The second paragraph of Article 22 of the LSSI establishes:
- 2. Service providers may use data storage and retrieval devices on recipients’ terminal equipment, provided that the recipients have given their consent after having been given clear and full information on their use, in particular on the purposes of the data processing, in accordance with the provisions of Organic Law 15/1999 of 13 December 1999 on the Protection of Personal Data.
- When it is technically possible and effective, the consent of the recipient to accept the processing of the data may be provided through the use of appropriate settings in the browser or other applications, provided that the recipient is required to configure these settings during installation or update by an express action to that effect.
- This shall not prevent possible storage or access of a technical nature for the sole purpose of carrying out the transmission of a communication over an electronic communications network or, to the extent strictly necessary, for the provision of an information society service expressly requested by the recipient.
Cookies used for any of the following purposes are exempt from complying with the obligations established in article 22.2 of the LSSI:
Only allow communication between the user’s equipment and the network.
Strictly to provide a service expressly requested by the user.
In this sense, the Article 29 Working Party in its Opinion 4/20123 has interpreted that among the excepted cookies would be those whose purpose is to:
- “User login” cookies.
- User authentication or identification cookies (session only).
- User security cookies.
- Media player session cookies.
- Session cookies for load balancing.
- User interface customisation cookies.
- Social content sharing plug-in cookies.
Therefore, it can be understood that these cookies are excluded from the scope of application of article 22.2 of the LSSI, and therefore, it would not be necessary to inform or obtain consent for their use.
On the other hand, it will be necessary to inform and obtain consent for the installation and use of any other type of cookies, whether first-party or third-party, session or persistent, being subject to the scope of application of article 22.2 of the LSSI and, on which the guidelines in this guide will be useful.
The cookies used by the website are only associated with an anonymous user and their computer, and do not in themselves provide the user’s personal data.
Depending on the duration that remains stored in the client’s browser, a distinction is made between session cookies or persistent cookies.
There is another classification with five types of cookies according to the purpose for which the data obtained are processed, namely technical cookies, personalisation cookies, analysis cookies, advertising cookies and behavioural advertising cookies.
Finally, depending on the entity that manages the domain from which the cookies are sent and processes the data obtained, there are first-party cookies and third-party cookies.
Types of cookies we use according to their duration
- Session cookies: These are a type of cookie designed to collect and store data while the user accesses a website. They are usually used to store information that only needs to be kept for the provision of the service requested by the user on a single occasion (e.g. a list of products purchased).
- Persistent cookies: These are a type of cookie in which the data remains stored in the terminal and can be accessed and processed for a defined period of time by the party responsible for the cookie (e.g. remembering the user’s preferences for a particular website, allowing them to be used in future browsing sessions, such as language selection, menu preferences, etc.).
Types of cookies we use according to their purpose
- Technical Cookies: These are those that allow the user to browse through a website, platform or application and use the different options or services that exist on it (e.g. identifying the session, accessing restricted access areas, remembering the elements that make up an order, making an application for registration or participation in an event, among others).
- Analysis cookies: These cookies allow the party responsible for them to monitor and analyse the behaviour of the users of the websites to which they are linked. The information collected through this type of cookies is used to measure the activity of the websites, application or platform and for the elaboration of browsing profiles of the users of these sites, applications and platforms, in order to introduce improvements based on the analysis of the usage data of the users of the service. (e.g. visitor statistics such as Google Analytics or similar).
Types of cookies we use according to the entity that manages them
- Own cookies: These are those that are sent to the user’s terminal equipment from a computer or domain managed by the editor itself and from which the service requested by the user is provided. (e.g. identification of the user session on a web page).
- Third-party cookies: These are cookies that are sent to the user’s terminal equipment from a computer or domain that is not managed by the editor, but by another entity that processes the data obtained through the cookie (e.g. the advertiser of a banner on a web page, the followers box of a social network on a web page, among others).
List of cookies on this website:
- JSESSIONID: Technical session cookie for the display of the page by the user, necessary for the proper functioning of the same.
- _ga: Third-party analysis cookie (Google analytics) that collects anonymous information for the calculation of statistics on the use of the site, distinguishing the users who access the site from those who do not.
However, users who do not wish to receive cookies, want to delete them or want to be informed before they are stored on their computer, can disable or delete these cookies by configuring their Internet browser to be notified of the receipt of cookies and to prevent their installation on their computer.