Guide to cookies, cyber treats that profile users

Put us to the test!

Analyze your site

Select the database

Analyze

They are nicely called cookies, but they are often anything but pleasant, even if they are very useful for profiling users for marketing purposes. Cyber cookies have been around almost as long as the Internet has existed, and it is important to understand how they work, both as Web users-to keep our data safe online-and as site owners or operators, given their purposes. At a time when there is great attention on privacy and issues related to the use of cookies, especially third-party cookies, it is all the more necessary then to try to understand more about these digital traces, to find out what these little cookies really are and what they are used for.

What are cookies

Web cookies, or more simply and par excellence cookies, are identifying trackers used by server-side web applications to save and retrieve information on the client side through an additional header present in a request (Cookie:) or response (Set-cookie:) HTTP.

This is why they are also technically called “HTTP cookies” and, like much of the Web, are sent using the HTTP protocol. Each cookie is a key-value pair along with a set of attributes that control when and where the information is needed, set in an HTTP header or via the JavaScript interface that also defines their “expiration.” Web browsers store the cookies they receive for a predetermined period of time or for the duration of a user’s session on a Web site, attaching the relevant cookies to any future user requests to the Web server.

Technically, cookies are small text files containing unique data that identify a computer on the Web, and typically include a unique identifier and a site name-sometimes it may also contain personally identifiable information such as name, address, e-mail or telephone number, if the user has provided such information to a Web site.

In practical terms, they are small text files, which generally contain letters and numbers, created by the websites visited and stored on every type of technological device connected to the Network (desktop PC, mobile device or Internet of Things tools) for two main reasons:

• Store users’ preferences and improve their experience of using a site or an app, saving browsing data.
• Analyze traffic to that site and track the browsing behavior of users.

When we visit a website, the browser provides a cookie to be stored in a special file placed in the folder on the hard drive: on the next visit to the same website, the browser will return the cookie to identify the user, thus loading the website with a personalized experience.

A simple and common example of a cookie is the automatic filling of account fields (username and password) on a site, or even the storage of products placed in a shopping cart even after closing the browser (to find them again later).

The meaning of computer cookies

Going down a bit in technical explanations, a cookie is a piece of data stored in the browser that is used to maintain the status and other information needed by a Web site to perform its functionalities. This little one is stored on users’ computers, and the information it contains travels back and forth between the browser and the Web site.

Cookies are thus guarantors of a user’s online experience, because they can make websites more personalized and functional and thus improve the users’ browsing experience. As mentioned, in fact, they can be used to remember a person’s preferences, such as language or location, so that he or she does not have to set them again each time he or she visits the website, but also login status (to check if the user is already logged in, for example) and browsing information (such as pages visited or searches performed).

Despite their minimal size, these cookies therefore play a crucial role in the functioning of the web as we know it: without them, just to say the least, we would be treated as new visitors every time we visit a website. And that would mean, as a result, having to re-enter credentials every time we visit a site, or having to fill our shopping cart from scratch every time we return to an e-commerce site.

But cookies do more than just make our online lives more convenient: some are necessary for security reasons, such as authentication cookies, and others help Web sites to be informed about users’ preferences and choices. In this sense, they play a key role in providing personalized content, because they can store our language preferences, the products we have viewed or the content we have read, allowing sites to ensure a more personalized and relevant experience for each visitor.

Because of these very characteristics, advertisers in digital marketing use cookies to track user activity on sites to better target ads. Although this particular practice is usually offered to provide a more personalized user experience, some people also see it as a privacy issue, something that has been the focus of much attention in recent years (even prompting various changes by hi-tech giants).

What cookies are for

The first task of cookies is to keep a user connected to the site: thanks to these trackers, personal preferences can be stored for each site visited, previous interactions can be saved, previous account logins can be identified, sites can be made more operational, pages can load faster, statistical data on visitor behavior can be collected, and locally relevant content can be offered.

These digital cookies are capable of storing personal data-such as IP address, user name, unique identifier, or email address-but can potentially also contain other non-personal data, such as language settings or information about the type of device used by the user. In addition, cookies can also contain tracking Ids such as advertising Ids and user Id.

More specifically, there are various types of computer cookies that perform specific functions, and in particular to manage sessions, personalization, and tracking.

• Sessions

These cookies allow website activity to be associated with a specific user, thanks to a unique string (a combination of letters and numbers) that matches a user session with data and content relevant to that user. In this way, they allow the site to recognize users and remember their individual login information and preferences. If user Max, for example, logs into her account on an e-commerce site, the site’s server generates a unique session cookie and sends it to her browser; this cookie allows the site to “remember” Max by automatically loading her account content and welcoming her with a warm “Welcome back, Max.”

