What are Cookies?
What types of cookies are there?
First party cookies
Are sent and read exclusively by the domain of the service provider.
Third party cookies
Are sent and read by the domains of other service providers.
Session cookies (session ID)
Temporary cookies that are automatically deleted when the browser is closed. Session cookies enable the recognition of user movements on the website, so that information remains intact. Without cookies, websites have no “memory”
Permanent cookies that must be deleted manually, or delete themselves after a given period of time.. These cookies help the website to remember the user and his settings; e.g. language selection, menu preferences, internal bookmarks or favourites.
How can the user decline cookies?
Popular browsers enable the user to control the storage of cookies, e.g. Chrome: chrome://settings/content/cookies; Firefox: about:preferences#privacy, Safari: Menu>Preferences>Privacy>Block all Cookies ; Edge: Settings>View Advanced Settings>Select Block all Cookies
How can the user delete cookies?
Popular browsers enable the user (usually under the heading “settings” or “privacy”) to delete previously stored cookies.
The service provider is entitled to store on the terminal device of the (informed) user, cookies whose only purpose is the implementation or facilitation of the transfer of a message via an electronic communication network, or, if this is absolutely necessary, in order to provide a service expressly requested by the participant or user (art. 5 para.3 ePrivacy guideline). The Article 29 Data Protection Working Party has declared the following cookies permissible in its opinion 4/2012 on the exemption from the cookie consent requirement:
- User cookies (session ID), as well as first party cookies, in order to trace the entries of the user when filling in online forms, shopping baskets etc. for the duration of a session, or permanent cookies that are in some cases limited to a few hours
- Authentication cookies, in order to identify the user after login for the duration of one session
- User-centric security cookies that are used for a limited period of time for the identification of authentication errors
- Player cookies for media contents, used for the storage of technical data for playback of video-or audio contents, for the duration of a session
- Load balancing cookies or the duration of the session
- Cookies for user interface customisation, e.g. settings for language or font, for the duration of a session (or slightly longer)
- Social plug-in cookies for sharing a third party provider among logged in members of a social network.
Beyond that, user consent is required for the storage of cookies.
Which first party cookies are deployed?
Description: Google Analytics
Function: Creation of access statistics
Duration of Storage: 30 sec. to 2 years
Legal Basis: Art. 5 para. 3 (information), Consent
Which second party cookies are deployed?