What is a Cookie Policy?
A Cookie Policy is a legal document that provides detailed information about cookies used on your website. The Cookie Policy must be compliant with GDPR, CCPA, and other privacy laws. It has to describe the cookies used on your website, including details about what each cookie does, how long it lasts, and what type of data it collects and stores. The Cookie Policy has to explain why you use cookies and what are the benefits for users.
In addition, the Cookie Policy has to be updated to recent changes in privacy directives. As of 2022, to be compliant with GDPR, your cookie policy has to include the following aspects:
- Clear, concise information. Use clear, direct language when explaining why you use cookies on your website and how this information is used, processed, and stored. This information is often described as an EU cookie disclaimer.
- Consent before processing. Cookies should be inactive by default on your website until the user consents to the cookie policy.
- Document each consent instance. Each time a user consents to the use of cookies, this should be documented and stored securely.
- Declining cookies should not be a barrier. A user's consent to cookies should not be a requirement of using the website's service or as part of a user contract.
- Consent should be separate from other transactions. Article 7 of the GDPR states: "If the data subject’s consent is given in the context of a written declaration which also concerns other matters, the request for consent shall be presented in a manner which is clearly distinguishable from the other matters."
Use CookieScript Consent Management Platform to create your cookie policy.