In order to understand the way we determine the provider value, it is important to know the difference between 1st party and 3rd party cookies.
On the surface of things, there is no actual difference between these two types of cookies; they both contain the same pieces of information and serve the same functions. The difference has to do with which party can access the cookie. A 1st cookie is stored by the domain/website you are visiting directly and these cookies are set by the domains web server or any JavaScript loaded on the website. 3rd party cookies are set by domains other than the one you are visiting directly and these cookies are set from an external server or via code loaded on an external domain.
Data collected by 3rd party cookies can be read by the 3rd party on any website that includes a script from the 3rd party, while the data gathered by a 1st party cookie can only be read by the website it originates from.
In the scan report the "provider" is stated as the domain name from which a cookie originates. To see which domain this is, we look at who is actually providing the exact script that sets the cookie. For 1st party cookies this will be the domain name of the current website. For 3rd party cookies this will be the domain name of the embedded 3rd party service setting the cookie.
Example with Google Analytics cookies _ga:
The _ga cookie is set by Google Analytics. Since this is a Google product you would understandably expect "Google" to be the cookie provider.
In this context "provider" implies which entity sets the cookie, not the author of the software that sets the cookie. The Google Analytics "_ga" 1st party cookie is set by your own domain, as you can see in this example from cookiebot.com:
If the cookies was set from a 3rd party domain, like google-analytics.com, the provider of this cookie would be Google.
The provider of a cookie is determined by how the cookie is set:
- For 1st party cookies, the domain itself is considered the provider.
- For 3rd party cookies, the 3rd party domain is considered the provider.
- When the script is loaded via a different tool into your website, for example a tag manager, it is possible that this tool will be stated as the provider for this cookie.
Unfortunately, we are unable to change which domain is detected as the provider. We can however always add a link to said provider's privacy policy to the banner information. In order to request this, you can contact us via the support form.
Comments
0 comments
Please sign in to leave a comment.