What are cookies?
Cookies (or cookies) are nothing more than computer data, especially text files that are stored on the device from which you visit a website.
What are cookies used for?
Cookies allow the web browser to remember the user's preferences and activities. This makes it possible to optimize the use of the website and adapt it to the user's needs. For example, this technology can be used to remember site settings, login information or products added to the shopping cart. Cookies can also perform marketing functions - for example, by using them, the user receives advertising messages tailored to his/her online activity.
Cookies are primarily designed to make websites easier to use and to track the user (Google analytics, Facebook Pixel and others).
Do you need consent for all cookies?
It is not always necessary to consent to "technical" cookies, i.e. those that are indispensable to ensure proper functionality of the website or display of the site, establish communication with the user's device and send data to it. According to legal interpretations, explicit consent is also not required for cookies sometimes referred to as functional cookies, which allow, for example, to remember information entered by the user in an online store, e.g. on selected products and services, and to facilitate the user's entire shopping process.
"cookies necessary for the proper functioning of the site do not require the collection of separate consent".
Types of cookies
analytical - as part of tools such as Google Analytics and Hotjar, cookies are used to measure the site's statistics
marketing - for advertising purposes, allowing ads to be displayed to users, also on other portals and sites (e.g. Google, Facebook Pixel)
social - related to platforms such as LinkedIn, Instagram, Facebook, Pinterest, etc.
related to the operation of various plug-ins on the website, for example, to provide information about visitors to a third-party service provider that handles blog comments.
Do cookies contain personal information?
Personal data is information that is linked to a specific person or that can be linked to such a person with some effort. The DPA indicates that such data may include an IP address. If the IP address can be considered personal data, it can also be information about the device, the browser, the physical address of the device, as well as data from Facebook or collected by Google, etc.
Of course, there are arguments that an IP address or browser information can be linked to a device, not to a specific person. However, the data protection authorities consider that this is enough for the data to be considered personal data, since a range of such information can identify a specific person who may be a customer (read: a person who has a contract for Internet access), even if this requires reporting to an Internet service provider (ISP). There have also been rulings by the Court of Justice of the European Union indicating that this is personal data.
Another point of argument is that often, as page administrators, we do not have access to this data (e.g., information about which Facebook user has visited our page). However, we can allow Facebook to access this data through our site. In addition, there are certain benefits associated with this, such as the ability to display advertisements or allow people to like our Facebook profile directly from our page.
Regardless, we must keep in mind that the obligations under the cookie law apply to more than just personal data. Even if the cookies do not contain them, we still have to comply with the prevailing rules.
