It’s designed to help protect the online privacy of individuals by making them aware of how their information is being collected, stored, and used online, thereby giving them a choice whether to allow it or not.
Failure for website owners to comply with this law means that you risk enforcement action from regulators, which can result in a fine.
What is a Cookie?
A cookie is simply a bit of data that is created and stored as a text file when a website loads. You can think of it as a sort of short-term memory for the web. It’s how data is collected from visitors to a website.
Cookies have multiple uses, such as displaying ads or providing a personalized user experience.
They are stored in your browser and allow a website to “remember” bits of information between pages or visits.
You can also let visitors know how they are tracked. Your policy describes the types of cookies you use on your website or app and tells visitors how they can set their cookie preferences.
- Add a brief explanation of what cookies are
- State what types of cookies you’re using
- If using third-party cookies, state this as well
- Let users know your reason for using cookies
1. Work out the cookies your site sets, as well as what they use for. You can do this with a simple cookie audit or through a website cookie scan using a tool like Termly.
3. Get their consent. Once you’ve informed visitors about the types of cookies you use, your reasons for using them, and what you use the information for, you need to obtain their consent before using cookies or allow them to opt-out of cookies in order to give them more control over their online privacy.
GDPR RoPA compliance (General Data Protection Regulation) and other privacy laws state that if you collect information from visitors, you need to disclose to them exactly what type of information you collect (e.g. personal data, payment information, etc.), as well as what you do with this information.
Understanding the California Privacy Law (CCPA)
As previously stated, any website that collects user data needs to have privacy notices or cookie consent banners. This applies to many businesses and websites everywhere and in California, the CCPA states that businesses should give California residents the option to opt-out of having any of their personal data shared with or sold to third parties.
Businesses should also disclose what information has already been collected and, if the user requests it, the data should be deleted.
The GDPR went into effect on 25 May 2018 and is designed to hold businesses responsible for the way they collect, store, and use information from website visitors by issuing fines for noncompliance.
Although the US does not require consent for cookies, if you collect data from users inside the EU, then you must comply with GDPR.
For the most part, cookies are used to better personalize the web experience, which is generally viewed as a positive thing. However, other cookies collect information across a lot of websites, creating behavioral profiles of users.
These profiles are then used to decide which content ads to show visitors. This use of website cookies to target individuals is precisely what the law was designed to highlight.
Of course, there are other technologies such as Flash and HTML5 Local Storage that you can use to achieve similar data collection results.
These are also covered by GDPR and other legislations. However, cookie technology is the most commonly used tool for collecting visitor information.
With this tool, you won’t have to spend thousands of dollars on legal fees. The platform’s compliance suites will help you stay up to date with privacy laws, including:
- ePrivacy Regulation (ePR)
And the best part? You can do all of this for free.
Here are the 5 easy steps to take to start building compliance for your website:
Step #1: Sign up On Termly
Sign up for a free account on Termly’s website. Once you’ve logged in, you’ll see a page that looks like the one below, where you’ll be prompted to add your first website or app.
Step #2: Add Your Website
Click the green button to add your website or mobile app.
Click “Save” and then fill in your business and website information.
Step #3: Scan Your Site
Your next step is to scan your website or app. The platform has an easy-to-use website scanner that you can use to quickly scan your site to find out what compliance information is needed.
You’ll see a popup on this page with a Compliance Checklist that includes the following:
- Scan your site to be GDPR and CCPA compliant
- Embed Consent Banner and Verify Installation
- Create a Terms and Conditions Policy
You can dismiss this message.
The online scanner will quickly search every page of your website to find cookies and automatically categorize them.
The tool will then compile an in-depth list of each cookie, as well as its details in an easy-to-read report.
Cookies will be categorized into six types, which are:
- Essential cookies
- Performance and functionality cookies
- Analytics and customization cookies
- Advertising cookies
- Social networking cookies
- Unclassified cookies
Step #4: Review the Scan
Next, review your comprehensive scan report to discover the information that needs to be added or edited in order for you to be compliant.
At this point, you can review the classifications and auto-block any cookies you want, as well as make any further edits as necessary.
- Automatically Block Cookies: You can automatically block third-party cookies and scripts, which is an essential part of staying compliant with GDPR and other cookie legislation which require you to block cookies until such a time that your website visitor gives consent.
So, now that you have all this information in hand, there’s no reason to put compliance on hold.
Get started right now with Termly and create all the legal documents required for your website by signing up for a free Termly account. Or, if you want to learn more about the software, check out my detailed Termly review to understand everything the platform offers.