Cookie

Cookies are a Key Component of Privacy for Consent Management

According to the IAPP, a cookie is “a small text file stored on a client machine that may later be retrieved by a web server from the machine.” They are stored in your internet browser. Essentially, cookies are packets of information or data that are sent by websites to your computer and then sent back to the site without any alteration. Users may block or delete cookies, as well as operate in privacy mode (no cookies on browsing history).

What do Cookies do?

As Norton explains, cookies help websites keep track of your activity and visits. Some common uses for cookies include storing login information for websites (i.e. saving your password and/or username on various websites) and keeping track of items in a users shopping cart. Or, a news site may utilize a cookie to save a custom text size you’ve chosen for viewing news articles.

GDPR, CCPA and Cookies

Companies that use cookies to recognize devices and/or individuals are treated as personal information under GDPR. This means that if cookies can identify an individual, it is considered personal data and comes under the purview of GDPR. In order to be compliant with the regulation, organizations cannot use cookies that identify people.

For CCPA, if cookies have any information that can identify a person or household, then that cookie is considered personal information and must be treated accordingly. In addition, best practices for CCPA dictate that organizations clearly state the purpose of their cookies in their website privacy notice.

What are some examples of information stored in cookies?

  • Browsing history
  • Login information
  • Shopping cart data
  • Information entered into forms

Here are additional resources to learn about cookies:

You just learned about Logs, now explore related terms like Data Lineage, Data Mapping, Data Classification and Data Flow Diagrams.