Ok, so unfortunately not those kind of cookies….but just as common these days.
The rules on the use of Cookies and Similar Technologies are not part of the GDPR but included under the Privacy and Electronic Communications Regulations (PECR). PECR has been in place for a number of years and is part of UK Law, however with the focus shifting to understanding and implementing GDPR in recent years, businesses need to remember that there are rules and guidelines within the PECR that need to be followed.
In relation to Cookies and the consent of their use, the PECR takes precedent but now also refers to the stricter rules around consent brought in with GDPR.
Your customers need to be aware of what cookies are in use and in most cases need to provide freely given consent for them.
Do you know what cookies your website uses and how they work?
The ICO recently issued an updated guidance on the use of Cookies and Similar Technologies which provides full detail on what is and isn’t acceptable and you may be surprised when you see that many of the websites you visit yourself are not complying. As a starting point, remember:
- You cannot rely on implied consent
- You need to detail what cookies are set and what they do (including third party cookies)
- Users must have control over any non-essential cookies (Analytics are useful folks but not essential for your customer)
- You cannot rely on legitimate interests to set cookies
- Never rely on generic privacy or cookie statements and simple ‘click to proceed or accept’ buttons as you are very likely to be breaching the regulation.
- Consider carrying out an audit of existing cookies to ensure that you have the right mechanisms in place to comply with the regulation
If you need support complying with the updated Regulations, please get in touch. We can help.
