Website Health

What Are Cookies on a Website? A Normal Person’s Guide

·3 min read ·Updated April 5, 2026
What Are Cookies on a Website? A Normal Person's Guide

You visit a website and a banner pops up asking you to “Accept cookies.” You click accept because you want it to go away. But what did you just agree to? And more importantly, if you run a website, do you need one of those banners too?

What are cookies, actually?

A cookie is a tiny text file that a website saves on your computer or phone. It is not a virus. It is not spyware. It is more like a sticky note.

When you log into a website and it remembers you next time, that is a cookie. When an online shop remembers what is in your basket, that is a cookie. When a website remembers that you prefer dark mode, that is a cookie.

So far, so harmless. The problem comes with a different type of cookie.

Why do people get worried about them?

Some cookies are not just remembering your preferences. They are tracking you across the internet. These are called “third-party cookies” and they are the reason you search for trainers once and then see trainer adverts on every website for the next three weeks.

Companies like Google and Facebook place these tracking cookies on millions of websites. When you visit any of those sites, the cookie reports back: “This person was here, they looked at this, they came from there.” That information gets used to build a profile of you for advertising.

This is why privacy laws now require websites to ask permission before placing these cookies.

Does my website use cookies?

If you use Google Analytics, yes. If you have a Facebook pixel, yes. If you have any third-party chat widget, probably yes. If your website has any login functionality, yes. If you use an email marketing tool, almost certainly yes.

In fact, it is quite hard to run a modern website that does not use cookies of some kind.

In the UK, yes. The law (called PECR — the Privacy and Electronic Communications Regulations) says you must get consent before setting any cookie that is not strictly necessary for the website to function. The ICO enforces this. Since February 2026, fines have been raised to up to £17.5 million or 4% of global turnover — the same level as GDPR fines — thanks to the Data Use and Access Act 2025.

In the US, it depends on the state. California, Colorado, Connecticut, and Virginia all have laws that require you to let visitors opt out of tracking. Even if your state does not have a specific cookie law yet, having a consent banner is considered best practice.

The good news: setting one up takes about 10 minutes and there are free tools that do it for you.

The easiest way is to install a cookie consent tool on your website. Popular free options include CookieYes and Complianz. If you are on WordPress, these are plugins you install with a few clicks. On Shopify, Squarespace, or Wix, there are similar built-in options or apps.

Once installed, the tool automatically detects cookies on your site, shows visitors a consent banner, and blocks tracking cookies until the visitor agrees. You do not need to understand the technical details — the tool handles it.

What if I just ignore this?

Two things happen. First, you are breaking the law in the UK and possibly in several US states. Second, savvy visitors will notice you do not have a consent banner and may not trust your website enough to buy from you or hand over their email address.

It is one of the easiest compliance fixes you can make. Ten minutes of setup removes a real legal risk.

Want to check if your website has proper cookie consent? Scan your site free with LaunchKitty — we check for 11 different consent tools.

Share this