Merge pull request #33 from raboof/user-to-visitor
website policy: use 'visitor' instead of 'user'
diff --git a/policies/website-policy.md b/policies/website-policy.md
index 724e54f..f273498 100644
--- a/policies/website-policy.md
+++ b/policies/website-policy.md
@@ -36,7 +36,7 @@
## 2) YouTube
-YouTube content can be embedded only when the creator has given consent before loading
+YouTube content can be embedded only when the visitor has given consent before loading
any file from YouTube.
Please see: [YouTube Example 1](/examples/youtube-html/with-youtube-api.html)
@@ -44,9 +44,10 @@
## 3) Cookies
-No cookies are allowed, except if the user must give consent before the website sets the cookie.
+No cookies are allowed, except if:
-If the cookie is not used for tracking, but used for managing a browser session, no user consent is necessary.
+* the cookie is not used for tracking, but used for managing a browser session, or
+* the cookie is only placed after the visitor explicitly consents to being tracked.
## 4) Using Assets from other Domains
@@ -55,12 +56,12 @@
## 5) (Google) Maps
-(Google) Maps can usually be used, if the site user gives consent before the first time a map loads.
+(Google) Maps can usually be used, if the site visitor gives consent before the first time a map loads.
## 6) Social Media
Social Media buttons (Facebook Like, showing Instagram embeds, Twitter pixel) can
-only be used when the site user gives consent before the buttons load.
+only be used when the site visitor gives consent before the buttons load.
## 7) Facebook Pages