But the role of cookies does not stop there: when Max visits a product page, her browser sends a request to the site, including her session cookie. This allows the site to recognize Max and keep his session active, avoiding the need to log in again.

• Customization

Cookies not only “remember” us, but they also “remember” our actions and preferences, and so allow websites to personalize our experience by providing us with targeted content and advertisements.

For example, if Max views certain products or sections of a site, cookies can use this information to create targeted ads that he might be interested in; and if Max logs off, his username can be stored in a cookie, allowing the site to welcome him with “awareness” (and username) on his next visit.

• Tracking

Cookies not only “remember” who we are and what we do, but also where we go. Some cookies, known as tracking cookies, record the websites we visit and send this information back to the server that originated the cookie; with third-party tracking cookies, this process happens every time the browser loads a website that uses that tracking service.

For example, if Max previously visited a site that sent a tracking cookie to his browser, this cookie might record that Max is now viewing a product page for jeans. This could lead Max to see denim ads the next time he visits a site that uses the same tracking service.

Tracking cookies are not just used for advertising: many analytics services use them to anonymously record user activity, providing websites with valuable information about user behavior and site performance.

How cookie storage works

Basically, each browser stores cookies in a designated file on the users’ device-for example, if we use Google Chrome, all cookies are stored in a file called “Cookies,” and we can view the cookies stored by our browser by opening Chrome’s developer tools, clicking on the “Application” tab and then on “Cookies” in the left-hand menu.

Local storage of cookies is not only beneficial for us, but also for web developers, because it frees up storage space on website servers and thus allows websites to personalize content without having to invest in expensive servers and storage space, saving money on server maintenance and storage costs.

Not all cookies, however, are necessary or desirable. Third-party cookies, for example, are used for advertising and analytical purposes, tracking our online movements and Internet searches. Although they are not as harmful as a virus, we may not like the idea of our privacy being compromised and our information sold to advertisers. To protect our online privacy, we can disable third-party cookies or adopt other small “workarounds” to prevent companies from tracking our online usage, providing greater protection for our privacy.

The types of web cookies: how many and what they are

There are various types of cookies, then, which are distinguished on the basis of their characteristics. The biggest difference is between proprietary and third-party, depending on who makes the installation request.

To be precise:

• Proprietary or first-party cookies are set by the domain of the host site, the one that the user is visiting and displays in the address bar; only that site can read them, and they are usually used by page owners to save details such as users’ passwords, which will then give them easier and faster access to accounts later. Generally, these cookies are safer, provided that you are browsing on reputable Web sites or that they have not been compromised by a recent data breach or cyber attack.
• Third-party cookies are created by a different site and hosted by the one the user is visiting; the domain that sets the cookies owns some of the content, such as ads or images, which uses them to deliver targeted advertising. Third-party cookies allow advertisers or analytics companies to track an individual’s Web browsing history on any site that contains their ads; following the legislative crackdown on data protection, allowing third-party cookies to access your browser is now optional in many countries and states. Today, most third-party cookies have no direct impact on our browsing experience, as many browsers have already begun to phase them out (Google announced the end of third-party cookies in Chrome by 2024), and many websites still function effectively and remember user preferences without using third-party cookies.

Some experts add two more categories, namely:

• Zombie cookies, which are a form of persistent third-party cookies permanently installed on users’ computers. Sometimes also called “flash cookies” or “supercookies,” they are extremely difficult for the average user to detect and remove: in fact, they have the unique ability to reappear after being “deleted” from the computer because they create their own backup versions outside of a browser’s typical cookie storage location and use these backup copies for even after deletion (much like the zombies of literature and horror movies). Like other third-party cookies, zombie cookies can be used by web analytics companies to track the browsing history of unique individuals (or to prohibit them from accessing content), but they are more commonly used by unscrupulous advertising networks and even cyber attackers, who use them to infect the system with viruses and malware.
• Essential cookies are currently synonymous with the pop-up that asks us to set or confirm cookie preferences when we first visit a website. These are proprietary session cookies, which are needed to run the Web site or services requested online (such as remembering login credentials).

