What are cookies?

Cookies are everywhere when you browse the web. They help websites recognise you, for example for login, to save settings and to keep items in your shopping cart. At the same time, however, they also pose risks to privacy and the tracking of your online behaviour. But how do cookies work in the browser, what types are there, what opportunities and risks do they involve and how can you manage cookies on your devices?

02.12.2025 | Reading time: 7 minutes

How do cookies work?

A cookie is a small text file that a website sends to your browser. The browser stores this file locally and sends it back to the same domain on future visits. A cookie usually contains an ID, an expiry date and optionally other attributes such as path, domain or HttpOnly.

Technical process steps

1. You visit a website.

2. The server sends a Set-Cookie field in the HTTP response.

3. Your browser stores the cookie and adds it to later requests to the corresponding server.

What information does a cookie store?

A cookie usually contains a name, a value and additional attributes such as expiration date, path and domain. From a technical perspective, cookies are either set by the server through an HTTP header or created directly in the browser using JavaScript. Your browser stores these cookies locally, decides when to send them back to a website and applies rules for retention and deletion based on their settings.

What types of cookies are there?

Websites use different types of cookies depending on their purpose and how long they remain stored in your browser. Understanding these categories helps you see how cookies support essential functions, personalization and analytics while also influencing your privacy.

By lifespan

• Session cookies are stored only temporarily and deleted when you close the browser. They are often necessary for shopping carts or login sessions to work properly.
  
  
• Persistent cookies remain on your device across multiple sessions and can stay valid for days, months or even years. They are commonly used for recognition, preferences and analytics.
  
  

By origin

• First-party cookies come from the website you are visiting. They are often technically necessary.
  
  
• Third-party cookies come from embedded services such as advertising networks or social media plugins. They are often used for cross-site tracking and targeted advertising.
  
  

Special cookie types

• Tracking cookies collect data about your browsing behaviour to create profiles and deliver targeted advertising.
  
  
• HttpOnly cookies are flagged so that they cannot be accessed via JavaScript. This makes them less vulnerable to certain attacks, such as cross-site scripting (XSS), and they are often used to store sensitive data like session IDs.
  
  
  

What are cookies used for? Some examples

• Login status: A cookie recognises that you are logged in, so you don’t have to enter your credentials again on every page.
  
  
• Shopping cart: Online stores use cookies to remember the items you’ve added to your cart as you browse.
  
  
• Settings: Preferences such as language, layout, or other custom settings are stored and kept for future visits.
  
  

Analytics and optimization

Website owners use cookies to understand how visitors interact with their pages, for example, page views, click paths, and time spent on a page. These insights help them improve performance, usability, and overall user experience.

Marketing and personalization

Advertising networks rely on cookies to identify user interests and deliver personalized ads. This can increase ad relevance and efficiency, but it also introduces privacy considerations, as these cookies track behavior across multiple websites.

Benefits and risks of cookies

Cookies help websites remember you, keep you logged in and show content that fits your preferences. At the same time, some cookies are used to track your activity and build detailed profiles, which can affect your privacy. Knowing the benefits and risks makes it easier to decide how you want to handle cookies in your browser.

Advantages of cookies

Cookies provide essential functionality that makes modern websites usable. They enable features such as shopping carts, personalized content, saved preferences, and simple login processes. Without cookies, common actions like adding items to a cart, staying logged in, or loading preferred settings would be much slower and far less convenient. They improve the overall browsing experience and help website owners deliver more relevant and user-friendly services.

Risks of cookies

Cookies can also pose privacy and security risks. Many third-party cookies are used for tracking and profile building, which allows external services to observe user behavior across multiple websites. This information can include browsing habits, purchasing behavior and personal interests. It is often used for targeted advertising, but it also raises serious privacy concerns, especially when cookies contain personal data or can be linked to an identifiable user.

There are also security concerns on shared devices. If session cookies remain stored after a login, the next person who uses the device may be able to access those accounts. To avoid this, it is important to log out after each session and regularly delete cookies and clear the browser cache.

