About our cookies
By James Cridland
Posted 2 October 2017, 8.33pm edt
A cookie is a small piece of information which is sent to your computer when you request something from a website, and that your browser will send back in future requests to that site. Some cookies are "persistent", meaning they will continue to be sent for weeks, months or even years unless deleted, while others are deleted automatically when you close your browser window.
Cookies can be used for many things, but one use of persistent cookies is to track you between visits. If a server sends a persistent cookie containing of a unique code number for you, that unique code will be sent back to that server in every future request until it’s deleted, allowing all of those requests to be associated with one another — in effect, allowing the server to distinguish you from another browsers. Sometimes, these kinds of cookies can be sent and received by services embedded on a site, rather than the site itself. These cookies are called third-party tracking cookies, and can be used to associate your visits to multiple distinct sites with one another.
We have two types of cookie - personal and non-personal. (All our cookies are "persistent").
Personal: our login cookie
If you want to, we need to know that you've successfully logged in, and which user you are. So, when you log in, we have a clear note that you consent to us placing a cookie on your system. This cookie (called "muku") contains a long set of randomly-generated characters that we also store in a database next to your personal information. When you load a page on our website, your computer sends us this cookie, and we then look in our database and see if it's connected to any of our users. If it is, we know that you are you.
If you delete this cookie, we'll not know you're logged in. We can set it so that if you log in on another computer, we can change the long set of randomly-generated characters, so your cookie on the first machine ends up being useless (and we'll delete it if so). (You can allow, or disallow, multiple logins in your user settings). Our muku cookie contains no personal information itself.
You can delete this cookie by logging out of the website, or by using your browser's controls.
Not personal: Our country cookie
We personalise this website for the country you are currently in. You can override this by setting your 'edition'. If you set your 'edition' (by clicking on the list of countries at the top of the page, or on mobile by selecting 'more') then we'll set a cookie (called "mukw") which contains a two-character country code. It contains nothing more than an ISO two-character code for a country: there's nothing personal in here.
You can delete this cookie by using your browser's controls.
Not personal: Google Analytics
Along with logfiles, we use Google Analytics to work out what our visitors look at on our website. Google Analytics isn't personal information - it doesn't know who you are, and it's unrelated to your Google account. We do not tie any information from Google Analytics with our login cookie. Since it's not personal information, we aren't specifically asking you for prior consent.
Not personal (for this website): Twitter, Facebook and other similar services
Like almost all other websites, we sometimes use the standard Twitter or Facebook buttons, and similar. Again, if you're logged out of these services, they have no personal information about you. Since it's not personal information, we aren't specifically asking you for prior consent to use them.
You can turn off tracking by Twitter here.
Not personal: advertising partners
We believe that relevant, tailored advertising based on other things you've looked at is a good thing, incidentally: it's much less irritating than scattergun ads containing completely irrelevant stuff. Every time we speak about this to other people, it seems people think the same, too.
How we inform you about our cookie use
We have a clear 'cookies' link on every page. For non-personal cookies, we don't ask for prior consent and nor do we hassle you with a big banner, since a) we don't get any personal information (which is the point of the EU law), and b) we're not an EU company.
For personal cookies that identify you to us, we have a notice on every log-in screen, clearly communicating that if you log in, we'll use a personally-identifiable cookie.
We take this stuff quite seriously