Strictly necessary cookies are the cookies a website needs to function properly. They allow secure login, page navigation, and transactions. Without them, users cannot access essential services. Under GDPR, these cookies do not require user consent, but websites must still disclose their use in the cookie policy.
Examples include:
- Session cookies that keep users logged in.
- Cart cookies that remember items during checkout.
- Security cookies that help prevent fraud.
These cookies are limited to essential services only. They cannot be used for analytics, advertising, or tracking. For instance, remembering a language preference may be necessary, but tracking browsing history is not.
Most Consent Management Platforms (CMPs) categorize strictly necessary cookies separately. Users can see them but cannot disable them, since doing so would break core website functions.
Only cookies required for essential services are strictly necessary. All other cookies must remain disabled until explicit consent is given.
Read more on strictly necessary cookies.