A Website Without Cookie Compliance is Half-Baked

Cookie compliance. A factor that must be considered in any website planning process. Pretty much any modern website uses cookies. Cookies are small bits of text (code) that are stored on a website visitor’s computer. Cookies are designed to make the user experience better. To remember information such as items in a shopping cart or other preferences. Most websites with any basic level of functionality today can’t operate without cookies.

Cookie compliance and types of cookies

That being said, there are different types of cookies (oatmeal raisin is my personal fave). But on a website, there are…

Essential cookies. As the name implies, these cookies are essential to the function of a website and generally can’t be blocked by a user. Without these cookies, the website wouldn’t function…essentially.

Non-essential cookies. These cookies can fall into categories like advertising or analysis. These are the kind of cookies, for example, that enable those annoying re-marketing ads you see after visiting a website.

So I’ve Got Cookies, So What?

Website cookies are covered under sweeping privacy legislation around the world. The most prominent is the GDPR (Global Data Privacy Regulation). More recently, California passed the CCPA (California Consumer Privacy Act).

The General Data Protection Regulation (GDPR) is an EU-wide regulation that controls how companies and other organizations handle personal data. It is the most significant initiative on data protection in 20 years and has major implications for any organization in the world, serving individuals from the European Union.

The California Consumer Privacy Act (CCPA) is a state-wide data privacy law that regulates how businesses all over the world are allowed to handle the personal information (PI) of California residents.

As the owner of a website with cookies, you may be required by law to to obtain explicit consent from your website visitors who are residents of the EU or California. This is typically done via a notification banner that says something like “This site uses cookies” and gives the visitor the option to accept, decline or customize the cookies they will accept. In addition to this, you website should have a privacy policy that declares and categorizes all the cookies on your site, updated monthly, and allows a user to change their consent to cookies. There are other parts of the regulation as well, but not applicable to this post.

So What Should I Do?

Regardless of website size, it is a best-practice to provide a notice of the use of cookies to all website visitors and to obtain their explicit consent to the use of cookies. In addition, it is important to capture their consent and store this for a period of time (typically 365 days).

Our Website Care package that manages cookie consent for your website. This service includes a monthly refresh of your cookie declaration (the list of cookies on your site at a point in time) and a cookie policy (page or part of your privacy policy) that lets users view and update their consent. For a DIY option, we recommend Cookiebot.

Have questions?

Let's Talk

Consultation Request