The Coniston Hotel Country Estate & Spa

What are Cookies?

A cookie is a small text file that is downloaded onto ‘terminal equipment’ (eg a computer or smartphone) when the user accesses a website. It allows the website to recognise that user’s device and store some information about the user’s preferences or past actions.

How are Cookies used?

Cookies are a specific technology that store information between website visits. They are used in numerous ways, such as:

• Remembering what’s in a shopping basket when shopping for goods online.
• Supporting users to log in to a website.
• Analysing traffic to a website or tracking users' browsing behaviour.

Cookies can be useful because they allow a website to recognise a user’s device. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Without cookies, or some other similar method, websites would have no way to ‘remember’ anything about visitors, such as how many items are in a shopping basket or whether they are logged in.

What are 'Session' and 'Persistent' Cookies?

Cookies that expire at the end of a browser session (normally when a user exits their browser) are called ‘Session Cookies’. Cookies that can be stored for longer are called ‘Persistent Cookies’. PECR applies to both types.

Session Cookies allow websites to recognise and link the actions of a user during a browsing session. They may be used for a variety of purposes such as remembering what a user has put in their shopping basket as they browse around a site.

Cookies can also be used for security purposes, such as when a user logs in to internet banking or their webmail. These session cookies expire after a session ends, so would not be stored beyond this. For this reason session cookies may sometimes be considered less privacy-intrusive than persistent cookies.

Persistent Cookies are stored on a user’s device in-between sessions. They can allow the preferences or actions of the user across a site (or across different websites) to be remembered.

Persistent Cookies may be used for a variety of purposes including remembering users’ preferences and choices when using a site or to target advertising. The length of time between a cookie being set and expiry is set by the website operator. A user can also delete previously set persistent cookies manually or configure the browser settings to delete cookies at a set interval.

What are 'First-Party' and 'Third-Party' Cookies?

Whether a cookie is ‘First’ or ‘Third’ party refers to the website or domain placing the cookie.

First-Party cookies are set directly by the website the user is visiting, ie the URL displayed in the browser's address bar.

Third-Party cookies are set by a domain other than the one the user is visiting. This typically occurs when the website incorporates elements from other sites, such as images, social media plugins or advertising. When the browser or other software fetches these elements from the other sites, they can set cookies as well.

What are Similar Technologies?

Functions usually performed by a cookie can be achieved by other means. This could include, for example, using certain characteristics to identify devices so that visits to a website can be analysed.

PECR applies to any technology that stores or accesses information on the user’s device. This could include, for example, HTML5 local storage, Local Shared Objects and fingerprinting techniques.

PECR also applies to technologies like scripts, tracking pixels and plugins, wherever these are used.

PECR does not prohibit using cookies and similar technologies. However, PECR does require you to tell people about them and give them the choice as to whether or not this information is stored on their devices in this way.

From now on, this guidance uses the single term ‘cookies’ to refer to cookies and similar technologies that PECR applies to, including when used in other contexts such as a mobile app.