Cookies
Learn how website cookies work, the different types of cookies, and how to manage them effectively to stay compliant with privacy regulations. Discover the difference between first-party and third-party cookies, understand session vs persistent cookies, and find out which cookies require explicit user consent under current data protection laws.
SameSite Cookie Attribute Explained: Lax, Strict, and None for Web Developers
The SameSite cookie attribute controls whether cookies travel with cross-site requests. Understanding the differences between Lax, Strict, and None is critical for both security and functionality on modern websites.
reCAPTCHA vs hCaptcha: Which CAPTCHA Is More Privacy-Friendly?
Google reCAPTCHA and hCaptcha both protect websites from bots, but they handle personal data very differently. This comparison breaks down the cookies each service sets, the data it collects, and whether prior consent is required under GDPR and the ePrivacy Directive.
Real-Time Bidding and GDPR: The Privacy Risks of Header Bidding
Every time a page loads on an ad-supported website, personal data about the visitor is broadcast to hundreds of potential buyers in milliseconds. This article examines why real-time bidding remains one of the largest unresolved privacy problems under GDPR, and what publishers can do about it.
How Programmatic Advertising Uses Cookies: A Publisher's Compliance Guide
Programmatic advertising relies on dozens of third-party cookies that land on your visitors' devices during every ad auction. As the publisher, you bear primary responsibility for obtaining valid consent before those cookies are set. This guide covers what cookies appear, why they exist, and how to stay compliant.
Privacy Sandbox Explained: Google's Post-Cookie Advertising Framework
Google spent six years building Privacy Sandbox as a replacement for third-party cookies in Chrome. The initiative introduced APIs like Topics, Protected Audience, and Attribution Reporting - but low adoption and performance gaps led Google to retire most of them in October 2025.
Privacy-Preserving Analytics: Tools That Work Without Cookie Consent
Privacy-focused analytics platforms promise traffic data without cookies or consent banners. Plausible, Fathom, and Matomo cookieless mode each take a different approach, but the legal picture under the ePrivacy Directive is more nuanced than their marketing suggests.
Pinterest Tag and Cookie Consent: What You Need to Know
The Pinterest tag drops several first-party cookies on your visitors' devices, all of which require prior consent under GDPR and the ePrivacy Directive. This guide breaks down each cookie, explains the consent rules, and covers how the Pinterest Conversions API can reduce your reliance on client-side tracking.
Product Recommendation Engines and GDPR: Do Personalisation Cookies Need Consent?
Personalisation cookies power product recommendations, tailored content, and dynamic pricing on e-commerce sites. Under GDPR and the ePrivacy Directive, these cookies are not strictly necessary and require prior consent - regardless of legitimate interest arguments.
How Payment Gateways Use Cookies: What Stripe, PayPal, and Klarna Set on Your Site
Payment gateways set cookies on your website for fraud detection, session management, and analytics. Understanding which of those cookies qualify as strictly necessary under Article 5(3) of the ePrivacy Directive determines whether you need visitor consent before they fire.