Another important distinction is between:

• Persistent cookies, which are saved on the user’s computer until they expire as originally set or are manually deleted. Through these trackers, sites automatically recognize users accessing the site (or any other users employing the same computer), who nonetheless have the ability to manage preferences and possibly reject cookies through browser settings.
• Session cookies, which are deleted when the user closes the browser and therefore are not stored persistently on the device. These are temporary cookies, strictly limited to the transmission of session identifiers that are necessary to enable the safe and efficient exploration of the site, without therefore having to resort to other computer techniques that could be potentially detrimental to the privacy of users’ browsing.

What are the main cookies on the Web

The list of these valuable trackers is then completed with an even more specific classification, which identifies at least a dozen variants, divided into two broad categories:

• Technical cookies, required by some computer systems and necessary for the user to authenticate, take advantage of multimedia content, or set a navigation language.
• Non-technical cookies, used for profiling and marketing purposes, which in turn can be grouped into:

The complete list of computer cookies is therefore divided into:

• Authentication cookies, which help to manage user sessions; they are generated when a user logs in to an account through their browser, ensuring that sensitive information is provided to the correct user sessions by associating user account information with an identifying cookie string.
• Functionality cookies, which allow users to use the core functionality of a website (such as language preference, displaying local news, and so on). They generally improve the performance and functionality of a website, and even some website features may not be available without the use and acceptance of such cookies.
• Analytics, cookies used to collect and analyze statistical information on access and/or visits to the website, measuring parameters such as number of visits to a page, time spent on a page, or time to leave the site. Also called performance cookies, they collect data that, combined with other information (such as credentials entered for access to restricted areas), can in some cases serve to profile the user (particularly personal habits, sites visited, content downloaded, types of interactions performed, and so on).
• Widgets, graphical components of a program’s user interface, which facilitate user interaction with the program. Examples are Facebook or Twitter cookies.
• Advertising, cookies used to advertise within a site. Also called targeting cookies, they create a profile of the user based on the user’s interests, search history, and items viewed, then share that information with other Web sites so they can send the person relevant products and services. This is why, if we search for example sneakers online on Google, after not too long we will be “bombarded” with ads on social media or in banner ads related to this type of shoes or relevant items such as socks and so on.
• Web beacons, code snippets that allow a site to transfer or collect information by requesting a graphic image. They can serve multiple purposes, such as analyzing site usage, monitoring and reporting activities on advertisements, and personalization of advertisements and content.

Finally, to always limit ourselves to only the best-known and most useful types for our purposes, we mention the existence of magic Cookies and HTTP Cookies

• Magic cookies is an expression from old computer science, predating the modern concept of “cookies” that we use today, which refers to packets of information sent and received without any changes to the data. More precisely, they are data tokens that allow servers and Web browsers to communicate, especially within an internal corporate network, and originally served Unix programmers to authenticate and track users in a system. data stored in magic cookies are encrypted and, under normal circumstances, only the server that created the cookie can read the data.
• HTTP cookies are the more modern version of the “magic cookie,” created for contemporary Internet browsing, designed specifically for the Web and progenitors of all the cookies we have discussed.

On the technical side, however, trackers can take the form of browser or HTTP cookies, or use lesser-known tracking technologies, such as local storage objects (Lso) or flash cookies, software development kits (Sdk), pixel trackers (or gif pixels), “like” buttons and social sharing tools as well as fingerprinting technologies.

Fingerprints in particular are believed to be one of the most aggressive forms of tracking cookies: they are small snippets of information that vary depending on the characteristics of the user (from the device owned to the fonts installed) and allow a unique identifier to be generated that can be used to match a user across websites. In addition, unlike with classic cookies, users cannot delete passive fingerprinting-related activities, and thus have no control over how their information is collected.

The history of web cookies and applications in digital marketing

The history of cookies begins in the 1990s, at a time of rapid evolution and innovation in information technology. To be precise, according to the most reliable reconstructions, the “daddy” of this technology would be Lou Montulli, an engineer working for Netscape Communications, who in 1994 in-ut that the Web needed a way to keep track of user interactions (and in particular to check whether readers were new or returning), so as to make the online experience smoother and more personalized

The term “cookie” comes from “magic cookie,” which as mentioned in programming describes a packet of data that is sent and then returned unchanged, and this is exactly what cookies do: they are sent from the website to our browser, which stores them and returns them to the site each time we visit.

After their introduction, cookies quickly gained popularity, and over the past thirty years they have enabled websites to “remember” users, making it possible to create online shopping carts, personalize content, and authenticate users. They are therefore an integral and fundamental part of the Web system, and indeed according to Ratko Vidakovic, founder of the consulting firm AdProfs, “without cookies, the advertising ecosystem we see today would not exist.”

