Features Pricing FAQ Resources Documentation Our Story Blog Product Updates
Log in Start free →

Notes on privacy, feedback, and the web.

Short articles from the ThinPoll team.

Mar 12, 2026
What are cookies — and what do they actually do?
Cookies are everywhere on the web, but most explanations are either too vague or too technical. Here's the short version of what they are, how they're used, and why people are trying to get rid of them.
Read →
Mar 12, 2026

What are cookies — and what do they actually do?

A cookie is a small piece of text that a website stores in your browser. That's it. Technically, it's just a name-value pair — something like session_id = abc123 — saved locally and sent back to the server with every request you make to that site.

Cookies were invented in 1994 to solve a real problem: HTTP is stateless, meaning the server doesn't remember who you are between requests. Without cookies, you'd get logged out every time you loaded a new page. So cookies are useful. The problem isn't cookies themselves — it's how they're used.

First-party vs third-party cookies

A first-party cookie is set by the website you're actually visiting. It's used to keep you logged in, remember your preferences, or store a shopping cart. Most people are fine with these.

A third-party cookie is set by a different domain — usually an ad network or analytics provider — embedded on many sites at once. This is how advertisers track you across the web. You visit site A, then site B, then site C — the same ad cookie is present on all three and builds a profile of your behaviour.

Why is everyone getting rid of them?

Third-party cookies are being phased out. Safari and Firefox already block them by default. Google Chrome announced it would follow, though the timeline kept shifting. The main driver is regulation: GDPR in Europe and similar laws elsewhere require websites to get explicit consent before storing tracking cookies. That's why you see cookie banners on every site now.

The banners themselves became a problem — they're disruptive, often misleading, and largely ineffective. Studies show that most users click "Accept all" just to make the banner disappear. The result is a system that theoretically protects privacy but in practice just annoys everyone.

What's the alternative?

For analytics, privacy-first tools like Plausible use aggregate data without any cookies. For feedback, ThinPoll uses an anonymous in-memory session fingerprint — no cookies, no localStorage, nothing stored after the tab is closed. The data stays in the EU, and you don't need to add anything to your consent banner.

The pattern is the same in both cases: collect what you actually need, store it where it makes sense, and don't track users across sites. It turns out you can get useful product data without building surveillance infrastructure into your product.