Posted on April 11, 2018 by Dominika
You will have no doubt heard a lot of buzz around the introduction of the new General Data Protection Regulations (GDPR) on 25 May 2018. As a website owner, there are some specific considerations coming into effect as part of these new regulations. Under GDPR regulations, cookies are considered personal information as they are used to identify an individual. As you conduct your GDPR review and audit for your business this is how you must treat cookies.
Your website will almost certainly be using cookies to track visitors which means that you will need to make some changes to how these are used. Firstly, you will need to as a minimum have a soft opt-in for site visitors. If your website is aimed at consumers then we would recommend a specific click for consent option that allows you to provide evidence of an opt-in. In either case this means that you must as a minimum do the following;
- Ensure no cookies are dropped before a visitor has given express consent to accept your cookies.
Actions you will need to take
Complying with GDPR for your website needn’t be a huge burden and is essentially an extension to the current DPA rules. As such, assuming you are already DPA compliant, you will have a good basis on which to work from. The main reason that there’s so much buzz around GDPR is that is comes with some potentially significant fines for non compliance. This might sound scary but everyone will be conscious of how important their own personal data is and should therefore be keen to extend the same sentiment towards how they manage personal information themselves.