Indeed, the online advertising and adtech industry makes extensive use of cookies at every stage, from campaign planning and targeting to sales measurement and attribution.

The use of all trackers for advertising purposes has been one of the most profitable ways for the industry to date, because because these data packets allow them to fuel the delivery of targeted ads within seconds of a user opening a website and, more importantly, allow them to specifically monitor the content that users access and how they behave by tracking their dynamic device Ip addresses or other similar information.

From this tracking, a profile is created that allows the user to be classified within a specific cluster, so that profiled and targeted advertising can be directed. In short, this information is valuable because it enables demand creation, “causing consumers to want products and services they did not know existed.”

But with the growing popularity of cookies, privacy concerns have also emerged, putting third-party cookies in particular, which are often used to track user behavior across different sites, under close scrutiny, towards which data protection and online privacy concerns and critical issues have been raised.

In response to these concerns, various laws and regulations have been introduced over the years to protect user privacy, such as the ePrivacy Directive or the EU GDPR or state laws in the United States. Remaining on our continent, for example, users must provide “informed consent”-they must be informed about how the website uses cookies and consent to such use-before the website can use cookies (with the exception of cookies that are “strictly necessary” for the operation of the website itself); moreover, in the EU, cookie identifiers are considered personal data and consequently subject to very specific enforcement rules, which also affect all personal data collected through “cookies.” It is precisely because of these laws that virtually all sites display cookie banners that allow users to review and control the cookies used within them.

The limits of cookies: not just security and privacy risks

Cookies are an integral part of the Web and continue to play a key role in making the online experience smoother and more personalized. Yet, it is impossible not to mention the concerns surrounding their use that, despite their undeniable benefits, make it important to assess the range of limitations and critical issues, especially in terms of privacy and security.

Then there is another technical issue concerning the evolution and technological limitations of cookies: with the advent of new technologies and the evolution of the web, the role of cookies is changing, and, for example, the rise in popularity of the mobile web has made cookies less effective for tracking users. At the same time, new technologies such as Local Storage and IndexedDB are offering alternatives to cookies for client-side data storage.

Far more pressing is the security issue: although cookies cannot carry or install malware on computers, they can be exploited by cybercriminals. For example, in November 2010 the Koobface worm exploited Facebook-related cookies to steal credentials and gain access to victims’ accounts, while in May 2011 an Internet Explorer zero-day bug was used to hijack session cookies through social engineering tactics, and again, in July 2011, an attack on several e-commerce sites used malware that sought Internet caches, cookies, and browsing histories to steal login credentials and other data.

Finally, there are the (complex) privacy implications for users, and choruses have long been raised about the possible criticality of using cookies in relation to the transmission of personal data and the tracking of browsing habits; for example, between 1996 and 1997, cookies were the subject of U.S. Federal Trade Commission hearings, and the Internet Engineering Task Force (IETF) formed a special working group to address cookie specifications, subsequently determining that third-party cookies were not allowed, or at least enabled by default. The most recent standard, updated in 2011, allows third-party cookies, but users can choose not to accept them.

To address privacy concerns, a “Do Not Track (DNT)” header mechanism was introduced for browsers that, when enabled, warns that users do not wish to be tracked and that any tracking or tracing of users between sites should be disabled. Mozilla Firefox was the first browser to implement this feature, followed by Internet Explorer, Safari, Opera, and Google Chrome.

But how do cookies affect user privacy? As described above, cookies can be used to record browsing activity, including for advertising purposes, and users often do not have (or at least did not have) awareness or control over what tracking services do with the data they collect. Even when cookie-based tracking is not tied to a specific user’s name or device, with some types of tracking it may still be possible to link a record of a user’s browsing activity with their real identity. This information could be used in a variety of ways, from unwanted advertising to tracking, stalking, or harassing users-obviously, this is not the case with all uses of cookies.

Cookies and Google: the latest developments

For 30 years, practically, cookies (especially third-party cookies) have been the cornerstone of Internet advertising and have allowed companies to net huge profits, but the situation is changing (more or less) suddenly.

The first signs came in 2017, when the Safari browser began blocking third-party tracking cookies, followed in 2019 by Firefox, until Google’s decision earlier this year to permanently stop these trackers on Chrome, the world’s most widely used browser (about two-thirds marketshare).

