Try our cookie policy generator to verify that the use of cookies and online tracking on your website complies with the GDPR policy. Create your free trial account here.
What is a cookie policy and do you need one for your website? What exactly are the requirements and can you get your own cookie policy? This article explains what the Cookie Policy is, what the requirements are and how you can ensure that you comply with the Cookie Policy as of 2018.
A cookie policy is an explanation to your users of what cookies are active on your website, what user information they are tracking for what purpose, and where that information is being sent around the world. In addition, a cookie policy should include information on how your users can disable cookies or change their preferences about the cookies on your website.
Many website owners choose to include the cookie policy as part of their privacy policy. The Privacy Policy is a document, usually a page on the website, that lists all the methods and purposes of the website’s data processing activities, including contact forms, mailing lists, etc. The Privacy Policy is a document that is used by the website’s users to provide information about their use of the website.
Cookies represent a potential privacy risk because they can track, store and share user behavior. While most other privacy policies may be static, cookies used on a Web site are dynamic and may change frequently. Therefore, an appropriate cookie policy should be regularly updated to ensure that the information is accurate.
The EU Personal Data Act, the GDPR, gives visitors to the website the right to obtain specific and up-to-date information about what information about them is stored, for what purpose and where in the world – along with the ability to prevent this.
These rules apply to your cookie policy and your cookie notice, your cookie consent and your consent documentation.
This means that with the new requirements for EU Cookie Directive 2018, you need a correct cookie policy on your website that contains specific, accurate and current information about the use of cookies by your website and the ability of users to accept and decline them.
Your cookie policy should include the following:
The difference is that the Cookie Policy deals specifically with the use of cookies on your website and the Privacy Policy is more of a general document that covers all data processes on a website, including contact forms, mailing lists, etc. The Privacy Policy is a general document that is used by the website to help you understand how cookies are used.
Often, the Cookie Policy is part of the privacy policy of a web site or app, where it is probably the most difficult part. The policy focuses on the different types of cookies:
The easiest way to ensure full control over your cookies and to ensure that you have an accurate and updated cookie policy for your website is to use a cookie solution that integrates the cookie policy into cookie monitoring.
With CookieFirst, the monthly report from the cookie scan can be integrated with a few lines of JavaScript as an automatically updated part of your privacy policy or cookie policy. This ensures that you are always up to date and correct regarding cookies and GDPR. CookieFirst is one of the few fully GDPR compliant cookie solutions on the market.
We enable you to take care of everything that is relevant on your website with regard to cookies and GDPR. This way you can be sure that your website complies with the regulations.
The short and simple answer is yes.
First and foremost, the GDPR is a universal law for the European Union. This means that the GDPR covers not only all websites that operate within the EU, but also all websites that deal with EU users. With enforcement in May 2018, all sites that refer to local sites outside the EU will also be affected.
In a PwC survey of American multinational organisations, 92 percent stated that compliance with the GDPR has top priority, and 71 percent have already started preparations (as of January 2017). These include data protection guidelines, IT security and the discovery of all data held by companies.
As far as the UK in particular is concerned, it is still part of the EU at the time of enforcement of the GDPR. In addition, the UK government is preparing for a new Data Protection Act that will meet the same requirements as the GDPR, so the same rules will still apply after the UK leaves the European Union in 2019.
In the US, data protection laws are more fragmented because they are a patchwork of sector-specific laws, such as those relating to healthcare companies or financial institutions, or limited to certain states such as California. However, since the GDPR is the most thorough and far-reaching data protection regulation ever adopted, it is likely to serve globally or at least as a model for future data protection regulations.
Therefore, in any case, it is important to take all measures to meet the requirements. The regulations may be an annoying obstacle for businesses here and now, but in the long run they will help restore trust and fairness between businesses and consumers in a data-driven world.
You will find many examples and templates for your cookie policy on the Internet. However, please note that your policy should be revised and updated periodically to ensure that it informs you of the actual cookies on your website.
First, you need to find out which cookies are used on your website. This is essential for creating a specific and accurate policy, as each website is different.
Note that you must take into account both your own use of cookies and those placed on your website by third parties. Read the cookie guidelines of your third-party services to find out which cookies they may use on your website. To find out which cookies are currently being used on your website, you can use our website scan to perform an audit.
CookieFirst analyses all cookies on your website and sends you a report with a complete overview of all cookies used, including their purpose and origin.
Once you have all the necessary information, you can write your cookie guidelines. The policy may be part of your privacy policy or published as an independent page on your website. Keep your language clear and understandable: This is an actual requirement of the GDPR.
You can try a policy template or a policy generator. Note, however, that the information in your cookie policy must be specific, accurate and always up to date.
The easiest way to do this is to choose a cookie solution such as CookieFirst, which includes the service of a constantly updated cookie declaration.
All Rights Reserved, © Digital Data Solutions BV 2019
