So, you are preparing to launch your website and need to decide whether to warn visitors you collect cookies. On the one hand, a pop-up message distracts from the main content. Yet, on the other hand, you can get fined for collecting personal data without a user’s consent.
In this article, we will provide insights into the answers to the following questions:
- what cookies are and why we need them;
- how they benefit a business and how they facilitate user interaction with the website;
- why notifying visitors about cookies collection and storage is necessary. As well as the consequences for not doing so;
- what the notification options are: self-written banners or created using a ready-made service;
- how to make the right pop-up and step-by-step instructions for it.
A pop-up window with an agreement to collect information looks threatening to users. For example, social media rumor has it that cookies are a virus that penetrates the computer and destroys all contents or breaks the hard drive. Some people believe that cookies are only used to show ads or collect email addresses for spamming.
Go on reading to see these myths busted.
What are cookie files, and why do we need them on the website
HTTP Cookie files are small text documents up to 4KB, which the server transmits to the device from which you access the Internet: PC, laptop, tablet, or smartphone. Each document contains data from the website to which it belongs.
The information in the file is presented in the form of letters and numbers that remember:
- authorization data on websites: login and password in encrypted form;
- information about user preferences: font size, language, currency, etc.;
- operating system version, browser, the IP address, and location of the visitor;
- items viewed on the website or the contents of an abandoned cart;
- clicks and transitions on links;
- text that was previously entered on the website.
Types of cookie files
According to the storage time of records, there are:
- Temporary cookies are deleted immediately after closing the browser because they store information during one session (therefore, they are also called “session” ones). Temporary cookies control the elements of the website pages.
- Persistent — or first-party — cookies don’t depend on browser closing and are stored in the file until a specific date or deleted after a specified time. If you close a website and then reopen it, the server gets cookies that belong to it. For example, persistent cookies store the login and password so that the user does not have to enter it every time.
According to the level of security, there are:
- Secure cookies transmit information in encrypted form using the HTTPS protocol. Most often used in bank accounts, online payment services, and government websites.
- HTTP-only cookies are available only via HTTP. This type prohibits reading or writing information in the file.
By purpose of use, cookie files can be divided into five categories:
- Obligatory cookies are necessary for the functioning of the website. Therefore it is not recommended to disable them. They are recorded in response to a visitor’s action — for example, after logging into the website or filling out a form. This information isn’t transferred to other systems.
- Productive cookies include information about the user’s movement around the website and determine the frequently visited web pages and traffic sources — the data for Google Analytics.
- Functional cookies include user custom settings and preferences to provide a personalized approach to the client. For example, their username or the language of communication they specified in the online chat on the website.
- Targeting cookies are used for ad settings. They collect information about the user’s interests, based on which they show relevant advertisements on other websites.
- Social cookies are used for integration with social networks, which allows you to like or share a website page in your profile.
Go healthy, make cookies 🙂
With 13Chats, you can easily make a cookie request notification without puzzling over where and how to add it.
How cookies work
When entering the website, the server requests information that is stored in cookies. After checking, it approves the visitor’s action or rejects it. For example, you can customize the display of discounts in an online bookstore for registered users only. The server will verify the authentication and then show a webpage with or without a promotional price.
Cookies collection makes it easier for the visitor to use the website:
- in order not to enter your username and password each time, just click “Remember me” when you first log into your account;
- thanks to cookie files, the selected theme and time zone will always be displayed;
- the cart will contain items that you didn’t have time to check out.
For example, a visitor has been looking for glasses and browsing related resources. If they haven’t enabled the “Incognito” mode, advertising banners on this topic will appear on different websites for them after a while.
Example of a cookie-based ad. Source: Instapage
In fact, cookies are a kind of helpers that collect information about the user while he is on the website. It is safe to use them, but fraudsters can intercept cookies — for example, steal login and password. Therefore, the HTTPS protocol is used; it sends information in encrypted form.
Every few months, you need to clear the cache because the files are stored locally. They take up space and can slow down your device. It isn’t recommended to disable all cookies — some of them are responsible for websites operating correctly. For example, the server will not remember which products you added to the cart without using cookies in the online store.
Why are cookies collected on the website, and is it legal
Any website hosts its cookie file on the visitor’s device to save information about his last visit: language settings, region, preferences in promo materials, wish lists, viewed product pages, etc. This way, you collect the information necessary for understanding the target audience and targeting and personalizing your website for each visitor.
The collection and storage of cookies isn’t limited by law, but visitors must allow you to use their data.
Why is it necessary to notify users about the collection and storage of cookies
If you do business on the Internet, abide by its laws. Below we will analyze what rules online entrepreneurs need to follow to avoid fines and make their website user-friendly.
