What are cookies?
Cookies are tiny text files that are stored on a user’s browser. Most cookies contain a unique identifier called a cookie ID: a string of characters that websites and servers associate with the browser on which the cookie is stored. This allows websites and servers to distinguish the browser from other browsers that store different cookies, and to recognize each browser by its unique cookie ID.
Cookies are widely used by websites and servers to provide many of the basic services we find online. If you shop on a website, a cookie allows the website to remember which items you’ve added to your virtual shopping cart. If you set preferences on a website, a cookie allows the website to remember your preferences the next time you visit. Or if you sign into a website, the website might use a cookie to recognize your browser later on, so that you don’t have to sign in again. Cookies also allow websites to collect data about user activity, such as how many unique visitors a page receives per month. All these applications depend on the information stored in cookies.
The cookie ID in each DoubleClick cookie is essential to these applications. For example, DoubleClick uses cookie IDs to keep a log of which ads show to which browsers. When it’s time to serve an ad to a browser, DoubleClick can use the browser’s cookie ID to check which DoubleClick ads have already been delivered to that particular browser. That’s how DoubleClick avoids showing ads the user has already seen. In the same way, cookie IDs allow DoubleClick to log conversions related to ad requests—such as when a user views a DoubleClick ad and later uses the same browser to visit the advertiser’s website and make a purchase.
DoubleClick cookies contain no personally identifiable information. Sometimes the cookie contains an additional identifier that is similar in appearance to the cookie ID. This identifier is used to identify an ad campaign to which a user was exposed previously; but no personally identifiable information is stored by DoubleClick in the cookie.
When does DoubleClick send cookies to a browser?
DoubleClick sends a cookie to the browser after any impression, click, or other activity that results in a call to the DoubleClick server. If the browser accepts the cookie, the cookie is stored on the browser.
Most commonly, DoubleClick sends a cookie to the browser when a user visits a page that shows DoubleClick ads. Pages with DoubleClick ads include ad tags that instruct browsers to request ad content from the DoubleClick ad server. When the server delivers the ad content, it also sends a cookie. But a page doesn’t have to show DoubleClick ads for this to happen; it just needs to include DoubleClick ad tags, which might load a click tracker or impression pixel instead.
Notify users about cookies
Third-party and first-party cookies
Cookies are categorized as third-party or first-party depending on whether they are associated with the domain of the site a user visits. Note that this doesn’t change the name or content of the actual cookie. The difference between a third-party cookie and a first-party cookie is only a matter of which domain a browser is pointed toward. The exact same kind of cookie might be sent in either scenario.Third-party cookies
Third-party cookies are associated with a domain that is separate from the site a user visits. DoubleClick cookies are associated with doubleclick.net, the DoubleClick domain. When a browser visits a site that shows DoubleClick ads, the browser is not on a site in the DoubleClick domain. This makes the DoubleClick server a third party, so the cookies that the server sends in this context are called third-party cookies.
First-party cookies are associated with the domain of the site a user visits. Any action that points the browser to the DoubleClick domain makes the DoubleClick server the first party. Cookies that the DoubleClick server sends in this context are called first-party cookies.
When a user visits a site with a DoubleClick ad, the user’s browser is pointed toward the publisher’s site, which is the first party. The DoubleClick servers are not in the publisher’s domain, so in this context the DoubleClick server is the third party. However, clicking a DoubleClick ad points the user’s browser to a URL that is in the DoubleClick domain. Although the URL is in the DoubleClick domain, it also includes code that redirects the browser to the advertiser’s site (after the DoubleClick server sends the cookie). This way the user ends up on the advertiser’s site, not in the DoubleClick domain.
Note that some DoubleClick products are used by publishers, not advertisers. DoubleClick for Publishers serves a cookie on the publisher's domain, in addition to or instead of serving cookies on the
doubleclick.net domain. That cookie is called
__gads, and it's set to expire two years after it's served.
If a user opts out using the Ads Settings, the unique DoubleClick cookie ID on the user’s browser is overwritten with the phrase “OPT_OUT”. Because there is no longer a unique cookie ID, the opt-out cookie can’t be associated with a particular browser.