Политика использования cookie

Cookie & privacy policy

FAQ

How to get website cookies to be GDPR compliant?

Under the EU’s GDPR, cookies on your website that process personal data from individuals inside the EU are only allowed to be activated after the end-user has given their consent to do so. That means, any cookie on your website, that is not strictly necessary, and process personal data must be deactivated until the end-user accepts its activation.

What does the GDPR say about cookies?

Under the EU’s GDPR, cookies are only mentioned once, however the EU-wide legislation sets clear rules for how personal data is allowed to be processed by websites, chief among the rules are the necessity of obtaining explicit consent from end-users before collecting their data – and so, any cookie on your website that processes personal data must remain inactive until the user consents.

What is a GDPR compliant cookie banner?

A GDPR compliant cookie banner is an interactive module that informs your users of all cookies and trackers in operation on your website, their purpose, duration and provider, and enables users to give their explicit consent to some, none or all cookies by ticking boxes or sliding controls and pressing a button. It is vital for GDPR compliance that cookie banners do not have pre-ticked checkboxes or forces users into a choice of accepting all or none in return for services.

What is cookie policy under GDPR?

A GDPR compliant cookie policy informs your users of what data your website collects, what purposes you use this data for, which third parties you share their data with, who is the provider of the cookies, how you store their data and ensure its protection, and how users may access, migrate, request rectification or deletion of their data. Your website’s cookie policy must be written in an easy-to-understand language and be easily accessible for your users.

GDPR, cookies and compliance

How to deal with the EU’s GDPR and cookie on your website

The General Data Protection Regulation (GDPR) is an EU legislation that governs all collection and processing of personal data from individuals inside the EU.

Under the EU’s GDPR, it is the legal responsibility of website owners and operators to make sure that personal data is collected and processed lawfully.

A website outside of the EU is required to comply with the GDPR if it collects data from users inside the EU.

Even though cookies are mentioned only once in the GDPR, cookie consent is nonetheless a cornerstone of compliance for websites with EU-located users.

This is because one of the most common ways for personal data to be collected and shared online is through website cookies. The GDPR sets out specific rules for the use of cookies.

That’s why end-user consent to cookies is the GDPR’s most used legal basis that allows websites to process personal data and use cookies.

The GDPR requires a website to only collect personal data from users after they have given their explicit consent to the specific purposes of its use.

Websites must comply with the following GDPR cookie requirements:

  • Prior and explicit consent must be obtained before any activation of cookies (apart from whitelisted, necessary cookies).
  • Consents must be granular, i.e. users must be able to activate some cookies rather than others and not be forced to consent to either all or none.
  • Consent must be freely given, i.e. not allowed to be forced.
  • Consents must be as easily withdrawn as they are given.
  • Consents must be securely stored as legal documentation.
  • Consent must be renewed at least once per year. However, some national data protection guidelines recommend more frequent renewal, e.g. 6 months. Check your local data protection guidelines for compliance.

Typically, GDPR cookie compliance is achieved on websites through cookie banners that allow users to select and accept certain cookies for activation rather than others, when visiting a site.

GDPR compliant cookie banner by Cookiebot CMP.

The European Data Protection Board’s (EDPB) guidelines from May 2020 clarify what constitutes valid consent on websites in compliance with the GDPR.

EDPB guidelines state that your website’s cookie banner is not allowed to have pre-ticked checkboxes and continued scrolling or browsing by users cannot be considered as valid consent for processing of personal data.

Users must freely give a clear and affirmative action to indicate their consent in order for your website to activate cookies and process personal data.

GDPR cookie compliance test

Test if your website is in compliance with the GDPR’s cookie consent requirements by using the free Cookiebot CMP compliance test.

Simply enter the URL of your domain and let Cookiebot CMP conduct a free scan of your website to detect all cookies and trackers on the up to five subpages that are included in the free scan, and whether or not you live up to the GDPR’s cookie consent requirements.

Don’t be alarmed to find that your website has a lot more unknown cookies, trackers and trojan horses that you thought – they are notoriously difficult to know of, considering that –

72% of cookies on websites are loaded in secret by other third-party cookies, making them difficult to know of as a website owner.

18% of cookies on websites are trojan horses, i.e. cookies that are hidden as deep as within eight other cookies, making them practically impossible to detect without deep-scanning technology.