Quick overview of the legal situation for cookies

In many European countries, consent is required for cookies that are not technically necessary. Technically essential cookies can usually be set without consent. Cookie banners must prompt users to make a conscious, non-preselected choice.

Managing cookies: enable, disable, delete

Basic browser settings

In many European countries, websites must obtain explicit consent before setting cookies that are not technically necessary. Essential cookies, meaning those required for the website to function correctly, can usually be set without consent.

Cookie banners must present a clear and neutral choice, without preselected options, so that users can make an informed and voluntary decision.

Chrome (desktop)

1. Open Chrome and click the three dots in the top right > Settings.

2. Select “Privacy and security” > “Cookies and other site data”.

3. Here you can allow cookies, block them or block third-party cookies.

4. Under “See all cookies and site data” you can search for and delete individual cookies.

Chrome (Android / iOS)

• In the Chrome app: Menu > Settings > Privacy and security > Clear browsing data > select “Cookies and site data”.
  
  

Safari on iPhone / iPad

1. Open the Settings app > Safari.

2. Tap “Clear history and website data” to remove all cookies.

3. Alternatively, enable “Prevent cross-site tracking” to limit third-party trackers.

Note: Menu labels may change with browser updates; if anything is unclear, use your browser’s help function.

Enabling / disabling cookies

All modern browsers include options under “Settings” or “Privacy” to manage cookies. You can block third-party cookies by default and allow only first-party cookies, or automatically delete cookies when closing the browser.

Practical tips for everyday use

• Allow only essential cookies if you don’t want your browsing behaviour to be analysed. Many consent banners now offer an option for “necessary cookies only”.
  
  
• Delete cookies regularly or use private / incognito mode if you don’t want to leave traces on your device.
  
  
• Block third-party cookies to reduce tracking from advertising networks.
  
  
• Use browser extensions or anti-tracking tools if you want deeper control (make sure the extensions are trustworthy).
  
  
• On public or shared devices: always log out and close the browser so that session cookies cannot be misused by others.
  
  

Technical limitations and developments

Cookies are useful but not flawless. Their storage size is limited, and browsers impose restrictions on their number and size. At the same time, browsers and regulators are developing mechanisms that limit non-essential cookies. Some advertising providers are now shifting tracking into the first-party context or using other identification methods, meaning the topic continues to evolve.

Final tips to help you stay in control

Cookies are a central tool of the web, a technical mechanism with both advantages and disadvantages. They enable many practical functions online but also carry privacy risks. You can reduce these risks without giving up convenience:

• Allow only necessary cookies
  
  
• Block third-party cookies
  
  
• Delete cookies regularly and prefer session cookies
  
  
• Pay attention to privacy-friendly default settings and use trustworthy add-ons
  
  

If you run websites, your consent management should be transparent and legally compliant: no preselected boxes for non-essential cookies and a clear “reject all” option on the first level.

FAQ

Are cookies dangerous?

Not automatically. Functional cookies are useful and necessary. Tracking cookies can limit your privacy. They become risky especially when they contain sensitive data or are not deleted on shared devices.

Can I disable cookies completely?

Yes, in most browsers this is possible. However, important functions such as login or shopping carts may no longer work properly.

How do I delete cookies on iPhone?

Open Settings -> Safari -> “Clear history and website data” or block cookies in the Safari settings. For Chrome on iOS, use Chrome settings -> Privacy -> Clear browsing data.

How do I delete Chrome cookies?

Chrome: Settings -> Privacy and security -> Clear browsing data -> Cookies and other site data.

What is the difference between first-party and third-party cookies?

First-party cookies come from the domain you visit directly; they are often necessary for site functions. Third-party cookies come from other domains (e.g. advertising networks) and enable tracking across multiple sites.

How do I recognise tracking?

Tracking often appears as personalised ads on various sites you have visited. Tools and browser add-ons can make active trackers visible.