Website Cookies and GDPR Compliance

Published on: 11th June 2018

Cookies are small files that are stored on your device when you visit a website. They can serve many purposes, including tracking your visitor behaviour (e.g. Google Analytics) or enabling a shop to remember what's in your basket. The current ICO GDPR guidance regarding using cookies is as follows:

What do we need to do to comply?

The rules on cookies are in regulation 6. The basic rule is that you must:

  • tell people the cookies are there;
  • explain what the cookies are doing and why; and
  • get the person’s consent to store a cookie on their device.

As long as you do this the first time you set cookies, you do not have to repeat it every time the same person visits your website. However, bear in mind that devices may be used by different people. If there is likely to be more than one user, you may want to consider repeating this process at suitable intervals.

On our website we use cookies to help us manage the information that is shown to the visitor to our site, and to enable Google Analytics to help us monitor our website's performance. We've included these purposes in our Privacy Policy.

To notify people that we're using these cookies we used and downloaded a script that alerts visitors when they are on the site that cookies are in use, and encourages them to click to consent to their acceptance of the cookies we need to use.

A Contradiction

At the moment there is a strange contradiction between the letter of the law and the technology available for its implementation. GDPR requires that people actively consent or decline to accept cookies, however the mechanism used to store their choice for future reference is most likely to be ... a cookie! We are continuing to watch for updates on this situation and hope there will be some practical clarification on how this should work in the future.

Act Now and Keep Informed

In the meantime, update your website's privacy policy and install an alert to inform people that you're using cookies on your website, and follow our news for updates where we'll post any further clarification and guidance as it emerges.

PYXI GDPR Team: 11th Jun 2018 10:21:00