Almost all websites use cookies, and several data privacy laws affect how you process and handle them.
In this guide, I explain how internet cookies work, how to manually find them on your site, and the laws that apply to them.
You can also use our cookie scanner below to find the cookies your website uses right now.
Find Out What Cookies Your Website Uses
Quick Summary: Your Website and Internet Cookies
If you own a website, it most likely uses internet cookies and is impacted by data privacy laws.
Here’s a quick summary about how to detect those cookies to ensure you’re using them in a legally complaint way:
- To determine what cookies your website uses, you can enter your URL into a website cookie scanner or manually find them.
- To manually check for cookies in Chrome, right-click on your site, choose Inspect, select the Applications tab, then click Cookies.
- In Firefox, you can manually find cookies by right-clicking on your site, selecting Inspect, then Storage, and then clicking Cookies.
- Data privacy laws give some users the right to opt into or out of cookies used for targeted ads, the sale of their data, or the collection of sensitive data.
How Do I Detect Cookies on My Website?
To detect the cookies your website uses, conduct a cookie audit and scan it for temporary, permanent, first-party, and third-party cookies.
You can do this manually or automatically.
Automatically
We recommend performing an automatic cookie audit with our free website cookie scanner, as it’s an easy way to detect and list all cookies your website uses.
You only need to enter your website URL below — the scanner does the rest for you.
Manually
Alternatively, you can manually find your website’s cookies through your web browser functions.
Here are the directions for identifying cookies in Google Chrome and Firefox:
Checking Cookies in Chrome
Step #1: If your computer is operating on Windows, you have to right-click on the window of your website.
On an Apple OS, you can either use the two-finger click or the control+click function.
Step #2: An option menu will pop up after you right-click, and the last option on the list will say “Inspect.”
Select it to open the Chrome developer console in another section of the window.
Step #3: You’ll see a few different tabs at the top of the developer console. Select the one that says “Application”.
If the tab isn’t visible, you might have to extend the list by clicking on the “>>” option.
Step #4: Once you click the “Application” button, a sidebar will appear on the left.
Click the “Cookies” option, which is a sub-option under the “Storage” section.
Step #5: After clicking “Cookies,” you will see a few columns of information showing whether your website’s cookies are secure or if there are any active third-party cookies.
In the “Session” tab, you can see where those cookies are stored and whether they are session or persistent cookies.
Checking Cookies in Firefox
Step #1: If you’re using a Windows PC, navigate to your website and right-click on the browser window.
For Apple OS, you can either use the two-finger click or the control+click feature.
Step #2: An option menu will appear, and you should select the one that says “Inspect.”
Step #3: A new section will open in your browser window. Select the “Storage” option from the menu bar.
Once you click “Storage,” a list of options will appear. Choose “Cookies” from this menu.
Step #4: Next, click “Cookies,” and you’ll see a few columns of information showing whether your website’s cookies are secure and if there are any active third-party cookies.
In the “Path” column, you can see where those cookies are being stored and which are session or persistent cookies by checking the “Expires/Max-Age” tab.
Brief Explanation of Cookies
When a person visits a website, it leaves internet cookies on their browsers that are essentially small data files that contain personal user information in the form of a unique identifier called a cookie ID.
If users return to your site, it recognizes their cookie ID and auto-fills their preferences.
Websites use cookies to:
- Help their website function properly.
- Gain insight into customers’ behaviors.
- Anticipate their preferences more accurately.
- Improve the user experience.
- Send personalized content or targeted advertising.
Cookies get to know users based on their online lives, providing invaluable data to companies looking to improve the customer experience.
While cookies provide valuable functionality, the processing and storage of numerous cookies can impact a browser’s memory usage, particularly on sites with extensive tracking systems, potentially affecting browser performance on devices with limited resources.
What Laws Impact Cookies?
Because cookies contain personal information as defined by different data privacy laws, you must follow certain requirements to use them legally.
The following laws all outline requirements for websites that use cookies or other trackers:
- General Data Protection Regulation (GDPR)
- ePrivacy Directive (EU Cookie Law)
- California Consumer Privacy Act (CCPA)
- Connecticut Personal Data Privacy and Online Monitoring Act (CTDPA)
- Colorado Privacy Act (CPA)
- Virginia Consumer Data Protection Act (VCDPA)
- Quebec’s Law 25
Depending on which of these or other data privacy laws apply to your site, you must provide a cookie banner allowing users to opt in or out of cookies.
