Does your website have any of these technologies or features?
- WordPress, or any other blog or content management system
- Google Analytics, or any similar website analytics program
- Google AdSense and/or AdWords
- Facebook, Twitter, Google+ or other social media “like” buttons or plugins
- A shopping basket / cart
You’ll need Google Chrome – you can download it for free if you don’t have it already. It should take about 5 minutes for most websites.
How to audit your site for cookies
Step 1: switch on Chrome’s Developer Tools
Step 2: open up the “cookie” resources view
Step 3: browse ALL of your website pages
Now navigate through your website, visiting each page.
As you go you’ll see the console in the bottom half of the screen fill up with cookie information. Take note as you go.
It’s important not to simply check your homepage, as there may be cookies being set by plugins that only run on certain pages.
You should also:
- Login to WordPress (spot the additional cookies)
- Leave a blog comment (you can always delete it later)
- Close the Cookie Law Info tab (watch for a cookie called “viewed_cookie_policy”)
- If you have one, view a [YouTube] video, as these features sometimes drop ‘third party’ cookies
- If you have such a feature, click ‘like’, ‘tweet’, etc – these also leave cookies
Types of Cookies
Now that you know what cookies are being set, you’ll want to know what type of cookie they are and how long they are set for.
Cookie types are either session (stored only whilst you browse the site) or persistent (stored even after you have left – e.g. 1 year). Cookies that your own website sets are called first party cookies, and those set by other websites who run content on your website are known as third party cookies – for example Facebook sets cookies via your website if somebody ‘likes’ one of the posts on your site.
For example, the Cookie Law Info plugin sets a cookie to remember if the visitor has accepted/closed the cookie info bar. It sets a persistent cookie called ‘viewed_cookie_policy‘ for 365 days.
Strictly Necessary Cookies
You don’t need to get consent for all cookies, however. Cookies that are “strictly necessary” for the running of your website are excluded from the directive. The definition of “strictly necessary” is black and white though:
Cookies that are considered strictly necessary:
- Cookies to remember items in a shopping basket
- Cookies providing essential security measures
- Cookies used for quick loading and distribution of content
However, some common web services are NOT considered strictly necessary:
- Google Analytics, or similar software to analyse visitors
- Cookies that remember user preferences
- First and third party advertising cookies
- Facebook like buttons
This method is quick and easy and it should cover very nearly all if not all of the cookies your site uses. Next step- show the world how you comply with the cookie law with Cookie Law Info!