How To Effectively Use Cookies

This article will give you a grounding in data privacy and the cookies that many websites use and how you need to be careful when using these on your company's website.

Updated on:

August 7, 2023

At Green Arrow Consultancy it is our job to take your customer's privacy seriously. We keep up to date on all the privacy laws that are being updated and created globally, so you don’t have to.

This article will give you a grounding in data privacy and the cookies that many websites use and how you need to be careful when using these on your company's website.

Cookies: what are they?

In brief, cookies are small text files that a website store on your computer via your browser. By themselves, cookies don’t do anything; they just store information that can be read later by a website to perform a function. So, that might be remembering what you’ve added to your basket, showing you relevant advertisements related to the products you’ve been looking up, and remembering your login data. They can also be used for analytics purposes.

The first-party cookies are those set by the site you’ve visited — for instance, to remember your login information or for analytics purposes.

There are some differences between third-party cookies and first-party cookies. These are set by a different website than the one you visited. Advertising networks use cookies as part of what they do i.e. they will add cookies to your browser when you visit the brand’s website that they are advertising. Even though you clicked on the brand’s website, the cookie itself comes from a 3rd party the advertiser. Cookies work by staying on your browser and then if you visit another website that displays ads from the advertiser, you’ll see ads related to the brand whose website you initially visited.


Cookies and your data privacy?

Certain types of cookies can be invasive in different ways. Some cookies are needed for a website to function, but cookies that track your browsing behaviour as you browse from website to website, or which keep sensitive data are more worrying.

If you are in Europe, your website will require citizens to have their user's consent before they can legally use cookies except for cookies that are necessary to the working of the website.

Although the CPRA in California only states that businesses let their users know that the website will be using tracking cookies which will be placed on their browsers. Businesses do have to give their users the option to opt out of cookies that track personal information. 

In general, most data privacy regulations treat cookies that can’t identify an individual as a separate concern from cookies that contain personally identifiable information. The thing to focus on with cookies (and with all digital tracking technologies) is whether they collect personal information or not.



What are pixels?

You probably have already heard of pixels and understand that they are tiny units on a digital screen and they are the same when referred to in privacy and tracking technologies too, but they are used in a certain way. Tracking pixels are 1x1, transparent images embedded in a website, email, or ad, and which contain a link to an external server. When a user interacts with an email, navigates to a website, or views an ad, the user’s browser downloads the invisible image file. That action triggers a request from the pixel server, providing the server owner with knowledge of who downloaded the pixel as well as information like the operating system used, the type of browser used, the time the pixel was interacted with, the IP address, and more.

How do pixels relate to data privacy laws?

Like cookies, tracking pixels collect your users’ data, but without asking for their knowledge or consent.

Under GDPR, tracking pixels can only be used if the user does consent to their use. If you don’t gain their consent, or if the user rejects them being used, your website has got to look at another way to block the pixel.


Tags are small segments of code which execute when loading a website. There will be HTML or JavaScript that describe an element or function on your website.

There will be an overlap between tags and cookies and pixels. Cookies and pixels tend to be set by tags. So, if you want to block a cookie, you will need to earmark either the cookie itself or the tag that sets it.

How do tags relate to data privacy?

Tags set tracking technologies just as cookies and pixels do, and certain businesses subject to data privacy regulations develop an additional framework that either allows or blocks tag scripts from launching depending on whether the visitor has consented to or rejected data collection. That way, if a user asks for marketing cookies to be rejected the tags which have these settings for marketing cookies don’t.

Ensuring that you are compliant?

You need to understand the different tracking technologies and how they relate to data privacy.

With 40 data privacy laws worldwide and a lot of legal jargon to read to have a full understanding of how you can keep your website compliant globally, why not get in touch with us at Green Arrow Consultancy and let us do what we do best and get your website compliant with the privacy laws that matter.