Do I Need A Cookie Policy On My Website?

'}}

You've heard the word 'cookie' in computer terms before, but you don't know what exactly it really means and you're wondering, 'Do I need a cookie policy on my website?'  Well, you've come to the right place. But before answering that question let's take a broad look at what cookies are, how they work and why websites need them.

A cookie is a file which contains information connected to the website you are visiting. Cookies are stored on your computer browser. They help to make your internet experience smoother and more personalised, for example they provide a way for a website to recognize you if you have visited before and to know your preferences when serving up web pages.

TYPES OF INTERNET COOKIES

Although there are many different names for cookies - web cookies, internet cookies, browser cookies, computer cookies, these all refer to the same thing - cookies. 

Cookies can be described as different types based on things like origin, functionality and lifespan.

The lifespan of a cookie can be of two types - a  session cookie or a persistent cookie.

SESSION COOKIES

Also known as temporary cookies, expire after your internet session on a particular website finishes - that is, when you close or move away from the website.

PERSISTENT COOKIES

These are more permanent cookies and are used to remember you when you visit a website again. They can store preferences like language, theme, currency, login details, shopping cart information and other such data which can make your web experience more personalised and offer faster and better delivery of content to you.

FIRST PARTY COOKIES

These are cookies which are set by the website the user is visiting. They can help to calculate page views, number of users, user behaviours, login details amongst other things.

THIRD PARTY COOKIES

Unlike the other types of cookies, third party cookies do not originate from the website that the visitor is using, but from different domains. This includes things like Social Media sites, chatbots, Youtube and any other third party site you may have some sort of links to on your website.

SECURE COOKIES

These cookies can only be transmitted over encrypted https. They are generally used for sensitive information such as for checkout pages, payment pages, on internet banking sites and other such functions that require higher security protection.

ZOMBIE COOKIES

These are generally third party cookies and can be installed to for example ban a visitor from a website, by website analytics companies for example. They are usually difficult to delete or may not be delectable at all. 

HOW COOKIES WORK

A cookie is a small file made up of letters and numbers which is downloaded onto your computer when you visit a website. Typically a cookie will initially contain 3 bits of information -

  • the domain where the cookie has come from
  • the lifespan of the cookie
  • its unique identifying number The cookie file will be stored in your browser's memory on your computer. A session cookie will only remain in your browser files as long as you are on that particular website that issued it. Persistent cookies will remain in your browser files even after you leave the issuing website

This will be expanded depending on how a user interacts with a website and the preferences they may indicate.

ARE COOKIES SAFE?

Cookies don't have any other functionality than being there to provide information when asked.  They are not programs, they can not see or read your other information on your computer, or replicate themselves, or move around your computer files. 

However some cookies can track your overall activity and preferences online and the information can be used by marketers to promote their goods or services to you – known as cookie profiling. For example, you may have noticed that after doing an online search for a particular holiday destination you'll then get adverts for that destination or other holiday services, when you visit other sites which are unrelated to that topic. This is called targeted marketing and is facilitated by cookie profiling.

SHOULD I DELETE COOKIES?

Cookies are generally safe because they can only transmit limited amounts of information about how people interact with a website. If however you do have concerns then many browsers now allow users to block or delete cookies. But be aware that by blocking cookies you may reduce the user functionality available on a website. There are two main reasons for deleting a cookie - you may want to ensure that your browser is not storing sensitive information such as login credentials or financial data, and you may also want to free up space on your hard drive if it’s getting full.

Deleting Cookies can depend on what device and browser you're using. You'll find links to directions for some of the most common below:

How to clear cookies on Google
How to clear cookies on Mozilla
How to clear cookies on Safari
How to clear cookies on Microsoft Edge

A cookie policy is a declaration to website users about what type of cookies are used by the website, their purpose and options for controlling cookies.  Unless your website doesn't use any cookies, which is extremely rare nowadays, it is necessary to have a cookie policy on your website by law if your website has visitors from the UK or any EU countries through the GDPR regulations.

As you will have seen on may websites, generally a cookie consent popup will appear and ask website visitors to acknowledge and agree that they are aware that the website uses cookies. Only by clicking on an OK button does the popup disappear, and there may also be an option on the popup to click to go to the Cookie Policy page to read the details for those who are interested.

As a cookie policy is a legal requirement it is best to check with your legal advisor about the content required for your particular needs.

Since cookie policies became a requirement through the introduction of GDPR (General Data Protection Regulations) there are many online cookie policy generators to help you get started – but always check with your legal advisor that they offer comprehensive cover for your needs. Some examples are:

Iubenda

Considered to be one of the most comprehensive policy generators, it claims to auto update policies in line with changes in GDPR and other regulations - this is particularly useful with the UK transitioning with Brexit over the next few years. They offer Privacy Policies and other legal documents, and run on a monthly subscription, or if you’re lucky enough to catch a deal you can buy a lifetime licence through Appsumo at a fraction of the cost.

Termly

A monthly subscription option, it also offers Privacy Policies and other legal compliance documents. There is a free plan with limited coverage designer for low traffic websites, or monthly subscriptions per website.

Terms Feed

A simple process entering your details allows you to generate a personalised Cookie Policy quickly. There is a one off payment, but the disadvantage is that the policy will not be kept up to date for changes in the law.

GDPR

GDPR regulations are complex. They cover data use and handling of visitors to websites from nationals of or people in the UK and EU. Cookies form part of those regulations. You can find the full regulations on the government website Guide to the General Data Protection Regulation and more details on how cookies relate to GDPR at the Information Commissioner's Office.

FINAL THOUGHTS

So, in short, the answer to the question 'Do I need a cookie policy on my website' is yes if your website has visitors from or nationals of the UK or EU.

As part of GDPR you will also very likely need a Privacy Policy on your website too.

And a final disclaimer - the information in this article is not provided by legal experts. Always check with your legal advisor and the relevant authorities for current regulations to ensure you are compliant with all requirements.

Do I Need A Cookie Policy On My Website last updated April 2022

Recent Posts

website design London

Webbd Ltd. 71 - 75 Shelton St. London WC2H 9JQ

© 2021 All rights reserved