What exactly are cookies and how do they work on WordPress and how to integrate them in your site making it reliable to your visitors?
Before we begin: what are cookies exactly?
Before we go into details of WordPress cookie configuration, let’s take a step back and try to understand what we’re talking about.
Cookies are simple text files that are saved on a visitor’s browser when they access a website. These files collect some information about the user that is later sent back to the site’s server during navigation and on subsequent visits.
The term “cookies” dates back to the early eighties and refers to the first forms of digital data exchange through servers. At the time, such files were referred to as “magic cookies,” but there is no official reason why these file packages have been named after a cookie. An IT mystery that remains unsolved, if you will.
What information does a cookie collect? All kinds. For example, it saves your language preferences when you visit web pages available in multiple languages, or the products left in your cart when you visit an e-commerce store without completing the purchase. Another typical case concerns the login credentials to enter a site – cookies save them so you don’t have to enter your username and password every time.
Let’s look at your website
Our free video audit will take a look at your website and the UX-design of your website. We will send you a short video with an analysis from one of our talented team-members.
The main categories of cookies
At a general level, we can divide cookies into three major categories:
- Technical cookies;
- Profiling or marketing cookies;
- Third-party cookies.
Technical cookies concern the user’s navigation settings and can be divided in these sub-categories:
- Analytics cookies, which contain statistical information about the browsing session;
- Functional cookies, which store user preferences to facilitate subsequent visits, such as the language settings we mentioned earlier;
- Social network cookies, which authorize sharing and interaction through social networks.
A profiling cookie collects and provides data for advertisements and formulates a hypothetical user profile to configure personalized advertising messages. Marketing cookies are undoubtedly the ones you’ll have to manage with the most care.
Technical and profiling cookies are generated directly by the site on which you are browsing, and are also called first-party cookies. Third-party cookies, on the other hand, collect navigation information on behalf of a different site or domain than the one you are visiting. This is the classic case of tracking pixels, such as those from Facebook or Google Analytics.
We should also distinguish between session cookies and persistent cookies – in other words, those that are deleted after closing the browser and those that are stored for subsequent visits.
As you can see, the cookie landscape is wide and varied and it’s easy to get confused. You should also know that the same cookie can belong to several different categories at the same time, depending on the information it catalogs.
Let’s stick to Google Analytics cookies as an example. They are both third-party and technical cookies because they transcribe some statistics about the visit. If they save the user’s IP address, then, they should also be considered as marketing tools.
How the cookie-related information should appear to visitors
Now that we know more about cookies, let’s understand how we have to warn our visitors about their use.
European law requires the user to see the profiling notice – in a banner, a pop-up or a notification bar – as soon as they connect to the site. The notice must contain the most relevant information about cookies and how they will be used.
The message that appears to the user after they connect to the site is known as “short information notice,” and should be a concise form through which visitors can give their consent by clicking on a button that usually says “I agree.”
The extended information should include everything the user needs to know about the use of their personal data and its collection. You must also provide explanations on what cookies and on how they store statistics. The visitor, through the extended information page, must also be able to revoke their consent at any time, even if they have already provided it in the short information notice.
Untangling rules and quibbles is not easy for those without a legal background. As of 2018, website owners have to worry not only about cookie legislation but also about the dreaded GDPR, the European Union’s General Data Protection Regulation – a directive that includes even higher penalties for those who fail to comply and has led to increasingly strict controls.
If you feel up to it, you can try to write the information on your own, perhaps with the help of the guidelines made available by the European Commission. With a little patience and preparation you can write the documentation independently, but be careful: every little mistake could cost you a fine of thousands of euros!
Our advice, in order to operate with peace of mind, is to get help from a law firm experienced in IT law. With the help of a professional, you will have a text that is tailor-made for your WordPress site. We understand, however, that such a consultation involves high costs and long production times, and is therefore not always the best solution.
Luckily there is another option. Cookies on WordPress can be managed through three plugins that help thousands of online businesses every day, and that don’t require legal preparation or financial resources for legal advice. The plugins we are talking about are:
- Cookie Notice;
- GDPR Cookie Consent.
These three tools are also available in a free version that provides policy templates suitable for any type of business. Let’s take a look at their main features.
Iubenda is one of the best-known and most popular tools for managing cookies, privacy policies and GDPR. It operates in more than seventy countries and its range of services is constantly expanding.
Once your documentation is ready, you just need to install the appropriate WordPress plugin, and cookies will no longer be a problem for your digital enterprise.
Here are the most important advantages:
- Advice from an international group of lawyers;
- Eight different languages available;
- Regulatory focus for apps;
- Automatic adaptation to regulatory changes;
- 1,500 different clauses to choose from to customize your documents;
- A single dashboard for all your projects, which is very useful if you manage multiple WordPress sites.
Cookie Notice helps you configure the documentation on web pages with different options for customization. Among other things, it allows you to choose where to place the banner, edit the message and configure different options for accepting the policy, ranging from the classic “I agree” button to the “Accept by scrolling” option.
Here are some of its most interesting features:
- Several options to choose from for cookies expiration;
- Manual blocking of loading page scripts;
- Reloads the page after the user clicks “I agree”;
- Compatible with plugins for multilingual WordPress sites;
Compared to Iubenda, it is not a real legal aid tool, so it only provides standard disclosure templates; but it remains undoubtedly a valid plugin for small and medium-sized businesses. Plus, it is completely free.
GDPR Cookie Consent
With over a million active installations on WordPress, GDPR Cookie Consent is one of the most widely used plugins in the world.
Among its outstanding features are automatic scanning, classification of cookies on the site, and quick integration with the main monitoring pixels. The short information banner is 100% customizable in style, colors, fonts and size, and it can be easily integrated with your site’s graphics.
Among other things, GDPR Cookie Consent allows you to:
- Manage the configuration and description of cookies from the WordPress backend;
- Insert the complete list of cookies used in the extended information page with a simple shortcode;
- Show the cookies used in a convenient table thanks to the Cookie Audit module.
All for free.
Make your site safe and reliable for visitors