- that you utilize cookies
- they should be provided with information about the kind of cookies that you use
- they should be appraised of the options at their disposal if they prefer to opt-out of your website’s cookies being saved on their devices.
In respect of the European Union’s General Data Protection Regulation (GDPR), cookies that hold sufficient information to enable an individual to be identified are considered to be personal data. Cookies utilized for analytics, advertising, and other services including chat tools, also fall in personal data grouping.
It is pertinent that the following information is understood:
- Consent must be sought prior to cookies being placed on a person’s device. Consent has to be given via a confirmatory action and this can be by asking for consent via a check-box with options. Users may also be allowed to set their preferences for cookies in your site’s Settings sections. User consent should not be assumed.
- Users should be easily able to opt-out of your cookies. Therefore, even if their consent was given, your website has to give visitors a simple method of removing your cookies. If a user consents to your cookies in the Settings section, they should also be able to remove their consent in that same section.