The love of cookies is everywhere on the Internet. It’s the little cookies that are either stored temporarily for a customer’s session or more permanently on a customer’s device.

Almost every website will give the customer at least one or more cookies. These are the cookies that recognize that the customer is a new or return visitor to the site, what preferences the customer may have taken when they engaged on the site, like items you’ve placed in the shopping cart.

Cookies are used for remarketing, the advertising that “knows” the previous sites you’ve visited or if added products to your shopping cart, or looked at certain products.

Cookies given to the customer are extremely useful, but done wrong, can present challenges for your company.

There are simple steps to keep your site’s cookies under control.

1. Review Your Site’s Privacy Policy

How often is your site’s privacy policy reviewed, or for that matter thought about at all? Is there a privacy policy review that is in place before any new third-party solutions are added to your site to determine whether it impacts your company’s privacy policy?

Often a site’s privacy policy is an after-thought, and third-party solutions are added to a site that will give cookies to customers. For some third-party solutions, this information is used only for a single purpose—to segment content, online chats, surveys, user preferences, and more. Your company’s privacy policy typically account for the single-use third-party cookies.

Where this can become a problem is with third-party cookies that are resold for targeted preference based advertising. In this model the third-party code are for services are typically ‘free’ or low cost solutions. In exchange for the service, the third-party receives a benefit in return—your customer’s online behavior insights, that may be repackaged and sold.

A good example is AddThis, a free social sharing application that provides an easy sharing social media links, follow buttons, and more. The cookies that are issued are from AddThis as well as from its partners to provide targeted advertising from sites that the customer visited as well as other sites that the customer visits. Addthis has great products, but the trade-offs needs to be evaluated as to the impact to your customers, as well as to your brand.

For remarketing or retargeting advertising, Google, as well as Rubicon, Adroll, and others requires that your privacy policy include reference that advertising may be shown based on sites that a customer previously visited or have their data with other advertising partners.

2. Review Your Remarketing Strategy

Develop a remarketing strategy that involves the web team, marketing, and PR teams. Of course, this assumes that you’ve already engaged with your legal team above to make sure that your privacy policy is current.

Define how remarketing will be setup, the types of sites targeted for the advertising, as well as customer segments. Avoid the stalking factor, and set the impression cap for advertisement, as well as future length of remarketing to a past site visitor/customer.

3. Review CAM-SPAM and CASL

You might be asking yourself what does email anti-spam laws have to do with cookies. Well, it can be a lot, if you are doing certain types of remarketing. Review what data is collected from the customer, and make sure that the collection and its use is properly disclosed in your privacy policy.

If you already are marketing to customers in the EU or Australia, you will have addressed many of the privacy steps that the Canadian law (CASL) has implemented.

4. Review the EU Cookie Directive

If your site is targeted to customers in the EU, then your site should to comply with the EU Cookie Directive. Not only does your privacy policy need to clearly define how your site uses, and stories cookies, but you need to provide notice to the customer. The customer has the option to acknowledge the use of cookies, which equates to permission.

More sites are following the EU Cookie Directive regardless of whether the target for the customer is in the EU.

These simple steps can help keep the cookies on your site under control, as well as provide the transparency needed to the customer.

In the Series