Hello and welcome to part 2 on Cathy Cook's blog series on complying with the cookie regime. Click here to find out more about Cathy and read the first part of her blog series.
First ascertain what cookies you are using:
Identify which cookies you
are using on your website. This
should include not only cookies used by you but those used by third
parties who you have authorised to use your site. If as part of this audit identify old
cookies and remove them immediately
Confirm the purpose of
each cookie. Is the cookie
necessary to perform an essential function of the website or to fulfil
part of the service requested by the website user? Customer recognition, customer tracking
and profiling are considered to be non essential use. Regulation 6(4) of the Revised Regulations
provides that essential cookies do
not require a user’s consent.
Identify what data each
cookie holds and confirm whether the cookie is linked to other data the
provider holds about a user. If
information collected by a cookie relates to a living identifiable
individual then any processing of that data must comply with the Data
Protection Act 1998
Confirm the type of
cookie. Is the cookie persistent or
session? Persistent cookies are
more likely to be privacy intrusive.
Confirm the lifespan of
each persistent cookie. Is the
lifespan appropriate or should it be shortened.
With third party cookies
the website operator needs to liaise with the third parties to ensure that
Often information on cookie use provided to users is too detailed and technical. The ICO suggests that information could be displayed:
As a table of cookies used with a description of
the way each one is used; or
By using a broader explanation. The International Chamber of Commerce
which includes a useful, possibly more user friendly description of
The latest guidance on this from
the ICO includes:
Putting the information on
a separate page on the website and providing a prominent link to that page
from every page of the website. The
link needs to make it clear that it is to information about cookies and
Use an icon although a
standard cookie icon is yet to be developed so it might be difficult to
ensure that users know what the link represents without additional explanation.
In the short term it might
be useful to include a blog post or news item on the home page explaining the
policy on cookies and including a link to the cookie information page.
In the final blog on cookies, Cathy will advise on practical steps towards obtaining consent.
View all of Cathy's blogs and more using the link below
You can follow Jordans Commercial on Twitter using the link below
If you wish to speak to Cathy about any of the issues in this blog then please ring the following number: