Cookies are a file that is stored in our browser, in which a unique User ID of the visitor of a web page is added. Every time this user browses the website, the Google Analytics pixels, for example, check which User ID corresponds to each page viewed, asking the cookie.

This way they know the browsing made by each User ID in an automated way.

What are third-party cookies?

The cookies that we place in the browser can be third-party cookies. Being a third party means that the cookie placed in the browser, instead of being from the same domain being visited by the user, for example, sealmetrics.com, is issued by the analytics provider; for example, google-analytics.com, adinton.com,…

Therefore, the cookie that is placed on the user’s browser that is visiting sealmetrics.com belongs to google.com; as it is another domain, it is called a third-party cookie.

First-party cookies are when the cookie placed in the user’s browser corresponds to the same domain as the website they are visiting.

For example, visiting sealmetrics.com, the cookie that would be placed would belong to the domain sealmetrics.com.

NOTE: Remember that in SEAL metrics we work without cookies, the above is just an example for your understanding.

The current trend of web analytics tools based on third-party cookies is to pivot to first-party cookies. How are they doing it?

The fact that a first-party cookie belongs to the same domain as the website we are visiting would technically mean that, for example, all websites that work with Google Analytics would have it installed on their server. Practically impossible to do.

They are solving it in the following way:

1. The measurement tool creates pixels to insert the first party cookie as subdomain.clientdomain.com.
2. The client, by means of the DNS, points subdomain.clientdomain.com to the server where the measurement tool is located.
3. When the cookie “falls” it is a first party cookie, but it is measured by a third party.

This is actually the solution used, although it is still a trick to bypass adblockers and regulations; we could say it’s a 3rd party cookie “camouflaged”.

The regulations are clear in both the GDPR and the ePrivacy Regulation, here is a summary of the key points:

1. User privacy must be respected
2. You can NOT work with personal data, without the user’s consent.
3. You can NOT analyze individually, without the user’s consent.
4. You can NOT install anything in the client’s browser without the client’s consent.

User privacy must be respected

In short, if you work with the email, IP,… or any personal data of the user you either anonymize it and do not see it on your servers, or it must require consent to be measured.

It cannot be analyzed individually without the user’s consent.

This point is where the ePrivacy regulation emphasizes. ePrivacy Regulation says that to individually analyze a user, as is done with cookies, requires user consent.

For this reason, we are asked to accept cookies every time we visit a website. Actually, we are not asked to accept cookies, we are asked for permission to “be measured individually”.

NOTHING can be installed in the user’s browser without their consent.

Placing a cookie in the browser is to install “something”. Which is forbidden without consent, using local or session storage, forbidden without consent.

For more information on how to measure with cookies follow the link.

Now that we have seen how the regulation tells us how we must measure, what about my Google Analytics account?

This is where e-commerce has its biggest problem. Because as the regulation stands, Google Analytics can only work by requesting permission from the user through the cookie banner or footer.

You can implement a special setup to Google Analytics to comply with GDPR, but it requires very technical actions. Anyway, this is already explained in the link above

Cookieless tracking is a technology whose objective is to measure what happens on our website while respecting the user’s privacy.

In other words, Cookieless Tracking technology should allow us to answer basic business questions:

• Sales
• Invoicing
• Visits
• Conversion rate
• Traffic
• Traffic per source

With these KPIs we should be able to improve the profitability of our online business.

All this while respecting the user’s privacy. What does respecting privacy consist of?

1. Respecting current regulations
2. Not being able to relate browsing and behavior to a person.

Having explained all of the above, SEAL Metrics is the privacy-first solution we have created.

It’s a solution that respects user privacy and provides business KPIs to marketers in order for them to continue with their activity.

SEAL metrics is a solution that:

1. Doesn’t work with personal data. Nothing. Not even IP. We comply with GDPR.
2. Doesn’t install anything in the user’s browser. We comply with GDPR.
3. We don’t use individual metrics, only aggregate data, ePrivacy compliant.

There are different alternatives in the market, you will find them searching for Cookieless Tracking or Cookieless Analytics on your search engine.

Anyway, to make things easy for you I leave you this comparison of cookieless tracking tools.

In order to make your decision, I advise you to ask the following questions to the solutions:

1. Do they measure anonymously? Almost all the “good ones” do.
2. Do they measure in a non-individualized way? Here are the surprises.
3. Do they have the KPIs I need? If you are an ecommerce: invoicing!
4. Easy to implement. At ecommerce level, we have modules for magento, prestashop, woocommerce and wordpress.