Websites use session and persistent cookies to balance functionality, security, and privacy with convenience and personalization across visits.
In this article, we’ll explain the key differences between session cookies, which are temporary, and persistent cookies, which remain for a set period.
Session cookies
A session cookie is a temporary cookie that lasts for a single visit to a website. This cookie gets deleted when a visitor closes their browser. As a result, session cookies don’t have an expiration date.
You can use session cookies to remember:
- Items added to a shopping cart
- A temporary login during the visit
- Form inputs when moving between pages
Persistent cookies
Closing the browser doesn’t delete a persistent cookie. It stays on the user’s device until it reaches its expiry date or the user deletes it manually. First stored on the user’s device, it’s sent to the website’s servers on subsequent visits so the website can recognize the visitor.
Websites use persistent cookies to:
- Remember logins, so visitors do not have to sign in every visit.
- Save preferences such as language, theme, or layout across sessions.
- Track browsing habits for targeted ads and personalization.
Persistent cookies can raise some privacy concerns because they track behavior across multiple visits and sometimes across sites. That’s why they are often subject to stringent privacy requirements. For instance, cookie banners or policies must list the lifespan of persistent cookies, the data collected, and the recipients.
