- To keep a user logged in during a session. This means that you don’t have to continually login each time you change page or return to visit your site after viewing.
- To automatically log a user in, if they have previously clicked 'Remember me' when logging in. Making it quicker to login to visit your site rather than retype your username and password each time you visit your site to login.
- For Google Analytics, if set up by the site owner. This is a third-party cookie. This allows the website owner to track user or visitor behaviour, e.g. how long they stay on the site, which pages they visit, where they leave, etc. This does not individually identify a user. If you do not use Analytics for any of your sites then this does not apply to you.
- For Google AdSense, this is also a third-party cookie. If the AdSense service is enabled by the site owner and adverts are served up on their websites.As above if you do not have AdSense enabled on any of your websites then this does not apply to you.
- For HTML Snippet Widgets, which involve external or third-party websites then there is a possibility of a third-party cookie being dropped by the external site provider. Establishing what cookies are placed by that website would be the responsibility of the website owner and making it clear to the visitor.
We believe that the first two cases qualify as exceptions in the legislation, as they are required for standard functionality that is expected by a visitor.
Unfortunately, the other cases are a little more undetermined at the moment - the ICO's own position on third-party cookies is currently quite vague. However, Google have suggested recently that they will not be changing the current setup for Analytics.