Cookies
Learn how website cookies work, the different types of cookies, and how to manage them effectively to stay compliant with privacy regulations. Discover the difference between first-party and third-party cookies, understand session vs persistent cookies, and find out which cookies require explicit user consent under current data protection laws.
Vendor Risk Assessment for Third-Party Scripts: A Cookie Compliance Checklist
Every third-party script on your website is a compliance liability. This checklist walks you through vendor risk assessment for cookie compliance, covering data processing agreements, script auditing, and the due diligence GDPR Article 28 demands.
Traffic Source and Consent Rates: Why Google Visitors Accept More Than DuckDuckGo Users
Cookie consent rates vary dramatically depending on where your visitors come from. Benchmark data shows that Google and Facebook referrals produce significantly higher acceptance rates, while privacy-focused search engines like DuckDuckGo correlate with much higher rejection. Understanding these patterns is essential for accurate analytics.
TikTok Pixel and Privacy: What Cookies It Sets and How to Stay Compliant
The TikTok pixel drops both first-party and third-party cookies the moment it fires, including _ttp, ttclid, and session identifiers. Every one of them counts as non-essential under the ePrivacy Directive, which means prior consent is required before the script loads.
Thailand's Personal Data Protection Act (PDPA): Cookie Consent Requirements
Thailand's Personal Data Protection Act has been fully effective since June 2022, and the PDPC is now actively enforcing it with multi-million baht fines. If your website reaches visitors in Thailand, you need explicit consent before setting non-essential cookies.
Testing Your Cookie Banner: How to Verify That Rejected Cookies Are Actually Blocked
A cookie banner that fails to block rejected cookies is worse than having no banner at all. This guide walks you through practical methods to verify your consent implementation using browser DevTools, network analysis, and automated testing.
Shopify Cookie Compliance Beyond the Basics: Checkout Pixels, Audiences, and Consent
Shopify handles some cookie consent automatically, but checkout pixels, Shopify Audiences, and custom tracking scripts introduce compliance gaps most merchants overlook. This guide covers the Customer Privacy API, pixel sandboxing, and how to ensure your store meets GDPR and CCPA requirements.
Server-Side Tagging Explained: How It Works and Why It Matters for Privacy
Server-side tagging moves data collection from the visitor's browser to a server you control, reducing third-party cookie exposure and giving you direct oversight of what data leaves your site. This guide covers how the architecture works, what it means for privacy regulations like GDPR and the ePrivacy Directive, and whether your site actually needs it.
Server-Side Google Tag Manager: A Privacy-First Approach to Analytics
Server-side Google Tag Manager shifts data processing from the browser to your own server, giving you direct control over what reaches third parties. But moving tags server-side does not remove the obligation to obtain cookie consent - it simply changes where and how data flows.
Self-Hosted vs Cloud CMP: Performance, Control, and Compliance Trade-Offs
Choosing between a self-hosted and cloud-hosted consent management platform affects your site speed, data residency obligations, and ongoing maintenance burden. This guide breaks down the trade-offs so you can pick the hosting model that fits your compliance needs and technical resources.