Cookies are valuable to businesses which want to gain insights into their end-users' activity online. However, there are certain regulations governing cookies, which you should keep in mind. As an online business, you will have to ensure that the use of cookies on your website and apps is compliant with the GDPR and e-privacy regulations.

What are cookies?

Cookies are small text files that websites place on your device as you are browsing. They are processed and stored by your web browser. In and of themselves, cookies are harmless and serve crucial functions for websites. Cookies can also generally be easily viewed and deleted.

However, cookies can store a wealth of data, enough to potentially identify the end-user without their consent if not set up properly.

Cookie compliance

To comply with the regulations governing cookies under the GDPR and the e-privacy Directive you must:

  • Receive users’ consent before you use any cookies except strictly necessary cookies.
  • Provide accurate and specific information about the data each cookie tracks and its purpose in plain language before consent is received.
  • Document and store consent received from users.
  • Allow users to access your service even if they refuse to allow the use of certain cookies
  • Make it as easy for users to withdraw their consent as it was for them to give their consent in the first place.

If you are a Flipdish-hosted website customer, your Cookie Policy will be updated by us.

If you embedded Flipdish Online Ordering on your own website, Flipdish provides you with a template cookie policy for your website. This sets out the cookies used on your site, the purpose of those cookies and the duration of those cookies based on the standard website configuration we suggest.

If you use cookies otherwise than as described in the Cookie Policy there is a risk that you may not comply with data protection and e-privacy law. Therefore you should confirm that the default information contained in the Cookie Policy for your website and app is correct and you should amend it as required as Flipdish cannot be responsible for this.

Why should you update (or upload) your Cookie Policy?

As a "controller" (jointly with Flipdish) of personal data of the end-users ordering online from you, you are obliged to comply with the regulations in place. In this case it is both GDPR and the e-Privacy Directive.

More about cookies

Types of Cookies

In general, there are three different ways to classify cookies: what purpose they serve, how long they endure, and their provenance.

Duration

  • Session cookies These cookies are temporary and expire once you close your browser (or once your session ends).
  • Persistent cookiesThis category encompasses all cookies that remain on your hard drive until you erase them or your browser does, depending on the cookie’s expiration date. All persistent cookies have an expiration date written into their code, but their duration can vary. According to the ePrivacy Directive, they should not last longer than 12 months, but in practice, they could remain on your device much longer if you do not take action.

Provenance

  • First-party cookies As the name implies, first-party cookies are put on your device directly by the website you are visiting.
  • Third-party cookies — These are the cookies that are placed on your device, not by the website you are visiting, but by a third party like an advertiser or an analytic system.

Purpose

  • Strictly necessary cookies — These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies. While it is not required to obtain consent for these cookies, what they do and why they are necessary should be explained to the user.
  • Preferences cookies — Also known as “functionality cookies,” these cookies allow a website to remember choices you have made in the past, like what language you prefer, what region you would like weather reports for, or what your user name and password are so you can automatically log in.
  • Statistics cookies — Also known as “performance cookies,” these cookies collect information about how you use a website, like which pages you visited and which links you clicked on. None of this information can be used to identify you. It is all aggregated and, therefore, anonymized. Their sole purpose is to improve website functions. This includes cookies from third-party analytics services as long as the cookies are for the exclusive use of the owner of the website visited.
  • Marketing (or Advertising) cookies — These cookies track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an ad. These cookies can share that information with other organizations or advertisers. These are persistent cookies and almost always of third-party provenance.

These are the main ways of classifying cookies, although there are cookies that will not fit neatly into these categories or may qualify for multiple categories.

You are responsible for third-party cookies on your website.

You can find more information on GDPR related topics in our FAQs here.

We also have templates available for:

Did this answer your question?