It was Justin Schuh, director of Google Engineering for Chrome, who clarified Mountain View’s moves to block cross-website trackers in order to provide greater privacy protection and security for users’ browsing.
In Schuh’s words, the company is deploying a “strategy to redesign the standards of the web, to make it a privacy default. There’s been a lot of focus on third-party cookies because certainly they are one of the tracking mechanisms, but this is just one tracking mechanism and we call it that because it’s what people pay attention to.”

In addition, Google is actively working “across the ecosystem so that browsers, publishers, developers, and advertisers have the opportunity to experiment with new mechanisms, test whether they work well in various situations, and develop supporting implementations, including ad selection and measurement, denial of service (DoS) prevention, anti-spam/fraud, and federated authentication.”

The first concrete effect came in 2020, when Chrome began limiting “cross-site tracking” and unprotected data sharing by introducing a new tagging system that integrates the SameSite label to make explicit how cookies should be considered and treated, requiring that those labeled for third-party use be accessible only via an HTTPS connection. Without indication of the attribute, Chrome considers such trackers to be first-party only and therefore not distributable via external sites.

Google’s Privacy Sandbox

This is the first step in the Privacy Sandbox project, a broader initiative that aims to replace cookies with a credible and workable “open web” API technology for targeting and conversion tracking, created to protect users’ privacy and, at the same time, to allow advertisers to track them within the browser without sharing their data.

Thus, it is a system that puts an end to individual targeting to promote user group targeting, so as to prevent abuse of various kinds and safeguard the display of advertising content.
Before understanding what companies can do in this new context, however, it is good to clarify what the effects of Google’s decision may be.

The first, crucial point is not all cookies are disappearing: first-party cookies, created by the domain visited by a user to remember shopping carts or user accounts, are not affected by the abandonment and, indeed, see their value increase as a source of data to tailor ads to people.

Within the advertising market, this could result in a further shift in power, as the Financial Times also notes, “we would move from the open Internet, where adtech once thrived – and cookies tracked user activity between sites – to more closed domains that have detailed data on their direct users.” Such a closed world extends from small retailers or publishers, which might ask users to register or pay subscriptions, to large platforms such as Facebook or Google, which hold huge amounts of data about their users.

And there is no shortage of those who highlight the role played by Google, which should go a long way toward strengthening its market power, making Chrome an almost indispensable intermediary for advertisers who need data to accurately target ads and monitor their effectiveness.

The three paths to a cookieless future

Having to find new solutions in view of the obsolescence of third-party cookies over time are advertisers, vendors, ad tech companies focused on retargeting, and anyone whose business relies on performance, plus of course those who have relied on insecure third-party cookies or fingerprinting.

An Engage article identifies three possible scenarios for those who need to change strategy and still acquire prospects and connect with their target audience.

1. Using other data sources

It is quite predictable to think that the end of third-party cookies will make other data sources, such as second-party data (or login data), more important: this means that advertisers “will have to rely more heavily on publishers and tighten relationships with premium publishers even more to ensure that brand safety standards and contextual targeting needs are met.”

In this scenario, “brands will need to take back control and better leverage their first-party data by incentivizing user authentication on their site or app through valuable content, loyalty programs” and more, “assigning the consumer a unique user ID at the time of authentication” to get “a clear view of that user’s cross-session and cross-device behaviors and actions.” In addition, it becomes critical to analyze trends and insights for planning one’s campaigns.

2. Developing partnerships with “big tech”

Big companies such as Google, Facebook and Amazon (which together swallow more than 70 percent of digital advertising revenue) will be increasingly necessary for brands in an environment constrained by new privacy regulations because they offer the best proprietary data sets. Thus, “identifying and targeting these channels will enable brands to continue to innovate and deliver targeted and engaging advertising to the right audiences.”

3. Contextual Targeting

The last avenue indicated by the article is the use of contextual targeting “to match ads to keywords and thus place them in a context relevant to your product.” Such a solution is aided by the use of Machine Learning and AI-based technologies, which “provide a more accurate understanding of content and allow for greater granularity by targeting video metadata, titles descriptions, keywords and even to comments inside and outside of content,” and allow contextual targeting “to go deeper into what consumers are actively looking for when they are hunting for something,” so as to deliver more personalized messages.

The case of Dutch state TV

It is precisely contextual targeting that the site Professione Reporter talks about, which recounts a successful case of a brand that decided to preemptively opt out of cookies (and what the article calls “the empire of Google and cookies”): we are talking about the Nederlandse Publieke Omroep, the public TV station of the Netherlands (like say, our Rai or the BBC), which since 2018 has adopted a revolutionary cookie policy.

