Most of us associate digital marketing with the obvious examples we see day in and day out. Things like YouTube videos, email campaigns, and digital payment apps. There’s a hidden side to digital marketing though. One associated with tracking, data, and privacy. And it stands behind the cleverest (and maybe even one of the happiest) of words.
🍪 Cookies. 🍪
I wish I was talking about baked goods. This would be a much more enjoyable read. Instead, we’re talking about small text scripts that are installed on the backend of a website. And they are far more important to a digital marketer than an afternoon snack.
Cookies are a general term for any piece of code that helps track user data. This can be either anonymous data (track activity) or specific data (stores personal information). They identify web browsers as unique internet users rather than treating millions of people as the same. Cookies allow marketers to better serve their audience by providing them with ads, emails and experiences specifically meant for them.
It’s important to know too that cookies aren’t necessarily just tracking the user in real-time, or on that specific site. Cookies can “stick” with the user even after they leave the website where tracking first began, and continue identifying and tracking their behaviors thereafter.
Many web users have gone from having no knowledge about cookies to having misconceptions about cookies. With major news stories in recent years surrounding Facebook and other big tech companies, consumers are starting to understand a bit more about tracking, but it’s not always accurate.
Let’s begin here.
There are two forms of cookies: first-party and third-party.
First-party cookies are ones used to track, capture and store data by the business itself (who is managing the website). It’s important to note that a large number of first-party cookies are what’s called “functional cookies.”
This means that they aren’t used for analytical or marketing purposes, but rather, they help provide a better user experience for the web user. In fact, some websites or web features can’t even function without using these cookies.
Third-party cookies, on the other hand, are largely used for analytics, marketing, and research purposes. They are called third-party because the data is captured and stored by third-party software providers and the business simply is using its website as the platform for tracking, while having access to the data, too, of course.
Some examples of this might be:
Almost every website you visit uses some form of cookies. Many use a combination of both first-party and third-party. Consider the likes of popular tools like Google Analytics, Hubspot, Marketo, Salesforce, MailChimp, SalesLoft, WooCommerce, and Shopify. Powerful stuff!
Without cookies, there’d be a lot of guesswork in marketing, and we’d see a lot of irrelevant ads all over the place, too.
Currently, there aren’t any direct laws in the United States that prevent businesses from using cookies to track web users. That includes both first-party and third-party cookies.
However, the European Union did crack down on tracking a few years ago, and it’s possible that similar laws could be passed in the U.S. in the coming years.
Therefore, it’s important businesses understand what they are up against.
The Children’s Online Privacy Protection Act, or COPPA, helps protect children under 13 from having their information tracked. Companies must take active steps to avoid collecting personal information from children.
The current General Data Protection Regulation, or GDPR, was implemented in 2018. This regulates citizens’ control over personal information across the European Union (EU). It affects any business that sells to those in Europe or holds the personal information of European citizens. To comply with this law, businesses must affirm that users are aware and consent to cookies on a website, give the option to users to set their cookie preferences, and provide the ability for users to revoke consent at any time.
If you meet the criteria for GDPR, or if you simply want to give your users the option to opt-in or opt-out of cookie tracking – you’ll likely want to use a pop-up tool that can easily be integrated into your site, in order to gain cookie consent from users.
These pop-ups typically appear when users visit the site for the first time and provide information about privacy and the type of cookies that are used on the site. They also give users the ability to opt-in for cookies, opt-out of cookies, or customize which cookies they’d like to opt-in or opt-out of.
The pop-up must be noticeable – therefore, most companies use clickwraps or browsewrap.
A clickwrap is more direct. These pop-ups use “express content” by forcing the user to either opt-in or opt-out before moving on to the site.
A browsewrap is more indirect. It suggests “implied consent” since users are given information about privacy and tracking – but can simply bypass it and continue on with their web browsing.
Many privacy experts believe that, as the tech world gets more strict with privacy, tracking, and security, it’s possible that browsewraps will fall by the wayside to make way for clickwraps only.
Privacy Policies exist outside of cookie consent pop-ups. And they are just as important.
Many people copy and paste Privacy Policies they find on others’ websites. This is bad practice for two reasons.
One, you’re stealing material/content that’s copyright from the original creator – which is illegal.
Terms & Conditions (also called “Terms of Service”), on the other hand, protect you – the business.
It outlines the rules and guidelines for your website. It’s a contract between you and the user, and it safeguards you legally if there’s a disagreement of how users are using your website, its features, or its content.
Depending on your business, what you sell, and where you operate, it’s possible that you’re required by law to have Terms & Conditions on your site. Even if it’s not required, it’s still a good practice for all businesses, even if, at minimum, it establishes copyright for the content on your site.
Terms & Conditions are also legally-binding documents. Consult with your legal team when producing your Terms & Conditions and before publishing it or updating it on your website.
If you’ve read this far and are still confused, here are the steps we recommend you take:
Understand more about the laws that you’re required to follow based on how and where you do business. If you conduct business in California or Europe, pay extra close attention.
Audit your tech stack and the current cookies on your website – and the cookies that you plan to use on your website in the future. This includes both first-party and third-party, and both functional and tracking ones.
Prepare a page that consists of your Terms & Conditions, specific to the content and features of your website. Be sure to have your legal team review before publishing.
This information is for educational purposes only and is not meant to provide legal advice. Before implementing any policies regarding cookie consent, Privacy Policies, or Terms & Conditions, it is recommended you work directly with your lawyer. Site-Seeker is not liable for any actions taken against a business related to the above information or policies.