50% of trojan horses will have changed between visits, meaning that they can be different cookies altogether, collecting different data for different agents, and making the legal responsibility of the website owner to always inform users of the purpose and duration of cookies a headache from the get-go.

Source: Beyond the Front Page, a 2020 research paper on website cookies.

The Internet’s changing landscapes are shaped by your website’s cookies and GDPR.

Security

Note: When you store information in cookies, keep in mind that all cookie values are visible to, and can be changed by, the end user. Depending on the application, you may want to use an opaque identifier that the server looks up, or investigate alternative authentication/confidentiality mechanisms such as JSON Web Tokens.

Ways to mitigate attacks involving cookies:

  • Use the attribute to prevent access to cookie values via JavaScript.
  • Cookies that are used for sensitive information (such as indicating authentication) should have a short lifetime, with the attribute set to or . (See , above.) In , this ensures that the authentication cookie isn’t sent with cross-site requests. This would make the request effectively unauthenticated to the application server.

Your rights with respect to personal data

You have the following rights with respect to your personal data:

  • You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
  • Right of access: You have the right to access your personal data that is known to us.
  • Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
  • If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
  • Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
  • Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Information Commissioner’s Office (ICO)).

Your rights with respect to personal data

You have the following rights with respect to your personal data:

  • You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
  • Right of access: You have the right to access your personal data that is known to us.
  • Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
  • If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
  • Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
  • Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Information Commissioner’s Office (ICO)).

Cookies

5.1 Technical or functional cookies

Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.

5.2 Statistics cookies

We use statistics cookies to optimize the website experience for our users. With these statistics cookies we get insights in the usage of our website. We ask your permission to place statistics cookies.

5.3 Marketing/Tracking cookies

Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.

5.4 Social media buttons

On our website we have included buttons for Facebook, WhatsApp and Instagram to promote webpages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like Facebook, WhatsApp and Instagram. These buttons work using pieces of code coming from Facebook, WhatsApp and Instagram themselves. This code places cookies. These social media buttons also can store and process certain information, so a personalized advertisement can be shown to you.

Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymized as much as possible. Facebook, WhatsApp and Instagram are located in the United States.

*.wordcamp.org

Cookie Duration Purpose Logged-in Users Only?
camptix_client_stats 1 year Used to track unique visitors to tickets page on a WordCamp site No
wp-saving-post 1 day Used to track if there is saved post exists for a post currently being edited. If exists then let user restore the data Yes
comment_author_{hash} 347 days Used to tracked comment author name, if “Save my name, email, and website in this browser for the next time I comment.” is checked No
comment_author_email_{hash} 347 days Used to tracked comment author email, if “Save my name, email, and website in this browser for the next time I comment.” is checked No
comment_author_url_{hash} 347 days Used to track comment author url, if “Save my name, email, and website in this browser for the next time I comment.” checkbox is checked No
wp-postpass_{hash} 10 days Used to maintain session if a post is password protected No
wp-settings-{user} 1 year Used to preserve user’s wp-admin settings Yes
wp-settings-time-{user} 1 year Time at which wp-settings-{user} was set Yes
tix_view_token 2 days Used for session managing private CampTix content No
tk_ai Browser default Used for tracking No
jetpackState Session Used for maintaining Jetpack State Yes
jpp_math_pass Session Verifies that a user answered the math problem correctly while logging in. No
stnojs 2 days Remember if user do not want JavaScript executed No
wordpress_logged_in_{hash} Session Remember User session Yes
wordpress_test_cookie Session Test if cookie can be set No

User ID

User ID – это уникальный постоянный номер, который присваивается пользователю и позволяет анонимно идентифицировать его на разных устройствах и в разных сеансах. Подробнее о преимуществах User ID…

Вот как настроить функцию User ID с помощью analytics.js:

  1. Присвойте каждому пользователю, вошедшему в аккаунт, уникальный постоянный анонимный строковый идентификатор (как правило, он извлекается из системы аутентификации).
  2. Настройте User ID в коде объекта отслеживания:
ga('create', 'UA-XXXXX-Y', 'auto', {
  userId: USER_ID
});
ga('send', 'pageview');

Аутентификация после загрузки страницы

При создании одностраничных приложений и других динамических сайтов, где аутентификация пользователя выполняется после загрузки страницы, нельзя задавать User ID при создании объекта отслеживания.

