0

I'm working on legal portion of my site, Privacy Policy in particular. I've done the research and found that nearly all the answers to my question (below), is generalized.

Question: Do cookies "collect" data from user browsers, or do cookies "request" then receive data from user browsers?

This seems to be a very important distinction. Do I put into my privacy policy that my site "collects" data from my users or do I "request" data from my users.

My understanding of the core functionality is that cookies request data of user browser or browser activity. Users control how their browser will respond (or handle cookies) in their browser settings. If users have the ultimate control of handling "responses" to cookies is it proper for website privacy policies to state that they use cookies to collect browser data? Isn't it more accurate to state something like: "We use cookies to request data from your browser. Depending on you have your settings, your response to our request my impact your experience." Or something along those lines.

For years the way I understood the phrase "cookies collect browser data" is that we (websites) force code (the cookie), onto your browser that opens a siv for all your activity to flow back to us. But this isn't the case at all. Cookies actually make a "request" (i.e., asks) for the user's permission first, and depending on how the user has set up their browser settings, the cookie request is honored or denied.

I'm trying to stay away from the term "collect" as a general matter. I think it's improperly used and leaves the wrong impression on users.

Has anyone else thought about this? Am I missing something?

StackNoFlow
  • 1
  • This is a well-formulated question, but probably will receive better answers on a different stack exchange site. Maybe [security.stackexchange.com](https://security.stackexchange.com/help/on-topic) or [law.stackexchange.com](https://law.stackexchange.com)? Though I'm not really enough of an expert on the matter to say for sure – Flight Odyssey Jun 18 '18 at 18:14
  • Hmm I'm fairly new to stackexchange. Didn't realize there are different sections. Thank you for pointing that out. – StackNoFlow Jun 18 '18 at 19:04
  • Funny, I just posted in "security..." and was told my post was "off topic." Let's try law. – StackNoFlow Jun 18 '18 at 20:38

1 Answers1

0

Cookies are being stored to the system/computer - or you can say browser. Cookies are used for authentication, preferences, advertisements, performance and analytics, security purposes. Yes, we need to mention that in privacy policy or some organization also add separate cookie policy.

Following should be mentioned for cookies in policies for standard web applications:

The application may use and store cookies to your system/compute which can help better to know your preferences when you visit the website later. Cookies can also be used for authentication/session checks, advertising, performance, analytics and research and security purposes. //Remove whichever is not applied for your site.

Savan Gadhiya
  • 305
  • 1
  • 6