☐ We understand what cookies are and what they can be used for.
☐ We know the difference between session cookies and persistent cookies.
☐ We know the difference between first party and third party cookies.
☐ We understand what ‘similar technologies’ are and how PECR applies to them.
☐ We know what cookies our online service either already uses or intends to use.
☐ We have removed any cookies that we don’t need.
☐ We have confirmed the purposes of each cookie.
☐ We identify what information each cookie processes, including whether they are linked to other information we hold about our users or otherwise involve processing personal data.
☐ Where personal data is involved, we have ensured that we process this data in line with the requirements of the UK GDPR.
☐ We have confirmed whether our cookies are session or persistent cookies.
☐ We have confirmed whether our cookies are first party or third party cookies.
☐ We have appropriate arrangements in place for the use of any third-party cookies, including what information they share with any third party, how it is shared, and what our users are told.
☐ We have established how long our cookies last and that this duration is appropriate.
☐ We have identified those cookies that are strictly necessary, and those that are not.
Information about cookies
☐ We have ensured that we provide clear and easy to understand information about the cookies we use.
☐ We have ensured that our information is comprehensive and covers all the cookies we use.
Consent for cookies
☐ We have implemented a consent mechanism that allows users of our online service to control the setting of all cookies that are not strictly necessary.
☐ We ensure that our consent mechanism ensures the consent we obtain is in line with the UK GDPR’s requirements.
☐ We keep any records of cookie consent for an appropriate period of time.
Documenting and reviewing our cookie use
☐ We have documented all of the above.
☐ We have built in an appropriate review period.
As GDPR effect is growing day by day and a lot of companies are affected, we would like to present
ICO published the next chapter of the Anonymisation guidance draft : Anonymisation, pseudonymisation and privacy enhancing technologies guidance
How to ensure anonymisation is effective? The ICO is calling for views on its updated draft gui
A lot of companies are receiving SAR's almost every day. Not all of the SAR's are relevant and a lo