Как только значение станет известно, его нужно добавить в объект отслеживания с помощью команды .

// Creates the tracker and sends a pageview as normal
// since the `userId` value is not yet known.
ga('create', 'UA-XXXXX-Y', 'auto');
ga('send', 'pageview');

// At a later time, once the `userId` value is known,
// sets the value on the tracker.
ga('set', 'userId', USER_ID);

// Setting the userId doesn't send data to Google Analytics.
// You must also use a pageview or event to send the data.
ga('send', 'event', 'authentication', 'user-id available');

При этом обращения, отправленные, пока значение поля не определено, не будут содержать это значение. Чтобы связывать эти обращения с пользователями, в Google Аналитике применяется объединение сеансов.

Legal Requirements for Cookies Policies

Requirements in the EU

Any EU business that uses cookies must comply with the EU Cookies Law, which requires a Cookie Policy to be in place. Visitors to your website must be alerted that cookies are in use, what kind of cookies are in use, and given the option to opt out of having these cookies placed on their devices.

A Cookie Policy is where this information can be thoroughly detailed and explained to your visitors.

While pop-up boxes and banner notifications alert users that cookies are being used and can allow for an option to opt out within that box or banner, this kind of policy is where further information can be detailed and accessible to your visitors at any time.

The EU’s GDPR requires that you get consent to use most cookies, and having a cookie notification is the perfect way to do this.

Requirements in the U.S.

U.S.-based companies that do business targeted to EU nations must comply with EU cookies laws. However, most U.S.-based, U.S.-targeted businesses do not need to comply.

In the U.S., the Federal Trade Commission (FTC) enforces privacy and data security laws and regulations, but cookies are not explicitly separated from general privacy laws as they are in the EU.

It is common with U.S.-based businesses to see just one general Privacy Policy that contains a section within it that deals with the use of cookies.

This differs from EU-based businesses/websites that have both a Privacy Policy and a separate Cookies Policy.

Note below how the EU-based BBC website has a link to its Privacy Policy page and its separate Cookies Policy page in the footer of its website:

While both policies of the BBC are closely connected and within the same general informational section of the website, they are kept clearly separate:

To really see the difference between EU and U.S. requirements, consider Amazon.

Amazon’s U.S. website has a link to a Privacy Notice page in its footer, while Amazon’s UK website has a link to a Privacy Notice as well as a separate Cookies Notice link.

This is the U.S. version of Amazon:

This is the UK version of Amazon:

The U.S.-based Amazon website has the information about cookies located within its Privacy Notice. For U.S. laws, that’s good enough:

Examples

Session cookies are removed when the client shuts down. Cookies are session cookies if they do not specify the or attribute.

Set-Cookie: sessionId=38afes7a8

Permanent cookies are removed at a specific date () or after a specific length of time () and not when the client is closed.

Set-Cookie: id=a3fWa; Expires=Wed, 21 Oct 2015 07:28:00 GMT
Set-Cookie: id=a3fWa; Max-Age=2592000

A cookie for a domain that does not include the server that set it .

The following cookie will be rejected if set by a server hosted on :

Set-Cookie: qwerty=219ffwef9w0f; Domain=somecompany.co.uk

A cookie for a subdomain of the serving domain will be rejected.

The following cookie will be rejected if set by a server hosted on :

Set-Cookie: sessionId=e8bb43229de9; Domain=foo.example.com

Cookie names prefixed with or can be used only if they are set with the attribute from a secure (HTTPS) origin.

In addition, cookies with the prefix must have a path of (meaning any path at the host) and must not have a attribute.

Warning: For clients that don’t implement cookie prefixes, you cannot count on these additional assurances, and prefixed cookies will always be accepted.

// Both accepted when from a secure origin (HTTPS)
Set-Cookie: __Secure-ID=123; Secure; Domain=example.com
Set-Cookie: __Host-ID=123; Secure; Path=/

// Rejected due to missing Secure attribute
Set-Cookie: __Secure-id=1

// Rejected due to the missing Path=/ attribute
Set-Cookie: __Host-id=1; Secure

// Rejected due to setting a Domain
Set-Cookie: __Host-id=1; Secure; Path=/; Domain=example.com

What Information Do We Collect?

