3 min read

Writen by Zlatko Delev

Posted on: March 31, 2021

GDPR compliant cookie policy for your web page

GDPR requires that you have a cookie policy and corresponding cookie banner to alert visitors of this.

Following on this find out the checklist provided by the ICO, to check if your are compliant with the GDPR cookie policy.

Understanding cookies

☐ We understand what cookies are and what they can be used for.

☐ We know the difference between session cookies and persistent cookies.

☐ We know the difference between first party and third party cookies.

☐ We understand what ‘similar technologies’ are and how PECR applies to them. 

Auditing our use of cookies

☐ We know what cookies our online service either already uses or intends to use.

☐ We have removed any cookies that we don’t need.

☐ We have confirmed the purposes of each cookie.

☐ We identify what information each cookie processes, including whether they are linked to other information we hold about our users or otherwise involve processing personal data.

☐ Where personal data is involved, we have ensured that we process this data in line with the requirements of the UK GDPR.

☐ We have confirmed whether our cookies are session or persistent cookies.

☐ We have confirmed whether our cookies are first party or third party cookies.

☐ We have appropriate arrangements in place for the use of any third-party cookies, including what information they share with any third party, how it is shared, and what our users are told.

☐ We have established how long our cookies last and that this duration is appropriate.

☐ We have identified those cookies that are strictly necessary, and those that are not. 

Information about cookies

☐ We have ensured that we provide clear and easy to understand information about the cookies we use.

☐ We have ensured that our information is comprehensive and covers all the cookies we use.

Consent for cookies

☐ We have implemented a consent mechanism that allows users of our online service to control the setting of all cookies that are not strictly necessary. 

☐ We ensure that our consent mechanism ensures the consent we obtain is in line with the UK GDPR’s requirements. 

☐ We keep any records of cookie consent for an appropriate period of time. 

Documenting and reviewing our cookie use

☐ We have documented all of the above.

☐ We have built in an appropriate review period.

Recent blogs

Most common types of GDPR violations

As GDPR effect is growing day by day and a lot of companies are affected, we would like to present

ICO published the next chapter of the Anonymisation guidance draft : Anonymisation, pseudonymisation and privacy enhancing technologies guidance

How to ensure anonymisation is effective? The ICO is calling for views on its updated draft gui

When can we refuse to comply with a SAR (Subject Access request) ?

A lot of companies are receiving SAR's almost every day. Not all of the SAR's are relevant and a lo

Get Your Account Now

Setup in just 5 minutes. Enter your company details and choose the EU Representative services you need.

Give Us a Call

Not sure whether EU Representative applies to you or which option to choose? Call, email, chat to us anytime.


Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.