Cookies may be first-party or third-party cookies. “First-party” cookies are those that report as domain the website to which they refer, whereas “third-party” cookies are related to external domains. Third-party cookies are in fact always added by a “third party”, not managed by the website to which they refer. Such parties may also add first-party cookies, by storing their own cookies on the domain of the website to which they refer. The so-called “Flash cookies” (Local Shared Objects) are used in Adobe Flash Player to provide certain contents, such as video clips or animations, in order to remember settings and preferences. Flash cookies are stored on the user’s device, but are managed through another interface, not the one provided by the browser used. As regards the nature of cookies, they are of several types: technical cookies are used for the only purpose of “transmitting an electronic communication or to the extent strictly necessary for the provider of an information society service expressly requested by a subscriber or user to provide such service” (art. 122, subsec. 1, of the Code on personal data protection, d.lgs. [Legislative Decree] 2003/196, hereinafter “Privacy Code”). They are not used for any other purposes and are normally installed directly by the website owner or manager. These technical cookies, in turn, can be subdivided into: (i) navigation or session cookies, which ensure the normal navigation and use of the relevant website (by permitting, for instance, to complete a purchase or log in to access reserved areas); they are actually necessary for the proper operation of the website. (ii) Cookie analytics are equalised to technical cookies if used directly by the website manager to collect information in aggregate form regarding the number of users and how they visit the website, in order to improve the website performance. (iii) Functionality cookies, which allow the user to browse the website taking into account a series or criteria previously selected (e.g. language) in order to improve the service provided to the user. For the installation of these cookies, the consent of users is not required. Users are therefore free to block the installation of technical cookies by changing the settings of their browser (see below, “Cookie management”). It should be considered, however, that by blocking the installation of technical cookies, or subsequently removing them, the user may be prevented, entirely or in part, from accessing or using all or part of the relevant website, enabling or disabling certain functions or receiving certain services. As to the nature of cookies, in addition to the mentioned technical cookies, there are the profiling cookies. Profiling cookies aim to create user profiles and are used to send ads in line with the preferences expressed by the user when browsing the web. For the use of profiling cookies, user consent is required. In particular, the user can authorise or refuse consent for the installation of the cookies through the options provided in the relevant section (see below, “Cookie management”). In case of third-party cookies, the site to which they refer has not a direct control over the single cookies and cannot verify them (directly install or delete them). The user, however, can manage such cookies through the browser settings (see below “Cookie management”) or directly by following the instructions indicated in the third-party website.
The duration of cookies depends on the expiry date (or on a specific action, such as the closure of the browser) set upon their installation. Cookies can be: (i) temporary, or session cookies, used to store temporary information. They permit to connect the actions performed during a specific session and are removed from the computer when the browser is closed; (ii) persistent cookies, used to store information, such as the user name and password, so that the User needs not enter them again upon each visit to the website. Persistent cookies remain stored in the User’s computer even after the browser is closed.