Cookies and the Law

Cookies are small text files that are placed on your computer by websites that you visit. They may be used to store information about you, login details, analytics…a lot of stuff that you by law have a right to know about.

If you don’t have a Cookie policy and/or an opt-in/out you are in breach of the law and you should set something up as in theory you could be fined.

This is what the ICO (an independent organisation that oversee data privacy policy) say about websites:

“To comply with the information requirements of PECR, you need to make sure users will see clear information about cookies. In any case, doing so will increase levels of user awareness and control, and also assist in gaining valid consent.

You also need to tell people about the purposes and duration of the cookies you use.

You need to provide information about cookies in such a way that the user will see it when they first visit your service. This is usually done within the cookie consent mechanism itself.

You should also provide more detailed information about cookies in a privacy or cookie policy accessed through a link within the consent mechanism and at the top or bottom of your website.

You should consider how the design of your online service impacts on the visibility of the link to your policy. For example, a link at the bottom of a concise webpage which has no content “below the fold” will be much more visible and accessible than a link in the footer of a dense webpage of 10,000 words. In this case a link in the header would be more appropriate.”

And while considering UK law and websites, if you are a limited company you must display company details on your website and they must be in a place easily found. So many don’t, even companies that you see on LinkedIn posting on the ICO and privacy. You can be reported and in theory face a fine.