That's because you don't just need to think about permission to issue cookies: you also need to take into account the privacy implications of the data you collect through cookies.
Here's what you need to know.
The reason is that privacy laws around the world address cookies in two different ways. The better known are the laws that require user consent to issue a cookie in the first place, such as Europe's Privacy and Electronic Communications Directive also known as the ePrivacy Directive.
However, the content of cookies (specifically the information they gather) also has legal implications. In many cases, a cookie can be linked to an identifiable individual. That means many aspects of the information will count as personal data under privacy laws. In turn you may need to:
Most privacy laws require you to publish some information about your use of personal data, including that collected through cookies. This can be because:
How best to present the information about your use of data from cookies will depend on what other information you need to present. Options include:
The cookie clause should address: