Cookies. What are they and why do I need a cookie notice?
Cookies? No, not fortune cookies!
If you have a website which uses software like WordPress, Joomla or Drupal you will need to display a cookie notice and link to a page with a Privacy Policy. You might even need the afore mentioned if you have any other type of site e.g. Weebly or Wix.
Cookies are tiny files created on your computer by your web browser. They are used to store small bits of information to allow webpages to do more than just display pages.
An Example:
When you log into a website, your web browser will save a small file (cookie), containing an ID number, to your computer. When you then look at other pages on the same website, your web browser will look at this cookie, and pass the number back. This allows the website to know that is it you browsing, so will show you pages that only you are allowed to see e.g Your account details.
Any website that does any customisation of its content based on any preferences you’ve saved, or has specific log in only sections, has to use cookies. We’ve come to rely on a lot of these features whenever we use the internet, so you can see why they are important.
Why are cookies important now?
Over the past few years, the use of cookies has become much more sophisticated, allowing website users to be tracked across different sites on the internet. This allows much more complex and targeted advertising. This activity has started to raise privacy concerns, and in answer to this, the EU created a directive for all EU member countries to give web users the right to refuse the use of cookies.
In the UK, this came into power via an update to the Privacy and Electronic Communications Regulations which UK based business are required to adhere to. Failure to follow these regulations could result in enforcement actions from the Information Commissioner’s Office, and ultimately a fine.
Reference
cookiepedia.co.uk/all-about-cookies
cookielaw.org/the-cookie-law
Privacy Policy and Data Protection
Businesses in the UK are subject to the Data Protection Act 1998. This piece of legislation details what your responsibilities are when it comes to looking after the ‘personal data’ you are collecting about your customers and employees.
A Privacy Policy is a formal, legal document which describes how you look after the data of any people who interact with your business. It is there so people who use your website understand what you do with their personal data, how you keep it safe, if there are any third parties involved in the processing of their data and what they need to do if they want to withdraw their data.
If you collect any data about your customers (This includes names and addresses!), or if you have functionality on your site that collects data, e.g. a form through which people can contact you, you must ensure that you are adhering to the Data Protection Act and you have a Privacy policy on your website so customers can use it to make a decision about sending you their private data.
The use of cookies on your website is often explained in a site’s privacy policy but this does not remove the need for there to be a clear cookie notice on your website.
Reference
ico.org.uk/for-organisations/guide-to-data-protection/privacy-notices-transparency-and-control/
en.wikipedia.org/wiki/Data_Protection_Act_1998