3 min read

Writen by Zlatko Delev

Posted on: March 31, 2021

GDPR compliant cookie policy for your web page

GDPR requires that you have a cookie policy and corresponding cookie banner to alert visitors of this.

Following on this find out the checklist provided by the ICO, to check if your are compliant with the GDPR cookie policy.

Understanding cookies

☐ We understand what cookies are and what they can be used for.

☐ We know the difference between session cookies and persistent cookies.

☐ We know the difference between first party and third party cookies.

☐ We understand what ‘similar technologies’ are and how PECR applies to them. 

Auditing our use of cookies

☐ We know what cookies our online service either already uses or intends to use.

☐ We have removed any cookies that we don’t need.

☐ We have confirmed the purposes of each cookie.

☐ We identify what information each cookie processes, including whether they are linked to other information we hold about our users or otherwise involve processing personal data.

☐ Where personal data is involved, we have ensured that we process this data in line with the requirements of the UK GDPR.

☐ We have confirmed whether our cookies are session or persistent cookies.

☐ We have confirmed whether our cookies are first party or third party cookies.

☐ We have appropriate arrangements in place for the use of any third-party cookies, including what information they share with any third party, how it is shared, and what our users are told.

☐ We have established how long our cookies last and that this duration is appropriate.

☐ We have identified those cookies that are strictly necessary, and those that are not. 

Information about cookies

☐ We have ensured that we provide clear and easy to understand information about the cookies we use.

☐ We have ensured that our information is comprehensive and covers all the cookies we use.

Consent for cookies

☐ We have implemented a consent mechanism that allows users of our online service to control the setting of all cookies that are not strictly necessary. 

☐ We ensure that our consent mechanism ensures the consent we obtain is in line with the UK GDPR’s requirements. 

☐ We keep any records of cookie consent for an appropriate period of time. 

Documenting and reviewing our cookie use

☐ We have documented all of the above.

☐ We have built in an appropriate review period.

Recent blogs

Do you know how to recognize a SAR?

As per the GDPR Regulative there are certain rights that data subjects can obtain. One of the

All that you need to know about lawful basis for processing data

The lawful bases for processing are set out in Article 6 of the UK GDPR. At least one of these must

ICO POST: Data sharing code

Very beneficial blog has been shared by Ali Shah, Head of Technology Policy Blog:Building on the

Get Your Account Now

Setup in just 5 minutes. Enter your company details and choose the EU Representative services you need.

Give Us a Call

Not sure whether EU Representative applies to you or which option to choose? Call, email, chat to us anytime.


Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.