  • Cookies used on our Sites: The information we receive from our trusted business partners placing third-party cookies on our Sites may include, for example, information about your operating system, the web pages accessed within our Sites, the link that led you to our Sites, the dates and times you accessed our Sites, and event information (e.g. irregular system crashes).  We may also use third parties who collect Information about Site Visitors through their own cookies, web beacons, and other technologies regarding your online activities, either on our Sites and/or other websites across the Internet, in an effort to understand your interests and deliver you advertisements that are tailored to your interests. These third parties may include the attribution partners, fraud detection partners, analytics partners and product and functionality partners listed here.  For more information about how we may use third parties to deliver you advertisements that are tailored to your interests, please read about our 
  • Cookies used through our Services: The information that we collect via cookies may include, for example, information about your operating system, the web pages accessed within the websites of our Customers, the website that led you to our Customers’ websites, the dates and times you accessed our Customers’ websites or platforms, event information (e.g. irregular system crashes), and general location information (i.e. city).

Cookie

5.1 Cookie tecnici o funzionali

Alcuni cookie assicurano il corretto funzionamento del sito e che le tue preferenze utente rimangano valide. Piazzando cookie funzionali, rendiamo più facile per te visitare il nostro sito web. In questo modo non devi inserire ripetutamente le stesse informazioni quando visiti il nostro sito web, per esempio, l’oggetto rimane nel tuo carrello finché non hai pagato. Possiamo piazzare questi cookie senza il tuo consenso.

5.2 Cookie di marketing/tracciamento

I cookie di marketing/tracciamento sono cookie o qualsiasi altra forma di memorizzazione locale, utilizzati per creare profili utente per visualizzare pubblicità o per tracciare l’utente su questo sito web o su diversi siti web per scopi di marketing simili.

5.3 Pulsanti social media

Sul nostro sito abbiamo incluso dei pulsanti per Facebook e Instagram in modo da promuovere siti web (es. «mi piace», «pin») oppure condividere (es. «tweet») sui social network come Facebook e Instagram. Questi pulsanti funzionano utilizzando codici provenienti da Facebook e Instagram stesso. Questo codice piazza dei cookie. Questi pulsanti social media possono anche salvare e processare certe informazioni, pertanto un annuncio pubblicitario personalizzato potrebbe venirti mostrato.

Leggi l’informativa sulla privacy di questi social network (che possono cambiare regolarmente) per sapere cosa fanno con i tuoi dati (personali) che processano utilizzando i cookie. I dati ottenuti vengono anonimizzati quanto possibile. Facebook e Instagram si trovano negli Stati Uniti.

What to Include in Your Cookies Policy

All Cookies Policies will include the same basic information:

  • That cookies are in use on your website
  • What cookies are
  • What kind of cookies are in use (by you and/or third parties)
  • How and why you (and/or third parties) are using the cookies
  • How a user can opt out of having cookies placed on a device

Let’s look at some examples of Cookies Policy clauses that address the above information.

You Use Cookies, and What Cookies Are

Most Cookies Policies start by letting users know that cookies are in use, and telling them what cookies are. Simple, easy-to-understand language should be used here so that everyone is able to understand what the policy is saying.

Below is an example of the introduction from The Guardian’s Cookies Policy. Note how it starts with a short, simple definition of what cookies are:

NTT Data includes a similar clause, but adds in some informational links for users to visit if they wish to learn more:

What Types of Cookies are Being Used

This section will let users know what cookies you may place, and what the function of each is, in general. This is helpful to users as it allows them to pick and choose which cookies to allow or disallow depending on what they feel comfortable with after being informed.

Here’s how the Guardian informs users about each different type of cookie that is used, and how they may be used:

Pearson uses a dropdown menu format within its Cookie Policy, where users can click on each of the cookie types for more detailed information:

How Cookies are Used

After users know what cookies you use, let them know how you use them. While this may often be combined with the previous clause, some companies opt to separate it.

In other words, the previous clause would note the types of cookies that may be used, and include a general definition of what that cookie is, and then the business would include another clause that describes specifically how the business uses or may use cookies.

Amazon’s Cookies Notice lets users know some of the purposes for using cookies on the website, which is generally helpful and informative:

How Users Can Opt Out of Cookies Use

When it comes to disabling or turning off cookies, you must provide information on how to do this to your users, whether the information is specific to your website, or general.

