Last updated on 25 July 2022 by Jocelyn Mackie (Former civil litigation attorney. Content legal strategist at TermsFeed)
A cookie is a small data file stored on a user's computer or mobile device. Cookies may retain log-in information, save preferences, and even direct users to the spot where they last browsed.
When cookies are in use, it's normal to see Privacy Policies that contain an entire section or subheading addressing cookies.
To be transparent
To comply with privacy laws
The content within these sections on cookies needs to address these three reasons outlined above.
Here is how to accomplish that.
Amazon offers this to its visitors:
Explanations regarding your cookies usually start at the beginning. Other tracking software may also be mentioned in this section, so feel free to include mention of web beacons and other technology.
Sometimes, there may be more detailed discussion on cookies. This is especially true with entities that have an international presence or simply use many types of cookies and user tracking technology.
Lenovo offers this further explanation of cookie usage right after its introductory paragraph in the cookies section. It also mentions that cookies may be turned off in the user's web browser:
A further explanation by Lenovo mentions that web beacon and other tracking technology works in conjunction with cookies. If you take the same approach with your website, you may wish to add similar information to your cookie provisions:
The introductory provisions from Lenovo above offer some instruction on disabling cookies. Apple explains to users how to turn off cookies in both its Safari browser and its mobile devices:
If an app or website uses unique tracking features, cookie provisions can address those as well. Apple has an Ad Tracking process that customizes advertisements to consumer preferences. Its cookies provision addresses turning that off:
Lenovo uses Flash cookies to support its cloud storage systems. These are often managed by third parties. It offers instructions for disabling these while also providing a link with further information:
The examples above are from Privacy Policies applicable to U.S. customers.
The E.U. Cookies Directive is part of an e-Privacy Directive amended in May 2011.
The EU Cookies Directive requires that:
Most E.U. companies provide a banner or active consent platform when it comes to cookies and create a separate Cookies Policy agreement.
When you visit Lenovo's Netherlands site, you first see this dialog. To continue, a user must hit the green "Accept and enter the website" button:
Even if you decide to rely on implied consent, your notice banner must be visible. It should remain until a user clicks on a certain number of pages within your site. Here is an example of how that can work:
Another place where you will find differences is the footer section of a website.
Amazon does not offer a link to a Cookies Policy on its U.S. page:
But you will find a link to the Cookies Policy on its U.K. page:
This allows users who are interested in cookies to navigate directly to where they receive the most information on how and why you use them.
This intends to give consumers more information as required not only by the E.U. Cookies Directive but also Netherlands law.
Amazon U.K. takes the same approach with its Cookies Policy.
In the U.S. it's a courtesy more than a legal requirement, but transparency helps with customer relations.