GDPR and Cookies
This new umbrella now adds even further restrictions as to the use and management of cookies that are placed on a computer by software that is used to track your activities, requiring explicit consent from website visitors for the storing of non essential cookies (particularly those used for marketing purposes) on their computer.
The ICO website states:
“You must tell people if you set cookies, and clearly explain what the cookies do and why. You must also get the user’s consent. Consent must be actively and clearly given.
There is an exception for cookies that are essential to provide an online service at someone’s request (eg to remember what’s in their online basket, or to ensure security in online banking).”
Non essential cookies (such as analytic, marketing or tracking cookies) must always be turned off when a user enters the site, and explicit consent must be given to turn them on.
This clearly has major implications for marketters who are relying on Google Analytics or similar tracking and monitoring suites, and for advertisers who are using double click etc.
Non compliant cookie statements
Identifying cookies on your website.
See also gdpr-compliance
There’s no such thing as a free lunch
You may not think that your website uses any cookies, if it was designed by a third party, or contains widgets (or bits of third party code) it almost certainly does.
So how do you find out?
There are lots commercially available software that will test compliance and identify cookies, but there really is no such thing as a free lunch, identification is one part of the puzzle, solving the cookie consent conundrum is another, and most identificatin software sites will then try and sell you the ultimate ideal solution.
Always refer back to your website designer, and ask them why you haven’t been compliant since May 2018 … maybe there is such a thing as a free lunch after all …
Termly https://termly.io/ is good for a quick sanity check, but comes with the following disclaimer:
“Disclaimer: This tool is meant to help you determine whether web content meets General Data Protection Regulation (GDPR) and EU ePrivacy Directive 2009/136/EC (ePR) guidelines related to online tracking. Termly automatically scans a website to identify the presence of these requirements and lists them in this report. The scanning technology used to provide the report is not free of errors, and therefore Termly does not warrant that the content of this report is accurate, complete, reliable, or error-free. A positive test response must not be taken as a guarantee that the website satisfies all legal requirements. Please consult the GDPR and ePR legal text, or a trusted source (e.g., the Data Protection Authority or a lawyer in your country) for a full overview of website legal requirements.”
You only have to get it added to your site … back to your website designer …
Cookiebot will produce a downloadable report based on scanning five pages, and requires a subscription to scan more.
It is again a subscription service, with a free version for websites with less than 100 pages.
Code is produced which needs to be added to the website to handle the necessary cookie consent and/or rejection, Back to your website developer.
Cookiepedia (CookiePro – OneTrust)
Cookiepedia https://cookiepedia.co.uk/ is “… the largest database of pre-categories cookies and online tracking technologies.”
You can search by specific cookie identifier to understand what cookie is being used on your website.
You can also scan your website (like Cookiebot) which scans 9 pages using Cookiepro.