Free Cookie Check and Review for Kent Businesses
It is important that you review your website cookie usage to be sure you are within the law.
We are happy to provide a free cookie check to resolve any concerns or misunderstandings you may have.
A cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies are then sent back to originating website on each subsequent visit. Cookies are useful because they allow a website to recognise a user’s device.
The changes to the Directive in 2009 were prompted in part by concerns about online tracking of individuals and the use of spyware. These are not rules designed to restrict the use of particular technologies as such, they are intended to prevent information being stored on people’s computers, and used to recognise them via the device they are using, without their knowledge and agreement. For persistent serial offenders, a monetary penalty notice requires an organisation to pay a monetary penalty of an amount determined by the ICO, up to a maximum of £500,000.
The Information Commissioner made clear when the rules on cookies were introduced in May 2011 that he would be unlikely to take formal action against those who were taking steps to comply with the rules during a 12 month lead in period.
Therefore, the "knowledge and agreement" means that cookie usage should be explained to the user and taking into account the level of the users technical knowledge and some form of consent policy for the user to acknowledge cookie usage and permission.
It`s worth noting the following;
- Some cookies can be exempted from informed consent under certain conditions if they are not used for additional purposes. These cookies include cookies used to keep track of a user’s input when filling online forms or as a shopping card, also known as session-id cookies, multimedia player session cookies and user interface customisation cookies, eg language preference cookies to remember the language selected by the user.
- First party analytics cookies are not likely to create a privacy risk if websites provide clear information about the cookies to users and privacy safeguards, eg a user friendly mechanism to opt out from any data collection and where they ensure that identifiable information is anonymised.
Implied consent has always been a reasonable proposition in the context of data protection law and privacy regulation and it remains so in the context of storage of information or access to information using cookies and similar devices.
The collection of sensitive personal data such as information about an identifiable individual’s health then data protection law might require them to obtain explicit consent.
Please contact us for any further advice.