Have you ever visited my website

Tracking cookies and the GDPR

Updated October 18, 2020.

Cookies are small text files that are stored on the user's browser when visiting a website.

Many cookies, especially marketing cookies, track users and notoriously collect data such as their IP addresses and browser activity.

In this article we will explain to you what exactly a tracking cookie is; what the relationship between GDPR and tracking cookies is and how to be compliant and stop tracking cookies.

What are tracking cookies?

Tracking cookies are cookies, i.e. text files stored in browsers that can record data about the user and his particular browser, e.g. B. the actions on a website, surfing activities, purchases and settings, IP address and geographic location, etc.

As a rule, this information is used for targeted marketing in order to target and display advertisements as precisely as possible to relevant segments of Internet users, i.e. potential customers.

According to the General Data Protection Regulation (GDPR), tracking cookies may only be set if the user has given his consent. This means that tracking cookies may not process, collect or transmit user data without the consent of the user.

Cookies that track users' personal information are a serious problem in our time. You may think that your website does not contain tracking cookies, but it is entirely possible that many cookies and other third-party tracking cookies are hidden within and behind your domain, in and out of analysis schemes or social media functions, and Bring your users' private information with them.

Unfortunately, even organizations like Cambridge Analytica see "prospects" as "too persuadables" - they are manipulated on a large scale in illegal behavior modification schemes.

For information on web user tracking without cookies, see our website tracking article.

Do you have doubts whether your website is GDPR compliant? Check with Cookiebot's free compliance test.

Try Cookiebot free for 30 days ... or forever if you have a small website.

Why do I have tracking cookies on my computer and what do they do?

Almost all websites set cookies of the first and third origins in the users' browsers. Some are necessary for the website to function properly, others are for statistical purposes, and most are tracking users for marketing purposes.

Basically, the cookie serves as a "memory" that enables the website to recognize users from visit to visit.

When an Internet user loads a website, the website checks whether cookies have been previously set in that particular browser. If this is the case, the browser can read the cookie, which can contain information about the user's language preferences, location, currency, password entries, previous surfing activities, interests, etc.

  • In this way, the website can be personalized for the respective user and presented in the best possible way.
  • The website can remember password, address and billing information so that users do not have to re-enter this information every time they visit or shop on this website.
  • The website can suggest content that could be particularly relevant to the respective user.
  • The website can monitor the activities on the website and provide comprehensive analyzes of the use of the website. Website owners can optimize and improve their website according to the actual behavior of their users.
  • If the website has ad slots for monetization of page views, the existing advertising network can tailor the ads displayed to specific segments of internet users who are most likely to be interested in specific products.

Are tracking cookies a bad thing?

Tracking cookies are neither good nor bad.

They are just small text files that do nothing in and of themselves.

They are placed silently on the user's computer, but cannot cause any damage there and hardly take up any space.

It's more about what is done with cookiesthat determine moral or ethical qualities, not technology itself.

On the one hand, cookies are a key element in creating seamless, intuitive and user-friendly Internet experiences.

On the other hand, cookies are a key feature to track users and to get a deep insight into what they are doing and as the great privacy scandals of 2016/2018 taught us: with that insight come powerful, destructive forces.

The latter potential has been classified as invasive to privacy by the GDPR.

Mainly because the users have had no real option to log out of this monitoring and have no insight into what is going on in the background while they are surfing the Internet.

Who is watching them and why?

What is cross-site tracking?

As the name suggests, cross-site tracking happens as soon as a user is tracked across different websites on their journey.

This is possible due to Third party cookies.

While cookies of first origin are set by the website itself and are therefore isolated on the specific website, third-party cookies are set by external parties present on a website.

As Rule of thumb applies that third-party cookies are the tracking cookies.

For example, Facebook, LinkedIn, and Twitter share and like buttons are present on the vast majority of websites so these organizations can track users on the web, even users who don't have accounts on their social media!

Google Analytics is by far the most widely used website analytics tool and is used on nearly 70% of the top 1 million websites in the world. This gives Google an incomparable insight into Internet users.

Read about Cookiebot scanning technology and how it can reveal all the hidden tracking elements on your website.

GDPR & tracking cookies: what does the law say?

The General Data Protection Regulation, which came into force on May 25, 2018, means that you Users not without their consent or for other legitimate reasons.

This means that all website owners that set tracking cookies and have visitors from EU countries must have an adequate solution for managing consents on their websites.

Approval must before settingthe cookies must be obtained recordedand as documentationsafely storedwill as well revocablebe.

It must also be based on consentclearer and more specific informationabout the cookies used on the website and their purpose.

For a full overview of the requirements for using tracking cookies on websites, read our article GDPR and Cookies.

List of tracking cookies

A Princeton University study of user tracking on the Internet found that tracking cookies are largely due to a few ubiquitous trackers.

Google, Facebook, and Twitter are the only third-party providers present on more than 10% of the top 1 million websites on the Internet.

Web hosts like WordPress, tools like Google Analytics, and embedded content like YouTube videos all set cookies on your website.

