There are some misunderstandings about the EU cookie-law. First of all, the legislation exists to prevent websites from tracking private data, that is not necessary for the website to function, unless the visitor is aware of the cookie. You only need to display the cookie-policy opt-out if the website uses "intrusive" cookies, that are not required for the website to function properly.
theeucookielaw.com wrote:You should classify your cookies into four categories:
Essential - Required for your website to function, for example to mark someone as being logged in.
Non-Essential but harmless - Not essential to core functionality but doesn't get used for tracking a user
Fairly Intrusive - Used to track people but do not provide personally identifiable information, for example Google's Analytics
Very Intrusive - Used to track people and provide personally identifiable information
Furthermore, it goes to explain that consent from the visitor is not required for the first two categories:
You do not need to do anything with these, if they are required for the site to function then they fall out of the remit of this law.
Non-Essential but harmless
You should question why they are being used on your site and if you can use some other technology to achieve the same result, technically these fall within the remit of the EU Cookie Law so you should allow people to opt-out, although it has been mentioned by the ICO now that implied consent is allowed.
X3 only uses html5 "local storage" technology to store the site object, and it is used strictly as a functional part of the website. It basically stores the website pages and data objects for more effective caching, nothing else. Thus, it is part of "essential", or at least "harmless".
You do not need to require cookie consent for this, because it is not even remotely related to anything "intrusive" that is used for anything apart from functional benefits of the X3 website itself.