Cookies

Cookies are small files stored on your visitors' browsers. They are regulated by the GDPR and the ePrivacy Directive. Madra helps you manage them in compliance with the regulations.

A cookie is a small text file placed on a visitor's browser when they visit a website. Cookies store information about the user: language preferences, login status, browsing data, or tracking identifiers.

Cookies can be set by your website itself (first-party cookies) or by third-party services integrated into your site, such as Google Analytics or social media sharing buttons (third-party cookies).

What are the different types of cookies?

Cookies fall into several categories, with different consent rules depending on their purpose.

  • Essential cookies — Required for the website to function (user session, shopping cart, language preferences). They do not require visitor consent because the site cannot work without them.
  • Analytics cookies — Used to measure traffic and understand how visitors use your site (pages visited, session duration, traffic source). Examples: Google Analytics, Plausible. They require visitor consent.
  • Marketing cookies — Used to display targeted advertising and track user behavior across multiple sites. Examples: Facebook Pixel, Google Ads. They require visitor consent.
  • Social media cookies — Set by sharing buttons and social media integrations (Facebook, Instagram, YouTube). They require visitor consent.

Yes, if your site uses non-essential cookies. The ePrivacy Directive and the GDPR require you to obtain informed consent from visitors before placing non-essential cookies on their browsers.

  • Prior consent — No non-essential cookies may be placed before the visitor has made an explicit choice (accept or refuse).
  • Granular choice — The visitor must be able to accept or refuse each category of cookies separately, not just accept all or refuse all.
  • Easy refusal — Refusing cookies must be as simple as accepting them. A "Refuse" button must be as visible as the "Accept" button.
  • Consent renewal — Consent must be renewed regularly (every 13 months maximum according to regulatory guidelines).
  • Proof of consent — You must be able to demonstrate that consent was properly given.

How does Madra handle cookies?

Madra takes care of cookie management so your site is compliant from the moment it goes live.

  • Consent banner — Madra can integrate a cookie banner on your site, with "Accept", "Refuse", and "Customize" buttons to meet GDPR requirements.
  • Blocking before consent — Tracking scripts (Google Analytics, Facebook Pixel, etc.) are only loaded after the visitor has given their consent.
  • Essential cookies only by default — Without any visitor action, only cookies strictly necessary for the site to function are placed.
  • Choice remembered — The visitor's choice is remembered via a technical cookie so consent is not requested again on every page.

What is the link between cookies and the GDPR?

Cookies are directly covered by the GDPR whenever they allow a person to be directly or indirectly identified. Most analytics and marketing cookies fall into this category.

  • Legal basis — Consent is the only valid legal basis for non-essential cookies. Legitimate interest does not apply.
  • Clear information — Your cookie policy must explain which cookies you use, their purpose, and their lifespan. See Privacy policy.
  • Visitor rights — Your visitors can withdraw their consent at any time. You must provide them with a simple way to change their preferences. See GDPR.
Info

If your Madra site does not use any third-party tools (no Google Analytics, no Facebook Pixel, no YouTube videos), it does not place any non-essential cookies. In that case, a cookie banner is not necessary, but it is recommended to mention this in your privacy policy.

PreviousLegal notices NextWhich website for my business

Was this page helpful?

On this page