Do you have any doubts about the cookies that are used on your website?

Most website owners do not even have a complete overview of the cookies that are set by their website.

Does your website contain tracking cookies, and if so, make sure they don't collect data about your users until they have given you their consent?

Using Cookiebot can clearly inform you about this and make your website 100% GDPR compliant.

Our cookie tracking software scans your website and finds all tracking cookies and other tracking that are available and operating on your website, then blocks them all and only allows them to be activated if your users have given them their consent.

This is done through our highly customizable cookie consent banner, which allows users to select exactly the tracking cookies they would like to have enabled on their devices.

Cookiebot also presents you with a cookie statement - a report of all tracking cookies and other tracking on your domain that you can use as a central part of your cookie policy and privacy policy, both of which are also required by GDPR.

Sign up for our cookie tracking software for free today.

How to remove, stop, and block tracking cookies

Cookies are easy to remove.

If cookies are set in the browser, you must delete the cookies in each of the browsers you are using, e.g. Chrome, Firefox, Internet Explorer, etc.

An alternative is tools like CCleaner, which delete cookies for you, monitor and log logs from your hard drive and all your applications at once.

Please note, however, that the individual websites will set cookies again in your browser the next time you visit the site.

Unfortunately, deleting cookies, cache and browser history does not guarantee you a fresh start:

In many cases, the cookie is a small and simple text file that points to a larger log on the website's server.

Read about cookie tracking software for your website here.

If the website is able to recognize you, e.g. Using a supercookie or canvas fingerprint, for example, the new cookie is then often assigned to the same protocol and tracking continues where the old one left off.

Should I delete tracking cookies?

As already mentioned, cookies take up little space on your computer.

They are not malicious software or programs that can actually do something on your computer.

You will be able to use your computer safely without ever deleting the cookies.

However, if you have concerns about protecting your privacy, you should delete the cookies from time to time.

In the digital realm, monitoring users can be as intrusive as it is imperceptible.

Types of violations that one would never accept in the physical world have long been common on the internet.

Think about it.

You wouldn't let strangers walk through your private letters and drawers without soliciting your permission or presenting yourself and your motives first.

And you would surely find it very unsettling if you began to realize that you will be shadowed down the street and that what you looked at or bought along the way was recorded.

In practice, however, this is the case when users are browsing the Internet.

User data is extremely valuable and can be used for many things, from markets to mobilizing the masses.

However, you should be aware of the fact that if you clear your browsing history, cookies and cache, it will disrupt the smooth and smooth user experience while browsing:

  • If you clear your history, it means that the address bar will no longer auto-fill addresses and you will have to write out all the names of your most-used web pages in full.
  • Clearing cookies will log you out of most websites - make sure you have your passwords on hand!
  • Clearing the cache can slow down websites from loading as they have to reload all of their content instead of using the saved copy in your cache

Tracking cookies scanner

Find out which cookies are being set on a website by running a free scan: Website scan.

Our audit scans up to five pages on a website and sends you a free report on all cookies and other tracking technologies used on those pages.

Can I permanently deactivate tracking cookies?

There is a variety of software that you can add to your preferred browser to disable tracking cookies.

These are good solutions if they all recognize cookies and tracking. However, ad blockers tend to cripple the user experience by "brutally" blocking cookies.

Two of the best known are Ghostery and AdBlock.

Read this useful comparison of the two alternatives written by web hosting company Webxen.

You can also specify which cookies you want to accept in most browsers in the "Settings" section.


How do cookies track users?

When a user visits a website, cookies are set in their browser and process personal data such as IP addresses, unique IDs, search and browser history. This will allow your website to remember the individual user when they return to your website, but also allow other websites and ad tech companies to keep track of users across the internet.

Try Cookiebot free for 30 days ... or forever if you have a small website.

Are tracking cookies legal?

Cookies are neither legal nor illegal, they are just a technical aid. But the use of tracking cookies, which process users' personal data without asking them beforehand and obtaining their express consent, is illegal under the GDPR.

Test for free whether your website complies with the GDPR

What tracking cookies do I have on my website?

If you use social media plugins, analysis tools or marketing software on your website, third-party cookies will be active on your website. All cookies that are not absolutely necessary for the basic function of your website must be deactivated until the users give their consent to their activation.

Scan your website for free to find out which cookies your website is using

How do I make my website GDPR compliant?

Using a consent management platform that can deeply scan your website, detect and automatically control all cookies and trackers so that users can give their proper consent before activating them can make GDPR compliance very easy for you.

Try Cookiebot free for 30 days to ensure full GDPR compliance


Try Cookiebot for free today.


Bernardmarr.com: How Is Big Data Used In Practice? 10 Use Cases Everyone Must Read

Webxen.com: Ghostery vs AdBlock (in English)

Legitimate grounds for tracking in the GDPR

Princeton study on web transparency

Techtarget.com: Defintion of supercookie (in English)

Report by Ghostery: Tracking the trackers