NTT Data informs users that they can set preferences regarding cookies by clicking a link on the bottom of every page of the website. Instructions are also given for how to manually delete cookies at any time:

Pearson includes a separate webpage with information about «How to Manage Cookies.» Here, users can check to see what cookies are enabled on their computers and adjust them as desired:

Immediate Media might make it the easiest for its users to opt out or change cookie settings by providing a link within the Cookies Policy to directly where the cookie preferences can be changed:

Cookie policy generator — how to get a cookie policy on your website

“Do I need a cookie policy on my website?”, you might be wondering.

The answer is yes, you do.

A cookie policy is legally required by both the GPDR and CCPA. So, the more pressing question is probably: “how do I get a cookie policy on my website?”

The first thing to do is to discover what cookies are in use on your website. This is fundamental for creating a specific and accurate policy, as required, because every website is different.

In other words, you need to know exactly what cookies and other forms of tracking technology is present and operating on your website.

Keep in mind that you have to take into account both your own use of cookies, and the ones that are set by third parties present on your website. Read your third party services’ cookie policies to find out what cookies they may be using on your site.

This is done by using a cookie policy generator like Cookiebot CMP.

Cookiebot CMP scans and reveals all cookies, both first and third party, on your website. It does so by simulating real-life user interaction with your website. It basically crawls your website and all of its subpages and shows you what hides under the surface. It does this automatically once a month.

The result of our cookie policy generator: a detailed cookie declaration by Cookiebot CMP.

A CCPA compliant cookie declaration by Cookiebot CMP.

Our cookie policy generator assembles a cookie declaration – a report on all cookies and tracking present, their technical specification, providence and purpose. This information forms the main part of your cookie policy. It is a requirement in the GDPR that your cookie policy is always up to date.

Cookiebot CMP – its comprehensive scanning abilities and automatic cookie control based on user consent – makes it an ideal cookie policy generator, since you can be sure that no stone is left unturned and that the information that you are giving to your users about your website is always up to date.

The cookie policy may be part of your privacy policy or be published as an independent page on your website. Keep the language of the cookie policy plain and intelligible: this is a specific requirement of the GDPR.

A GDPR and CCPA compliant cookie policy is one that informs the users of all cookies and tracking, how user data is being handled, with whom it is shared, informs users on their rights and how to exercise them, and states the technical specifications and purpose of each tracker.

You can find many examples and templates for your cookie policy on the internet. Keep in mind, however, that your policy should be revised and updated regularly, to make sure that it informs about the actual cookies in use on your site. The GDPR demands that it is correct, specific and up to date.

Syntax

Set-Cookie: <cookie-name>=<cookie-value>
Set-Cookie: <cookie-name>=<cookie-value>; Expires=<date>
Set-Cookie: <cookie-name>=<cookie-value>; Max-Age=<number>
Set-Cookie: <cookie-name>=<cookie-value>; Domain=<domain-value>
Set-Cookie: <cookie-name>=<cookie-value>; Path=<path-value>
Set-Cookie: <cookie-name>=<cookie-value>; Secure
Set-Cookie: <cookie-name>=<cookie-value>; HttpOnly

Set-Cookie: <cookie-name>=<cookie-value>; SameSite=Strict
Set-Cookie: <cookie-name>=<cookie-value>; SameSite=Lax
Set-Cookie: <cookie-name>=<cookie-value>; SameSite=None; Secure

// Multiple attributes are also possible, for example:
Set-Cookie: <cookie-name>=<cookie-value>; Domain=<domain-value>; Secure; HttpOnly

What is a cookie policy?

A cookie policy is a declaration to your users on what cookies are active on your website, what user data they track, for what purpose, and where in the world this data is sent.

Also, a cookie policy should contain information on how your users may opt out of the cookies or change their settings in regard to the cookies on your website.

Many website owners choose to incorporate the cookie policy as a section of their privacy policy. You can also leave your website cookie policy as a stand-alone section.

Regardless, you are legally required by the European GDPR and the Californian CCPA to have one available to your users on your website.

The privacy policy is a document, usually a page on the website, in which all of the methods and purposes of the data processing activities on the site are outlined, including contact forms, mailing lists etc.

Cookies are a potential privacy risk, because they are able to track, store and share user behavior.

Whereas most of the remaining privacy policy may be static, the cookies used on a website are dynamic and might change often.

Therefore, an adequate cookie policy should be regularly updated to make sure that the information is accurate.