For example, under laws like the GDPR, users must consent to cookies before placing any on their browsers.
On the other hand, laws like the CCPA allow websites to set cookies but require an easy way for users to opt out of them.
What Kind of Cookies Do Websites Often Use and Why?
Some people incorrectly believe that companies use cookies only for online tracking, but there are other reasons to use cookies, such as enhanced website functionality and performance.
Let’s define the most common types of internet cookies and what they do in the next section.
Temporary Cookies
Often found on ecommerce websites, temporary cookies recognize user preferences and recommend products they may like based on other choices made during an online session.
They’re called temporary cookies because they only last for that single browsing session, and once the user closes their web browser, those cookies disappear.
Permanent Cookies
Permanent cookies remain on users’ browsers longer than a single browsing session.
Also called persistent cookies, these often store details like usernames and passwords so it’s easier for returning visitors to log into their accounts.
Laws like the GDPR require website owners to delete permanent cookies after a set amount of time to help ensure consumer data isn’t stored indefinitely, minimizing the chance of it falling victim to a data leak.
First-party Cookies
Websites use first-party cookies to track user activities to analyze and improve the website’s performance, including:
- The number of page views a site gets
- The number of visitors on each page
- The length of user sessions
However, some companies sell first-party cookies to third parties to create targeted ads.
Data privacy laws give users the right to opt out of this type of data processing, ensuring that customers always have control over where their data goes.
If you use these cookies, ensure you use a compliant cookie consent banner so your users can follow through on their data privacy rights.
Third-party Cookies
Third-party cookies are usually not created by the original website developer and instead come from plug-ins or external sources such as:
- Live chatbots
- Widgets
- Ads
For example, consider a website with a YouTube video embedded on its homepage. Whenever a user clicks that YouTube video, YouTube adds a cookie to their browser.
Websites also use third-party cookies for targeted advertising.
Remember, data privacy laws impact how you use and share these types of cookies and the choices you give your users regarding them.
Secure Cookies
Websites using HTTPS typically use secure cookies as they are encrypted to deter cookie theft, preventing user data from falling into the wrong hands.
Most websites today use HTTPS protocols and, therefore, secure cookies.
Website Cookie Usage FAQs
Now that we have covered the basics of website cookies let’s explore some frequently asked questions about website cookie usage and compliance with data privacy laws.
Are All Website Cookies Bad?
Like most other online tools, cookies can be good or bad depending on how you use them and whether you violate users’ privacy by selling them to third parties.
If you properly manage user consent, store and protect the collected cookies, and follow all legal regulations, you won’t have any issues using cookies.
How Do I Know if My Website Uses Cookies?
If you’re unsure about cookie usage on your website, follow the steps in the above “How to Detect Cookies on My Website” section to search for them.
Almost all websites use cookies. For example, if your website requires a login, offers shopping services, or personalizes the user’s experience, it likely uses cookies.
Do All Websites Use Cookies?
It’s rare to find websites that don’t use cookies. Any site with a login, third-party plug-in, and similar options uses cookies.
Although the internet is vast and there are all kinds of websites, it’s safe to assume that most of those you visit use cookies.
Does My WordPress Website Use Cookies?
WordPress uses cookies by default, so if you have a WordPress site, it uses cookies.
The two main cookie types that WordPress uses are user or session cookies and commenter cookies. Any additional cookies on your WordPress site may come from the third-party plug-ins you use.
What Should I Do if My Website Uses Cookies?
If your site uses cookies, familiarize yourself with all applicable data privacy laws and follow their guidelines appropriately to avoid fines and penalties:
- Post a cookie message informing visitors that your site uses cookies and allow them to opt in or out of some or all of them.
- Link to a cookie policy outlining what cookies your site collects, why, and how you plan to use them.
- Users have the right to change their consent at any time.
- Keep consent logs and provide a consent preference center to manage user permissions.
The clearer you are about your cookie collection and management process, the more comfort and security your customers will feel when using your site.
If your customers come from Europe, read our GDPR cookies guide. If they come from California, then read our CCPA guide.
Summary
To those still wondering if your website uses cookies, the answer is most likely yes, but as long as you follow privacy data regulations, you shouldn’t experience any issues.
Present your users with a cookie consent banner allowing them to opt in or out of cookie collection, store all information securely.
To make your life easier, you can use our cookie consent manager to handle your site’s cookie needs, such as creating banners and policies and tracking and managing cookie consent to keep your site compliant.
More about the author
Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP
Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author
