Want to make some money? Say no to cookies

7min read
Image shows people working

Nearly every website you visit, you get a pop-up that asks, “Do you want to accept cookies?”

Most days you click “Accept” and move on. But what actually happens when you agree—and what would happen if you didn’t?

Let’s be honest—no one is reading the terms and conditions. But just because we’ve all grown accustomed to accepting cookies doesn’t mean it’s the right choice for every consumer, depending on how strongly they feel about internet privacy.

We’ve all grown accustomed to accepting cookies. That doesn’t mean it’s the right choice for every consumer.

Below, we’ll explain everything you and your customers need to know about cookies—what they are and why they matter for both consumers and online businesses.

In the meantime, if you or your customers have been wondering how cookies impact the online experience, read on. We’ve got you covered.

An HTTP cookie is a small text file that lives on your computer, and stores and shares information with websites.

Lou Montulli, a computer programmer, is credited with inventing the HTTP cookie in 1994 when he was working for Netscape. At the time, Netscape was trying to make the internet a place where businesses could flourish. The company was working hard to get consumers and businesses alike to adopt their web browser to surf the web.

Originally, cookies were created to help websites remember if someone had been to the website before, and if so, to remember their preferences—stuff like their favorite items or the type of content they like to read.

When you accept cookies from a website, you’re giving that website permission to store tiny text files on your computer. By themselves, these files can’t do anything. But when you visit a website where you accept cookies, that website can both store data on your computer and ask your computer if a specific cookie has been stored there before.

This is how, for example, a website is able to remember your username and display it on the login screen if you’ve allowed it. The cookie stores that username, and when you go back to that website, it checks to see if a specific cookie from that website with your username was previously stored.

By contrast, when you decline cookies from a website, that site does not have permission to store these tiny text files. As a result, it won’t recognize you on future visits. This means you may have a more generic, instead of personalized, experience when you come back to that website.

The 2 types of cookies

There are 2 types of HTTP cookies: first-party and third-party cookies. When you accept cookies on a website, you accept both kinds, unless the website provides you with the option to specify which use cases you accept and which you don’t:

Image shows an example of collecting consent for cookies.

First-party cookies

First-party cookies are made by the website you’re visiting. Most commonly, they’re used to enhance your experience on the website.

First-party cookies might remember things like your username, your preferences, or the products you viewed most recently.

If you’re a business, first-party cookies are what allow you to say “Welcome back, John!” or pre-populate a visitor’s username on the log-in page.

Third-party cookies

Third-party cookies are made by a separate website that powers an experience on the website you’re visiting. A common example is serving an advertisement.

If you accept cookies from a website, the advertising units featured on that website can drop cookies on your browser so they can change their targeting based on your interests when you visit that site again. These third-party advertising targeting companies learn more about your interests via the information stored by cookies.

For example, maybe a website wants to log that you looked at women’s shoes. Thanks to third-party cookies, that website can tag your browser so that if the same provider or a partner of that provider is serving ads on another site, they know to show you ads for women’s shoes.

If you’re a business, you might rely on third-party cookies to increase the efficiency of your ad spend on a digital network. If you’re a car company, for example, you can target people who are “in-market car shoppers” so your ads only get shown to people the ad networks believe are shopping for cars based on their browsing behavior.

Cookies are crumbling in the privacy-first era

Until recently, the economy of third-party data was thriving as businesses collected information about consumers indirectly from a variety of sources and platforms. Then, companies unified that data to stitch together “profiles” of specific browsers and sold those to platforms to sell hyper-targeted, personalized, high-converting ads.

They want to feel seen.
Not targeted.

But now, it’s gone too far. Consumers are creeped out. They want to feel seen, not targeted. They want a more equitable experience—one in which they have a say in how much information businesses are collecting about them.

Data privacy regulations hand-in-hand with consumer sentiment signal a big change for digital marketers: collect explicit consent from your users––the same as you’d collect consent to send an email or text message.

So what does this mean for Klaviyo?

The Klaviyo platform makes it easy to obtain consent for the collection of Customer-First Data™—our term for data you source directly from your prospects and customers, which includes both zero- and first-party data.

First, simply enable data protection fields on your forms.

Image shows an example of a Klaviyo marketing consent pop-up to collect data.

You can even specify which audiences see those forms, in case you want to target only regions with strict cookie policies for now.

Image shows Klaviyo cookies for marketing-consent in GDPR/EU

Consent status for each consumer is then stored in Klaviyo’s unified customer platform, in case a brand ever needs to prove they collected data properly.

Image shows an example of cookies for marketing consent status.

Klaviyo keeps track of the following types of consent:

  • Web: when a person opts in to on site targeted content (this includes cookie consent)
  • Email: when a person opts in to email marketing
  • Mobile: when a person opts in to mobile push notifications
  • SMS: when a person opts in to SMS
  • Direct mail: when a person opts in to direct mail

What’s next?

The industry at large has a ways to go to improve the customer experience when it comes to cookies and the behavioral data collected on websites.

  • Is a pop-up letting folks know you are tracking cookies enough?
  • What happens when they say no?
  • Could you create a differentiated site experience for cookie collection, one that builds customer trust while you’re at it?

Transparency around cookies is a net positive for the industry. Consumers should know how their data is being used, and brands should be thoughtful about how they’re using it––and how they are collecting consent.

Ready to level up?
Explore Klaviyo
Jake Cohen