Demonstration
To process your request, we need to process your personal data. Find out more about the processing of your personal data here.

What is a cookie or a tracker?

Before discussing our cookie policy, we need to define what a cookie is. It's a small computer file that collects traces and information relating to your browsing. Visually, they can be represented as something that tracks every action you take via a smartphone or computer to save this data.

Our digital footprints are our identity. Among these digital traces are the famous cookies. The current term derives from the expression "Magic cookies", which refers to a packet of data.

Cookies are small text files stored in the web browser by a site when a user visits it. They are inserted on your computer's hard drive by the website, to facilitate the user experience and potentially offer you personalized advertising in line with your centers of interest.

A cookie will not collect information that the user has not previously entered in a questionnaire or registration form, for example.

What are cookies for?

Cookies provide information about a user's preferences when visiting a website. The latter is thus able to recognize and store information or personal data, for example :

  • Website language
  • login details
  • pages consulted
  • basket contents

This ensures an optimal user experience and facilitates the digital path to conversion. Cookies are also necessary for a site to function properly. Cookie management can be tricky when the subject is not mastered.

The different types of cookies

Cookie policy

Technical cookies

Technical cookies are essential for the proper functioning of a website. Statistical and audience measurements are important to identify possible bugs on the site, to correct them and to offer an adapted user experience.

Statistical cookies

Statistical cookies are files stored on a browser that collect anonymous data on how users interact with a website. They make it possible to analyze traffic, identify the most frequently visited pages and understand browsing behavior in order to optimize the user experience.

Third-party application cookies 

On some websites, it is possible to make yourself known via sharing buttons on social networks such as Facebook, Twitter, LinkedIn, Google plus, Pinterest, etc. These tracers make it possible to track a user's browsing habits if their account or session is activated.

Advertising partner cookies

These are cookies placed by commercial partners or targeted advertising providers. A site hosting advertising partners is likely to transfer information relating to purchases you have made or products consulted.

Optional cookies

These cookies enable us to improve the user experience, facilitate searches and offer personalized advertising to users based on their purchases and centers of interest. They are not essential. Example: product recommendations.

How can I delete my cookies?

Depending on the browser, the course may be different. But all browsers should offer the option of deleting them in the settings.

Indeed, the General Data Protection Regulation requires all structures that use cookies requiring consent to give users the opportunity to easily withdraw consent granted in the past at any time. The cookie policy must provide clear and precise information explaining how users can withdraw consent or delete cookies.

What is a cookie policy?

A cookie policy is a document that informs and explains everythinga website does with cookies. Many entities include this document in their privacy policy, but this is not appropriate. It should be kept separate for easy access.

The CNIL (National Commission for Information Technology and Civil Liberties) requires structures that process personal data to comply with the GDPR in order to be compliant (Data Protection Regulation). According to the principles of informing people and transparency, this policy is accessible from the footer of a website. Cookie management must be made easier for users (consent, deleting cookies, retracting consent, ...)

Cookies are a classic way of collecting personal data on websites. This collection must therefore comply with the General Data Protection Regulation. The site must inform individuals about the processing of personal data and obtain their consent beforehand.

GDPR cookies

Is a cookie policy mandatory?

Pursuant to Article 82 of the French Data Protection Act, this is mandatory if a website's data controller uses cookies or tracers requiring consent.

For example, these can be tracers that offer personalized or targeted advertising to a user based on their digital journey.

Consent must be obtained:

  • website and mobile application publishers
  • advertising agencies
  • etc

When there is direct contact with a user of a website or mobile application, the management of cookies and personal data must be supervised. Such processing requires prior consent! Consent can be obtained by means of a cookies banner, which must be displayed as soon as the user visits the site. In this banner, it is important to refer the user to your privacy policy and your cookies policy to inform them of the processing of personal data and the use of cookies.

Cookies requiring users' prior consent

Some cookies require prior consent. These include all cookies related to targeted or personalized advertising. There are also social network cookies, generated by their sharing buttons.

Cookies not subject to consent

Some cookies do not require prior consent, such as those that retain the user's choice about the deposit of tracers, those intended for authentication with a service, and those that ensure the security of the authentication system. We can also mention trackers that keep track of a user's shopping cart and enable them to be billed on a website. 

Secondly, cookies that are not subject to consent are those that enable user interface personalization (personalization that is an intrinsic and expected element of the service); or that enable load balancing of equipment involved in a communication service. 

Some pay-per-use websites that restrict free access to a sample of content requested by a user set up tracers. These make it easier to know whether the limited period or predefined quantity has been reached. These trackers do not require consent. Finally, audience measurement trackers are not subject to consent, provided they meet certain conditions.

GDPR cookie policy

Where can I find the cookie policy?

It must be easily accessible. In line with the General Data Protection Regulation's principle of informing people, users must be able to find and access it easily.

It is not recommended to include it in your personal data protection policy. A dedicated link should point to this policy. It is often found in the cookies banner or at the bottom of the page.

What's in the cookies policy?

It contains several parts. First, it must clearly explain its purpose. It explains why a website uses cookies. Next, you'll need to explain the definition of a cookie, what they're used for, and which categories of cookies the site uses.

It is necessary to inform what control users can carry out over the site's cookies, to inform whom to contact for further information, to inform how to contact the CNIL (National Commission for Information Technology and Civil Liberties) and finally, whether the cookie policy can be modified.

What is the difference between a cookie policy and a privacy policy?

Like the personal data protection policy, the cookie policy enables compliance with the GDPR's principle of informing individuals and principle of transparency. Both documents provide information on the processing of personal data. But they are different.

The privacy policy informs people about the processing carried out on their personal data. It explains why the data is processed and on what basis; All the processing that goes on with the data; Who has access and how the data is protected; Whether it is transferred outside the European Union or not, etc. In short, if it's GDPR, it gives users confidence to share their personal data and buy a product or service.

With regard to the cookies policy, it provides information on the Purpose and collection of data that will involve users' privacy. It covers the tracking technology used and informs users of the cookies, tags and pixels used on the website.

This is an approach that informs users of their traces. They are recorded for the smooth running of the website, and if they give their consent, users will receive targeted advertising, for example. 

How can I obtain a cookie policy?

You can obtain a cookie policy by writing it yourself , if you have the required knowledge (technical and legal). It can also be done through a law firm, but the cost is significant and the document will not be updated if the structure evolves. It is also possible to recruit a DPO within your organization to deal with all matters concerning personal data.

The wisest solution is to outsource the DPO function. It will allow, for a low cost, to obtain all the documents necessary for GDPR compliance, but it will also allow a DPO accompaniment that can update the documents in parallel with the evolution of a structure.