On May 25, 2018, the law GDPR (General Data Protection Regulation) came into force, which ensures the safety of personal data of the European Union citizens, regardless of their location. For example, if you use Google Analytics to monitor user behavior in the EU, you are subject to the GDPR.
According to the law, collection and storage of cookies are allowed only if:
- the user is notified what information is being collected, what it is used for, to whom and where it is transmitted;
- the website has received the user’s consent for data collection;
- the user has the option to refuse from or revoke permission.
For greater protection, the personal data of users should be stored only in encrypted form.
Those not complying with the law will be fined: from 4% of the company’s income for the previous year up to € 20 million — depending on the article of the law.
The GDPR does not apply to businesses in Ukraine, Russia, and other CIS countries. Nevertheless, if the company uses the data of people living in the European Union, then the law has to be observed.
The warning on collecting and storing cookies is a pop-up message with a “Confirm” button and a link to a document, which describes what information and for what purposes the website collects. Also, the agreement may include configurable parameters, where the user himself chooses what data he agrees to provide.
An example of a request for the processing of personal data in an online store
If the user decides to specify which kinds of cookies to agree on, they can proceed with choosing the specific cookies to accept.
An example of an agreement with the ability to choose the type of data to collect
How to make a correct notification banner on cookies usage
There are two ways of making a banner that informs about the collection of personal data:
- program from scratch by asking the developer for help;
- make it yourself using a ready-made service.
If you would like to create a self-written pop-up that considers all your wishes for design and functionality, contact the programmer. This method requires financial investments and time (depending on the developer’s employment and the level of complexity).
The second option involves creating a notification on a ready-made platform. It is a quick and straightforward way to implement a pop-up window without requiring any technical knowledge. You can do it yourself in half an hour on free platforms — 13Chats, OneTrust, CookiePro, Cookiebot.
Let’s compare these services with each other.
Free basic plan.
Paid plans with advanced features — from $13 to $93 per month.
Free basic plan.
Paid plans with access to technical support and a large selection of designs – from $500 to $1500 per month.
Free for websites up to 100 pages.
Unlimited plan — from $10 to $44 per month.
Free for websites up to 100 pages.
Paid plans — from $10 to $41 per month.
Platforms allow you to create and edit agreements on cookies collection quickly and with minimal investment. The main advantage is making changes to the banner independently from the CMS (self-written website, WordPress, Tilda, Joomla, etc.). You can edit the design, time of appearance on the website, location, text, etc., at any time.
How to make a pop-up window with a cookie notification in 13Chats
Using the step-by-step instructions for creating a pop-up on 13Chats, you will add a pop-up to your website with a notification about collecting personal data in 5-10 minutes. All functionality is available in a large free plan. Just register with the service and get started!
On the start webpage, click “Create Project” and give it a name.
Creating a new project at 13Chats
In the settings, select “Add pop-ups” and click “Continue.”
Choose a pricing plan. A basic plan is enough to create an agreement on cookies collection.
13Chats pricing plans
Next, the system will redirect you to the “Project Settings” menu and show you the code for installation on your website on any CMS. Copy it and paste it in the appropriate place on the website.
Code for installation on the website
Select your project to start creating notifications on cookies collection and storage.
Selecting the project
In the new window on the left, select “Website Messages,” then on the right, click “Add Event Trigger.”
Adding event trigger
Select the format “Cookie request” in the pop-up window and click on the template in the right column.
Choosing a template for a pop-up
You can use a standard template or make any changes to the pop-up window’s content, appearance, layout, and functionality. You can add an image, change or format the text, specify the button’s name, select a theme, the main action, and add a link to a web page explaining why the website collects cookies.
When you are sure that the pop-up is set up as intended, move on to the next step.
Pop-up setup page
Next, add your targeting conditions. For example, a notification may appear after 5 seconds the user spent on the website.
Is your pop-up ready? Then feel free to click “Save and publish.”
The last step of customizing the pop-up
Cookie files are not malicious code to be afraid of. The information contained in cookies makes your website more user-friendly and valuable for entrepreneurs and marketers.
To prevent users from having a negative attitude to the pop-up on cookies collection, explain in detail what it is for, what information is transferred to third-party systems, and what remains confidential. Provide the ability to choose the type of data collected, refuse collection, or revoke permission if the user changes his mind.
If your business uses data from EU residents or at least one EU citizen among your visitors, follow the GDPR. This will make your data collection legal and save you from fines.
Making a pop-up notification on cookies collection and storage is simple, fast, and doesn’t require additional investment. Take up to 30 minutes of your time and make sure you run your business by the rules.