When you visit a website, most of the time a cookie file is saved to your device (with your permission).
This is a simple text file which stores the website’s name and gives you a unique ID so that it can tell you’ve been there before. Cookies can also provide insights into how long you spend on a website, which links you click on, options you’ve chosen and which items you’ve placed into a shopping basket.
This allows websites to deliver pages and services which are tailored to you and your preferences.
What is a cookie policy and why does your website need one?
A cookie policy tells your website visitors what the cookies on your website are for, what data you’re collecting and how you’re using this information. It should also inform people how they can opt out or change their settings, especially as website cookies are prone to change.
Cookies have generated some controversy in the last few years as online consumers become ever more conscious of their online security and privacy. As cookies collect data around what individuals are doing on your website, it’s a legal requirement for all websites to get consent to collect and store information based on a visitor’s browsing habits.
Since GDPR came into force, it’s become even more important for website owners to have a cookie policy and ask for consent from visitors to collect data this way. However, as long as you do this the first time they visit the website, you don’t have to repeat the process every time for the same visitor.
Three steps to writing a cookie policy
1. Identify which cookies you’re using
Identify exactly which cookies you’re using on your website to make sure your cookie policy is accurate. Make sure you think about any cookies which are used by third parties present on your site.
2. Design a pop-up
Create a pop-up for your website that lets visitors know you use cookies as well as where to find your policy with options to accept or decline. Remember that if a user rejects cookies or declines your cookie policy, you absolutely can’t track their activity on your site.
3. Plan your content
You can either create a separate cookie policy or you can include information about cookies within your privacy policy. GDPR compliance regulations state that you must use plain and intelligible language and include the following:
- Type of cookies
- Data which is tracked
- Time that cookies stay on a user’s browser
- Why the cookies are being used
- Where and with whom the data is being shared
- How to reject cookies and change settings
For more detail and helpful tools on all of these steps you can read the full article here, where there’s also lots of handy links to free cookie templates and policy generators. You can also find out everything you need to know about ensuring your small business is compliant with GDPR here.
This article was brought to you in partnership with The UK Domain.