |
Third Party, Persistent Cookie |
730days |
Google |
_ga |
Used to distinguish users. |
Third Party, Persistent Cookie |
730days |
Functional cookies
Provider |
Name |
Description |
Type |
Duration |
Electale |
recent_searches |
This cookie is used to store the recent… (More) |
First Party, Session Cookie |
Session |
Marketting & Advertising cookies
Provider |
Name |
Description |
Type |
Duration |
Google |
__Secure-XXXXXX |
Used by for targeting purposes to build… (More) |
Third Party, Persistent Cookie |
2 years |
Google |
__Secure-3PSID |
Used by for targeting purposes to build… (More) |
Third Party, Persistent Cookie |
2 years |
Google |
__Secure-1PSID |
Used by for targeting purposes to build… (More) |
Third Party, Persistent Cookie |
2 years |
Google |
SAPISID |
By Google Ads Optimization with unknown… (More) |
Third Party, Persistent Cookie |
2 years |
Google |
__Secure-3PAPISID |
Used by for targeting purposes to build… (More) |
Third Party, Persistent Cookie |
2 years |