Learn About the Cookie Policy and How You Can Comply
The UK Cookie Law is strict, so how you manage and inform your users on the data you collect is more important than ever for a privacy centric world. Find out that the cookie law is and some tips on how to comply.
What Is the Cookie Policy and Its Purpose?
To break It down a cookie is a small file that is downloaded onto your device, such as a smart phone or a computer. When a user accesses the website, the cookie will recognise the device and store information about the user. This will be information is anonymous data such as user preferences, behaviour and past actions when browsing online. This can help to make advertising more effective. Without cookies, it’s harder for an advertiser to reach their audience.
A cookie policy tells the user what type of cookies are being used, the information they are collecting and why they are being used. Users can also find out how they can manage cookies or delete them if necessary. The aim is to help any visitor to your website have a clear understanding of the information you are taking and giving them control of their privacy while using your website.
What Is Required From Website Owners to Be Complaint?
Identify Cookies
First you must identify what cookies your website uses. These cookies will then need to be categorised based on their purpose. To identify the cookies, you must carry out an audit. There are tools that can do this for you such as CookieYes. Framework are now partners of CookieYes, therefore we can offer support to conduct this audit to create an accurate cookie policy for you.
Cookie Policy and Privacy Policy
Your Cookie and Privacy Policy is a detailed article that should demonstrate how you are complying with legal requirements. Your cookie policy can be accessed through the cookie banner as well as its own page on the website. This will include more detailed information on the cookies being used, why they are being used, how the user can manage their cookies. Your cookie policy can be part of the privacy policy. This is a general policy covering various aspects such as information collection, who is responsible for the data collected and the user’s rights.
Your policies must be easy to understand, and you should avoid technical language so that it is accessible to all. When your user’s data is involved, it is important to get it right so here at Framework, we can help you create a privacy policy and a cookie policy that is complaint and user friendly.
Your Cookie and Privacy Policy can be provided together or on separate pages. Horwood and James Solicitors is a great example of providing these policies together. If you want to see a Cookie Policy that is separate to a Privacy Policy here is an example from the Florence Nightingale Hospice website.
Cookie Banner
On your website you must have a cookie banner. A cookie banner is a pop-up or notification on your website that allows visitors to see the Cookies you are using and why. This banner must remain accessible the entire time a user is on the website, so it is easy to change their preferences if they wish. The banner should include the ability to manage your consent, direct link to the full cookie policy page and see what cookies are being used. Your cookie banner must have clear and concise messaging so that it is accessible to everyone regardless of their comprehension.
The pop-up must include options to either accept, reject or adjust cookie preferences. These options must not be suggestive in design to be compliant. For example, pre-ticking boxes or using colour to draw attention to the button that accepts the cookies. It is important not to do this as a user should have the freedom to choose how their data is collected without manipulation.
Why Is It Important to Have a Cookie Policy?
The EU Legislation states that a website must let you know when it uses cookies. This is why a cookie policy is crucial. The Cookie Policy started as an EU Directive in 2011, this gave users the right to refuse the use of cookies to protect their privacy, while being online. This meant the UK had to adjust their own privacy law accordingly. The laws can change, so it is important that you keep up to date. For example, from March 2024 Google announced that Google Consent Mode V2 was mandatory to continue collecting data if you are in the European Economic Area. This meant if you did not comply, you would receive no new data about your users for, ad personalisation, re-marketing and measurement. This demonstrates the importance of staying up to date and being aware of changes to policies and how they could potentially affect your business.