How does the GDPR affect my cookie policy?

The EU law on personal data, the General Data Protection Regulation (GDPR), gives website visitors the right to receive specific, up-to date information on what data is registered about them at all times, for what purpose, and where in the world it is sent (along with the possibility to prevent it from happening). 

These rules affect your cookie policy as well as your cookie notification, your cookie consent and your documentation of consents.

How does the CCPA affect my cookie policy?

The California Consumer Privacy Law (CCPA) empowers California residents with rights to know what of their personal information companies and websites collect and sell, plus the rights to have it deleted and to opt out of having their data sold to third parties.

The CCPA states that businesses must inform their visitors at or before the point of collection of what categories of personal information they collect and process, including to which third parties they sell/share/disclose this data.

The CCPA empowers California residents with the following:

  • Right to opt out
  • Right to be informed
  • Right to disclosure
  • Right to deletion
  • Right to equal services and prices

A CCPA compliant cookie policy must include the categories of personal information collected on the website, information about the third parties this information is shared with, types of cookies and other tracking technology and a description of the consumer rights and how to exercise these rights.

Last but not least, websites must feature a Do Not Sell My Personal Information link, through which users can opt out of third party data sales.

Try Cookiebot CMP free for 30 days… or forever if you have a small website.

Requirements for my cookie policy

In order to be CCPA and GDPR compliant, your cookie policy should state:

  • What types of cookies are set,
  • How long they persist on your user’s browser,
  • What data they track/the categories of personal information collected
  • For what purpose (functionality, performance, statistics, marketing, etc.),
  • Where the data is sent and with whom it is shared/which third parties it is shared with,
  • How to reject cookies, and how to subsequently change the status regarding the cookies.

Cookies Policy FAQ’s

Here is a list of frequently asked questions that you may find useful.

1. Is a Cookies Policy required?

A Cookies Policy is only required by businesses in the EU, or businesses located elsewhere that have a target audience in the EU.

For other businesses, simply addressing cookies in your Privacy Policy will be sufficient.

2. What clauses should every Cookies Policy include?

Every Cookies Policy should include the following clauses:

  • What cookies are
  • How you use cookies on your website
  • Any third-party cookies you use
  • Any other tracking technologies you use
  • A list of specific cookies you use
  • How users can control cookies or delete them

3. Where do I display my Cookies Policy?

Include a link to your Cookies Policy in your website footer alongside other important legal links, such as your Privacy Policy and Terms and Conditions agreement.

Your Cookies Policy should also be linked to your Cookie Consent Notice, where you ask users to accept your use of cookies. This lets them access your Cookies Policy and read about your cookie practices before deciding to accept or reject them.

In a mobile app, display your Cookies Policy link in the menu where you provide other legal agreements, such as an «About» or «Legal» menu.

4. Is a Cookies Policy the same things as a Cookie Consent Notice?

No. A Cookies Policy is a text document that outlines a lot of information including what cookies are, what cookies you specifically use, how you specifically use them and how users can change cookie settings or opt out.

A Cookie Consent Notice is a small banner or pop-up notice with a short statement that requests users consent to your use of cookies and links to the full Cookies Policy with all of the relevant information.

5. How do I make my Cookies Policy enforceable?

Use a Cookie Consent Notice to request users agree to your use of cookies, and to your Cookies Policy.

Add a link to your Cookies Policy to the Cookie Consent Notice, and use an «I Agree» button along with a statement similar to «By clicking I Agree, you agree to our use of cookies and to our Cookies Policy.»

Download Cookies Policy Template

Use the Cookies Policy Generator to create this legal agreement.

If you’re looking for the template, download the Cookies Policy Template as a PDF file or download the Cookies Policy Template as DOCX. It’s free.

You can also download this Cookies Policy Template as a Google Document.

This free Generic Cookies Policy Template is available for download and includes these sections:

  • Introduction
  • What are cookies
  • How we use cookies
  • Third-party cookies
  • What are your choices regarding cookies
  • Where can you find more information about cookies
Рейтинг
( Пока оценок нет )
Понравилась статья? Поделиться с друзьями:
Добавить комментарий

;-) :| :x :twisted: :smile: :shock: :sad: :roll: :razz: :oops: :o :mrgreen: :lol: :idea: :grin: :evil: :cry: :cool: :arrow: :???: :?: :!: