Understand your footprint
Cookies and Online Tracking, Calmly Explained
A plain-language guide to what cookies actually are, how online tracking works, and the simple choices you already have over both — written to inform, not to alarm, so you can decide for yourself how you want to browse.
In short
A cookie is a small text file a website stores in your browser to remember things like your sign-in or settings. Online tracking is when cookies and similar identifiers are used to follow your activity across pages or sites, often to build a profile for advertising. You can review, refuse, and clear most of them yourself.
What a cookie actually is
A cookie is a small text file that a website asks your browser to store on your device. The next time you visit, the site can read that file back and remember something about you — that you are signed in, which language you chose, or what is in your basket. On its own, a cookie is just a short note your browser keeps; it is not a program, and it cannot read the rest of your computer.
Not all cookies do the same job, and it helps to separate them. Some are strictly necessary: the site genuinely cannot work without them, for example to keep you logged in or to remember a privacy choice you already made. Others are there for convenience or measurement, and a site can run perfectly well if you turn them off. The law treats these differently, which is why a site can set the necessary ones quietly but usually has to ask before setting the rest.
Seeing a cookie banner is not a warning sign. It is simply the moment a website is required to ask, and you are allowed to say no to the optional ones. Naming the categories is meant to make that choice clearer, not to make you anxious about an ordinary part of how the web works.
- Strictly necessary cookies — keep you signed in, remember your settings, make the site function
- Preference cookies — remember choices like language or layout for convenience
- Analytics cookies — count visits in aggregate so a site can see what is used
- Advertising or tracking cookies — used to follow activity and build a profile, usually for ads
How online tracking works, in plain terms
Tracking happens when a cookie or a similar identifier is used not just to remember you on one site, but to recognise your browser as you move between pages and, sometimes, between different websites. A small piece of code embedded in many sites — often belonging to an advertising or analytics company rather than the site you are visiting — can read its own cookie each time, and over many visits that builds a picture of where you have been and what you looked at.
Cookies are the best-known method, but they are not the only one. The same effect can come from other small identifiers stored in your browser, or from combining ordinary details your browser shares — these are sometimes called online identifiers, because they can point back to you without using your name. The purpose is usually commercial: to group people by interest and show them advertising. It is a normal part of the data ecosystem, and understanding it is the first step to deciding how you feel about it.
The reassuring part is that tracking is far from total. It works browser by browser and is interrupted whenever you clear cookies, refuse the optional ones, use a browser's built-in protections, or sign out. None of this requires special tools or technical skill — the controls are already in the browser you use every day.
- First-party cookies belong to the site you are on; third-party ones belong to other companies embedded in it
- Tracking links visits together over time to infer interests, usually for advertising
- It is browser-specific, so it resets when you clear cookies or switch devices
- Refusing optional cookies and signing out both limit how much can be linked
The choices you already have
You have more say over cookies and tracking than it can feel like in the moment. When a banner appears, you can accept only what is necessary and decline the rest; a well-built banner makes refusing as easy as accepting. Inside your browser settings you can see the cookies a site has stored, delete them, and choose to block third-party cookies by default — and most browsers now offer a built-in tracking-protection setting you can simply switch on.
These choices are calm, reversible, and entirely yours. Clearing cookies does not break anything important; at most you may need to sign in again or re-pick a preference. There is nothing watching you on the other side of these settings, and there is no rush to get them perfect. You can adjust them whenever you like, as often as you like.
This is the spirit of OSINTA's self-only approach: helping you understand what is happening with your own data so you can decide for yourself, in your own time. If you want to go further than browser settings, your data-protection rights still apply. You can make a Data Subject Access Request (DSAR) to ask an organisation what personal data it holds about you, and in some circumstances ask for it to be erased — the right to consent freely, and to withdraw it, sits at the centre of how cookies are meant to work. OSINTA helps you see your own footprint and frame these requests; it does not act on your behalf and cannot promise an outcome, because that rests with whoever holds the data. This is general information, not legal advice.
- Decline optional cookies in the banner — necessary ones still let the site work
- Open your browser settings to view, delete, or block stored cookies
- Turn on your browser's built-in tracking protection if it has one
- Clear cookies periodically to reset what can be linked together
Frequently asked questions
Are cookies dangerous or a sign something is wrong?
No. A cookie is just a small text file your browser stores so a website can remember things like your sign-in or settings. It is not a program and cannot read the rest of your device. Most cookies are ordinary and harmless, and seeing a cookie banner simply means the site is required to ask before setting the optional ones — which you are free to refuse.
What is the difference between necessary cookies and tracking cookies?
Necessary cookies are the ones a site genuinely needs to work — keeping you signed in or remembering a privacy choice — so they can be set quietly. Tracking cookies, often belonging to advertising or analytics companies, are used to follow your activity and build a profile, usually for ads. A site works fine without those, and you can decline them. The law treats the two categories differently, which is why you get asked about the second kind.
Can I stop being tracked online?
You can meaningfully limit it yourself, even if no single switch removes it entirely. Declining optional cookies, blocking third-party cookies in your browser settings, turning on built-in tracking protection, clearing cookies, and signing out all reduce how much of your activity can be linked together. Tracking works browser by browser, so each of these steps quietly resets part of the picture. None of it requires technical skill.
How does this connect to my data rights?
Consent sits at the heart of how optional cookies are supposed to work: you should be able to agree freely and withdraw that agreement just as easily. Beyond the browser, your wider rights still apply — you can make a Data Subject Access Request to ask an organisation what personal data it holds about you, and in some cases ask for it to be erased. OSINTA helps you understand your own footprint and frame these requests, with your findings in front of you and every decision left to you. This is general information, not legal advice.
Related terms
This is general information, not legal advice. For guidance on your own situation, consider speaking with a qualified professional.
Reviewed by OSINTA's founding lawyer — 2026-06-27.
Understand your footprint, then decide for yourself
OSINTA helps you see what is already public about you and exercise your own data rights, calmly and at your own pace. You stay in control of every step, and there is no rush.