After the introduction of the GDPR launched by the European Union to protect personal data and privacy, the Dutch TV decided that “visitors to its sites would no longer be forced to say yes or no to cookies,” and, unlike in almost all cases, “skipping the privacy notice would not be considered an okay to tracking, but a no.”

Ninety percent of users chose no, either indicating it directly or skipping the option, but this did not spell disaster for Npo’s advertising revenues-despite a Google study claiming that “opting out of cookies would have reduced ad revenue by 50 percent”-and in this 2020 decided to opt out of cookies altogether, relying no longer on programmatic advertising through Google, but on contextual advertising served by local agency Ster.

The result, the story of the past few months, is that the company’s advertising revenues have risen sharply, even after the shock of the Coronavirus, and Npo found “the advertisements served to users who rejected cookies had brought in the same or higher revenues than the advertisements served to users who said yes to cookies.”

In concrete terms, since the beginning of 2020, visitors to Npo’s sites have not been tracked: in January and February alone, “digital advertising revenues grew 62 and 79 percent, compared to the same months in the previous year, and even during the following Coronavirus months they grew in double digits.”

The explanation is simple: now Nederlandse Publieke Omroep “collects everything that advertisers spend to publish on its pages, whereas before it left a major chunk of revenues in the hands of a bunch of middlemen, the group of intermediaries (data management platform, demand-side platform, supply-side platform).”

Toward a cookie-free future?

We are still in an evolving situation and it is still unclear how the abandonment of tracking cookies will take place and what impact this change will have, and Google’s Privacy Sandbox itself has undergone many changes and slowdowns from initial intentions.

Certainly, the time has come to start looking at data differently and prepare for this cookieless future: in order not to lose ground, brands will need to develop new skills, program systems to measure audience and campaign effectiveness, and be able to engage consumers as effectively as possible.

One of the most obvious effects of the new approach can be seen in Google Analytics 4, which, compared to the previous Universal version, uses cookies and analytics technologies in a less invasive and intrusive, more privacy-oriented (and law-abiding, especially with the latest changes) way. Specifically, now-as stated on the service’s specific page – Google Analytics uses a number of cookies to collect information and report statistics on site usage without personally identifying individual visitors to Google; the main cookie used by Google Analytics is called ‘_ga’ and allows one service to distinguish one visitor from another and lasts 2 years. Any site that implements Google Analytics, including Google services, uses the ‘_ga’ cookie and each is unique to the specific property, so it cannot be used to track a particular user or browser on unrelated websites.

Who cookies are for and how to use them on a site

From what has been written, it seems clear enough that virtually all websites use cookies and all benefit from them: from large social media platforms to small blogs, cookies are in fact an essential tool for providing a smooth and personalized user experience.

Digital marketing companies are among the largest users of cookies, which are used to track users’ online behavior, understand their interests and browsing habits, and then deliver targeted advertisements. This process, known as “behavioral targeting,” is the basis for much of online advertising.

Search engines, such as Google, also use them to provide more relevant search results, while e-commerce platforms use them to track products in users’ shopping carts and offer personalized suggestions.

In more detail, there are many reasons why a website should use cookies, including for example:

• Improving the browsing experience. Cookies can be used to store user preferences, such as language or location, in order to offer a more personalized experience to users. For example, an e-commerce website may use cookies to store a user’s preferred language so that the landing page is displayed in the correct language.
• Improve site functionality. Cookies can be used to store browsing information, such as pages visited or searches performed, in order to improve site functionality and provide a smoother experience for users. This can be useful for measuring traffic, improving the effectiveness of marketing campaigns, and better understanding user needs. For example, a news website can use cookies to store the latest news a user has read so that related articles can be displayed in the future.
• Tracking user behavior. Cookies can be used to track user behavior on websites, which can be used to measure traffic, improve the effectiveness of marketing campaigns, and better understand user needs. For example, an e-commerce website may use cookies to track pages visited by users so that related products can be displayed.
• Collect data for advertising purposes. Cookies can be used to collect data about users’ use of websites, which can then be used to show advertisements more relevant to users’ interests. For example, a news website may use cookies to collect data on users’ interest in certain topics and leverage the data to show advertisements related to those topics.

Finally, to effectively use cookies on the site, a few tips should be followed, starting with taking a responsible user-oriented approach, and especially remembering to:

• Be clear and transparent with users about the use of cookies, appropriately informing them about the purposes and types of cookies used (by displaying an appropriate cookie banner on the main page of the website).
• Do not use cookies to track users without their consent.
• Use cookies to improve users’ browsing experience and not just for advertising purposes.