How & Why Do We Comply With Cookie Policies In The UK?

The UK exited the European Union on the 31st of December 2020, which means that we are not only an independent nation but our laws in many cases have changed too.

How & Why Do We Comply With Cookie Policies In The UK?


 

The UK exited the European Union on the 31st of December 2020, which means that we are not only an independent nation but our laws in many cases have changed too.

 

Today we focus on cookie policies in more detail, regarding what they are, how you can comply with them, and things you need to know when cookies are being used on your website.

 

 

What Is A Cookie Policy?

A cookie policy is a small file that is placed on a website visitor’s computer screen. This is usually done with a website cookie policy banner.

 

The website recognizes the user’s device and then stores some personal data or information about the user’s preferences on the site, including their past actions.

 

What information do cookies store?

  • How long a user spends on an individual website.
  • The links you are clicking on.
  • The options, preferences, and settings you’ve chosen.
  • Any accounts you log into.
  • Any pages you have visited.
  • Any items you have placed in your shopping basket.

 

 

What Do You Need To Do When Complying With Cookie Policies In The UK?

Based on regulation 6, the rules you must abide by consist of the following:

 

  • Tell people that are arriving on your site that cookies are being used.
  • Explain what the cookies are doing on your site and why they are being used.
  • Get consent from the visitor to store a cookie on their device to collect personal data and information.  

 

If you display a cookie policy the first time a new visitor enters your website, then this is all you need to do. Different users could also be using the same device so this is something that you need to bear in mind. This can be countered by repeating this process every time someone comes to the site, even if they have been there before.

 

 

What Do I Need To Show?

While you need to display information showing that you are collecting cookies, PECR does not specify what information exactly. The requirements only suggest offering “clear and comprehensive” information about your purposes.

 

You must explain why cookies are being used. Any user or visitor must also understand the consequences that occur when allowing the use of cookies. Make sure the right language is intended and being used for the right audience.

 

If you would like to learn more about the regulations complying with cookies, please read the new and updated Cookies Section in the UK-GDPR law that was recently updated.

 

 

What Counts As Consent?

Consent must be freely given and decided by the visitor. It must involve an action, for example, ticking a box or clicking a link.

 

The person that has hit your website must understand that they are also giving consent. The privacy policy and cookie policy must also be easily accessible. It can not be hard to find or difficult to read or understand.

 

In addition, you may not set non-essential cookies on your website until the user has consented to them.

 

As an owner of the site, you need to make sure that your users are fully aware of their actions when accepting cookies. You need to make sure they have given explicit and deliberate consent. This must be more than merely continuing to use the website and ensure that consent is freely given.

 

You should also ensure that you can enable and disable cookies when needed.

 

While also collecting cookies, you also need to ensure that any privacy-intrusive cookies such as health details or personal data are even being consented to by the user. The ICO will take a risk-based stance on enforcing this area.

 

Enjoying the blog post? Make sure to check out our recent article on ‘What Privacy & Compliance Challenges Do Companies Face With GDPR In 2021?’

 

How Do You Write Up Cookie Policies For A Website?

The first thing you need to do is find out what cookies are on your website. This is necessary for making sure that you are implementing a valid policy.

 

You also need to take into account that your website could be using your own cookies and third-party cookies as well. If you struggle to find this information, then some dedicated plugins and tools can help find third-party cookies on your website.

 

Build A Pop-up: The easiest way to display a cookie policy is through a web notification or pop-up. These usually pop up on the bottom of the page once a user enters a page or a website. This is typically a brief notification that lets users know you are using cookies. They can then decide to click a link that takes them to a privacy policy or to give consent based on the information they know.

 

 

Plan Your Content Accordingly

To make sure you are covering all your bases, plan out how cookies will be tracked, displayed, and informed to incoming users. Your cookie policy could also be apart of your privacy policy, or it can be created as its own separate page.

 

As laid out in UK-GDPR, your language needs to be straightforward and ensure the following bases are covered.

 

  • The types of cookies you’re using.
  • The data you’re tracking.
  • How long cookies stay on a user’s browser.
  • Why you are using cookies.
  • Where the information is sent and who it is shared with.
  • How to reject cookies and also change cookie policy settings.

 

 

What Happens If A User Rejects Your Cookie Policies?

If someone does decide to decline your cookie policy, then this means that you can’t track their activity on your site.

 

There are dedicated strict rules on gaining consent, and for that consent to be valid, it must be freely given by the user. It also must be specific and informed. You MUST include some action, for example, ticking a checkbox or clicking a link. It would be best if you made sure that the user is aware they are giving consent.

 

Remember to provide easy links to your privacy policy and simple instructions for anyone that wants to opt-out of using cookies.

 

If you would like to learn more about cookie policies then read up on the ICO policies concerning cookie policies in the UK and how you should comply with them.

 

For updates on GDPR, compliance with privacy laws, and data regulations that have been put in place for the United Kingdom, follow our IT blog.

 

 

 

 

 

 

You may like

We use cookies on this site to enhance your user experience.
By clicking any link on this page you are giving your consent for us to set cookies.