Due to entry into force of the amendment to the "Information Society Services Act" (LSSICE) promulgated by Royal Decree 13/2012, the Data Controller must obtain the Data Subjects’ (Users’) express consent to install non-essential cookies on the latter’s terminal device before the session can begin.
- A cookie is a small text file that the websites you visit install on your browser. They enable said websites to remember information about your visit – such as your preferred language and other options – in order to facilitate your next visit and make the site more useful to you. Cookies play a very important role and contribute to a better browsing experience for the user.
- There are several different kinds of cookie depending on who manages the domain from which the cookies are sent and who processes the data thus obtained. Accordingly, we may send the following types of cookie:
- First-party cookies: sent to the user's terminal device from a computer or domain managed by the Data Controller and from which the service requested by the user is provided.
- Third-party cookies: sent to the user's terminal device from a computer or domain that is not managed by the Data Controller but by another entity that processes the data obtained from said cookies.
Cookies can also be classified into the following types pursuant to their purpose:
- Technical cookies: these enable the user to browse through a website, platform or application and use the options or services available thereon including those that the data controller uses to enable management and operation of the website and its functions and services including, for example, monitoring traffic and data transfer, identifying the session, accessing restricted-access pages, remembering the items that comprise an order, performing the order-purchase process, managing payment, detecting and combatting service-related fraud, requests for registration or participation in an event, counting visits in order to invoice the software licenses with which the service operates (website, platform or application), using security functions during browsing, storing content for video or audio broadcasts, enabling dynamic content (e.g., animated text or images) or sharing content via social networks.
- Preferences or customisation cookies: they remember information that can enable the user to access the service with certain characteristics that may differentiate their experience from that of other users, including features such as language, the number of search results to display per search window, the appearance or content of the service depending on the type of browser with which the user accesses the service or the region from which the user accesses the service, etc.
- Analytic or measurement cookies: they enable the data controller to monitor and analyse the behaviour of users – including quantification of the impact of advertisements – on the websites to which they are linked. The information collected by means of this type of cookie is used to measure the website’s, application’s or platform’s activity in order to improve the user’s experience on the basis of the results of the analysis of the usage data about the user in question.
- Behavioural advertising cookies: they store information on the behaviour of users obtained through continuous observation of their browsing habits that enables development of a specific profile for the purpose of displaying advertising in line with the preferences thus detected.
- Social cookies: they are installed by social media platforms on services to enable you to share content with your friends and networks. Social media platforms are then able to track your online activity outside of the services that the website in question provides. This may affect the content and messages you see on other services you visit.
- Affiliate cookies: they enable the sender to track visits by other websites with which the website in question has an affiliate agreement (affiliate companies).
- Security cookies: they store encrypted information to protect the data stored in the same from vulnerability to malicious third-party attacks.