ZickZack

joined 1 year ago
[–] [email protected] 37 points 1 year ago (4 children)

There are certain things you are allowed to use cookies for even without asking for permission (i.e. they wouldn't even need to tell you about them). These are effectively the kinds of things that are necessary for your website to work in the first place: For instance if you have a dark and a light mode and you want people to change this even without logging in, another example is language settings (this is why sites like e.g. duckduckgo can have a "settings" tab despite the fact you are not logged into anything).

The rule-of-thumb is that everything that is directly related to the functionality of your website is fair even without asking (they are "essential").
Of course the specifics are a little more tricky: For instance you could have a shop in which you can put things into your "shopping basket" without being logged in. This is fine since it's core functionality. However, if you use that same cookie to also inform your recommendation algorithm, you could get into trouble. Another aspect is 3rd party cookies: These, while not theoretically always requiring permissions, in practice do need expressed permission since you, as the website host, cannot guarantee what happens with these cookies (and 3rd party cookies are, in general, an easy way to track users, which isn't core functionality for most websites).

view more: ‹ prev next ›