Creating a GDPR-compliant cookie policy

 In this article, you will learn what the cookie policy is,  what the requirements are and how you can create and display your cookie policy page on your website.

What is a cookie policy

A cookie policy explains to your users what cookies your website is using, what user data they track, what purposes of they serve, and where this data is being managed.

Under the new GDPR legislation, cookie policy should explain to users how they can opt-out of the cookies or change their settings cookie settings on your website The easiest way to ensure full control over your cookies and to be sure that you have an accurate and updated cookie policy for your website, is to create a GDPR-compliant cookie policy which is integrated with the key data collection areas of your website.

Do I need a cookie policy?

The GDPR is a universal law for the European Union. This means that it concerns all websites, regardless of their location, should explain the use of cookies if they are accepting visitors from the EU.  

Do I need a separate cookie policy?

The General Data Protection Regulation (GDPR) gives website visitors the right to receive specific, up-to-date information on what data is registered about them at all times, for what purpose, at which location it is managed, and how can they prevent it from happening. 

The law means that you need a proper cookie policy on your website, containing specific, accurate, and up-to-date information on the website's use of cookies and the users' options of accepting and rejecting them. These rules affect your cookie policy as well as your cookie notification, your cookie consent, and your documentation of such consents.

The difference between cookie policy and Privacy Policy

The cookie policy deals specifically with the use of cookies on your site, while the privacy policy is a general and comprehensive document providing details on all data processes on a website. 

You may choose to incorporate the cookie policy as a section of your bigger Privacy Policy. However, this document is large and static, while the nature of cookies can change quickly due to their ability to track, store, and share user behavior. The majority of the cookies in operation on a website are usually set by third parties, which means they have other policies than the website itself. This should also be covered by your cookie policy.

When you update your Privacy Policy, you must send notifications to your users. Too frequent updates to your Privacy Policy may force you to send too frequent reminders which can make your users feel uncomfortable. When you update your cookie policy, you are not obliged to send a notification.

What should your cookie policy cover

Your cookie policy should provide details on:

  • What types of cookies are being used?
  • How long they persist on your user’s browser.
  • What data cookies track.
  • For what purpose do you collect this data (e.g. functionality, performance, statistics, or marketing)
  • Where the data is sent and with whom it is shared.
  • How to reject cookies, and how to subsequently change the status regarding the cookies.

You can find many examples and templates for your cookie policy on the internet.

Note: your cookie policy should be revised and updated regularly to make sure that it informs your visitors and users about the actual cookies in use on your site. 

How to create a cookie policy page

To create a new page for your cookie policy:

1. Navigate to the Pages menu, click on it, and choose Add a new page option at the bottom of your pages list.

2. Enter the new name for this page: Cookie policy. 

Screen_Shot_2019-07-01_at_11.29.58.png

3. Click Submit to create a new page.

4. Click the purple Add a block + button. Choose Article block from the Block Library if you want to create a cookie policy with an illustration image or Text block if you want to create a plain-text block.

Screen_Shot_2019-07-01_at_11.34.57.png

Screen_Shot_2019-07-01_at_11.37.05.png

5. Enter and format your cookie policy text.

6. Once done, click Publish to save the changes on your website.

Displaying your cookie policies page on your website

You have several options for displaying your cookie policy page on your website:

- In the body of your Privacy Policy

- In the footer of your website

- In the cookie consent banner.

Here's how can you display your cookie policy in the footer

1. Navigate to your footer block and create a new link for your cookie policy. To do this, hover any over link and click the Duplicate icon.

Screen_Shot_2019-07-01_at_11.24.05.png

The new link will be automatically created at the end of the list.

Tip: since you may like your cookie policy page to appear next to the Privacy Policy page, consider duplicating the Privacy Policy link.

2. Click on the new link and type in the new name: Cookie Policy.

3. Hover over the link and click the Edit link icon.  

Screen_Shot_2019-07-01_at_11.27.12.png

4. The Link Settings menu opens. Under Click action, choose Open a page link and scroll down to the Cookie Policy page from the drop-down menu. 

Screen_Shot_2019-07-01_at_11.49.31.png

5. Click Submit to confirm the change.

You can also encourage your visitors to read the Cookie Policy page in the cookie consent banner. To do this, enable the cookie consent banner and add content, e.g. Review our cookie policyto the text.

Screen_Shot_2019-07-01_at_11.47.51.png

Best practices of creating a cookie policy

  • The first thing to do is to discover what cookies are in use on your website. This is fundamental for creating a specific and accurate policy because every website is different. You have to take into account both your own use of cookies and the ones that are set by third parties present on your website. Read your third party services’ cookie policies to find out what cookies they may be using on your site. 
  • Write your cookie policy in plain language as this is a legal requirement under GDPR.
  • You may use a cookie policy template or write it from scratch. Just remember that the information in your cookie policy must be specific, accurate, and continually up to date.
Was this article helpful?
0 out of 0 found this helpful