When you visit a web page or application, if you perform an action such as signing up, personalization, and/or tracking, small pieces of information related to the domain name may be stored in the corresponding area.
For example, on an e-commerce site, products you add to your cart or recently viewed may be presented to you again on your next visit, or a tracking mechanism may identify you as either a new user or a returning user based on your session information1.
Cookies
HTTP Cookies (henceforth referred to simply as “cookies” in the rest of the text) are small text files stored in a user’s browser when viewing a website or application. These text files are created by the browser in response to requests sent by the website or application. Most cookies contain a unique identifier known as a cookie ID, which is retained for the duration of the cookie’s validity. During this period, websites and servers can distinguish the browser in which the cookie is stored from others using the cookie ID. The history of cookie usage dates back to 1994. Cookies originally developed by Netscape to track whether a user had previously visited a particular site are now used to store much more detailed information2.
The information stored can be personal or general in nature. For instance, the total number of times a page or website has been viewed can be stored via cookies, as can the products added to a user’s shopping cart, user information (name, age, date of birth, etc.), user preferences (color, etc.), session details, and many other operations. When you set preferences on a website, the site will remember your preferences on your next visit through a cookie.
Cookies are not the only option for the operations mentioned above. Other options such as IndexedDB, Web Storage, Advertising ID, and IDFA (Identifier for Advertising) can also be considered3.
Cookie Types
Cookies are defined based on the areas and functions related to the displayed page or screen. For example, a session cookie created on a member’s website is associated with the area of that website and is categorized as either a third-party or first-party cookie. However, depending on the content of the cookie, further subcategories may exist; such as session cookies, persistent cookies, secure cookies, HttpOnly cookies, supercookies, and zombie (zombie) cookies2. Since our focus currently is on user data and the consent process, we will not delve into these subtypes.
Third-Party and First-Party Cookies
Third-party cookies are associated with a domain different from the one visited by the user. For example, third-party cookies used by Google Marketing Platform and Google Ad Manager for advertising purposes may be linked to domains such as doubleclick.net or country-specific Google domains like google.com. Whether a cookie is third-party or first-party does not alter its name or content. The difference between a third-party and first-party cookie lies solely in the domain the browser is redirected to4 5.
To summarize:
- First-party cookies are created by the website visited (the one shown in the address bar).
- Third-party cookies are created by other websites. These websites have a portion of content, such as advertisements or images, displayed on the visited web page or application.
You can clear cookies by deleting your browser’s history. However, this action will also delete your browsing history, and you will no longer be able to see or make decisions about which cookies you have. In addition to this, you can view and delete cookies using developer tools and custom extensions6 2 7.
For example, to view and delete cookies associated with the Chrome web browser, follow these steps: View > Developer > Developer Tools > Application > Storage > Cookies. To delete cookies, right-click on the relevant domain name and select the [var]Clear[/var] option, or right-click on the cookies listed on the right panel and perform individual actions such as deletion, refresh, or editing6.
When cookies are created, a time duration is also defined. For instance, when you select the “Remember me” option upon logging in to a website, you may be asked to specify a time duration (such as 1 hour, 1 day, 1 year, etc.) for the period of remembrance. In this case, you will determine how long the cookie created alongside your session will be stored. Once this duration expires, the relevant cookie will be automatically deleted.
Limiting Cookie Usage
Cookie usage can be restricted by your internet browser and/or security applications. However, since cookie usage is very common, many websites or applications may not function properly if they are not allowed to store cookies6.
Footnotes
- Google Analytics users. Hotjar ↩
- Cookies - Information stored by websites on your computer. Firefox Support ↩ ↩2 ↩3
- Ezequiel Bruni. (2019). Does the Web Really Need Cookies? ↩
- How Google Marketing Platform advertising products and Google Ad Manager use cookies? Display & Video 360 Help ↩
- How does Google use cookies? Google Privacy & Terms / How does Google use cookies? Google Privacy and Terms ↩
- How to delete, enable, and manage cookies in Chrome. Google Chrome Help ↩ ↩2 ↩3
- HTTP Cookies. YouTube ↩