SlideShare a Scribd company logo

Cookies and Data Processing

Ana Gresa Pico
Ana Gresa Pico

Do you always consent to the use of cookies, yet never sure what they actually are? Are you a business owner with an online presence, yet unsure if you are complying with existing UK and EU regulations? Have a read of Oury Clark's guide to clear your confusion today. Have questions? Contact Oury Clark on 0207 067 4300, or drop a quick message to ana.gresapico@ocsolicitors.com

Law
1 of 2
Download to read offline
Cookies and Data Processing Correct at time of publication: November 2016 DP5 Disclaimer: This note does not contain a full statement of the law and it does not constitute legal advice. Please seek legal advice if you have any questions about the information set out above. © Oury Clark 2016 Contact@ ouryclark.com Or see our website for more details act@ ouryclark.com Businesses use cookies on their websites for various purposes. This Guide sets out some of the legal issues surrounding usage of cookies and the legal requirements for websites that are accessible in the UK. What are cookies? Cookies are small files which track user access of websites in order to collect information about individuals and their online behaviour. They are implanted on the user’s hard drive, often without the user’s knowledge, in order to collect information about each visit to the website. Certain information such as setting preferences and login details is then retained for subsequent visits. Cookies are most frequently used to:  optimise the efficiency of a website;  collect details about visitors to a website;  track movements around a website; and  analyse visitor trends Cookies can be used to collect a variety of information and will have differing lifespans. Some cookies will be automatically deleted as soon as a session ends, whereas others will remain on the users device for subsequent visits to the website. The lifespan will generally reflect the type of information being collected and the intended use of the particular cookie. What are the EU/UK requirements on cookies? In the European Union (“EU”), data protection laws apply whenever a business collects ‘personal data’ from individuals that are based within the EU. Personal data means any information which relates to a living individual who can be identified from that data, whether on its own or in conjunction with other obtainable information. This includes basic details such as names, addresses, photos and IP addresses. (For more information about data protection please see our related Wuick Guides and booklet on this subject). If cookies are only being used in a way that does not collect personal data (e.g. where they are solely for navigation purposes), then data protection laws should not apply. Where cookies are used which do collect personal data (e.g. to remember login data) then the website host must meet certain requirements, as set out below: Consent: Under UK law, a business must obtain the consent of an individual before collecting and processing their personal data. Therefore, if a website collects personal information through its cookies, the website owner/host will need to obtain consent prior to processing. This consent can be implied or explicit as follows: Implied Consent can only be relied upon where the website owner/host is able to show that the user has taken a specific action to consent to the use of cookies. The UK’s Information Commissioner’s Office (“ICO”) states that implied consent can be demonstrated by a user moving to the next page of a website where the front page of the website clearly and predominantly states that cookies are used. In order to rely on implied consent, information about cookies must be clearly displayed, usually via a roll-down notice with a link to a more detailed Privacy Policy and/or Cookie Policy (please see below for more information on this). A hidden Privacy Policy would not suffice. Explicit Consent involves the user knowingly indicating their consent (e.g. checking a box). In practice, explicit consent is the safest means of ensuring compliance with the EU data protection requirements. Whether this is needed will depend upon the nature of the business and any regulatory concerns surrounding this. Providing Information: Website owners/hosts are required to provide clear and comprehensive information about the cookies used on a website. This should include information about any third parties which host cookies on their websites; any transfers to third parties; and the owner/host’s use of the data collected by the website. The easiest way to provide this information is through a Cookie Policy linked to the website’s Privacy Policy. When do EU laws apply? Each of the EU member states has its own data protection laws, however these are all governed by the same set of overarching principles. The laws of a particular member state will apply in the following circumstances:
Cookies and Data Processing Correct at time of publication: November 2016 DP5 Disclaimer: This note does not contain a full statement of the law and it does not constitute legal advice. Please seek legal advice if you have any questions about the information set out above. © Oury Clark 2016 Contact@ ouryclark.com Or see our website for more details act@ ouryclark.com 1. The website owner is ‘established’ (please see below) within that member state and the owner collects and processes personal data within the context of that establishment; or 2. The website owner is not established within a member state, but is established in a place where international public law dictates that the laws of that member state apply (this generally only applies to government agencies and embassies so is unlikely to be applicable to most businesses); or 3. The website owner is not established within that member state but uses ‘equipment’ (please see below) situated in a member state. A business is considered to be established in a member state if they have human and technical resources permanently available in that member state (e.g. a physical presence). In the context of the above, equipment does not necessarily have to be owned by the business. Furthermore, when a website places cookies on a user’s device, that device technically becomes equipment used by the website owner to collect data. If the cookie is saved on a hard drive in a member state, the website host will be subject to EU laws. In practice it is very difficult for the EU authorities to enforce data protection laws against businesses which do not have an EU presence, however, businesses should be aware that they will be subject to these laws whenever they process the data of an individual resident in an EU member state and the relevant EU IP registrars do have powers to issue fines or demand changes made to non- compliant websites. Whilst the above requirements are not compulsory in countries outside the EU, many other jurisdictions recommend that website operators obtain consent or, as a minimum, provide users with details of cookies in their Privacy Policy. How to ensure your business complies with its cookie obligations The best way to ensure compliance is through a Cookie Policy and a roll-down notification statement that appears when users first access the website. A Cookie Policy must be noted prior to full use of the website and should include the following information:  The type of information collected through cookies.  How long information will be held.  Whether any information will be shared with third parties.  Whether any information will be transferred out of the EEA.  The purpose of each type of cookie.  How to opt out of the use of cookies (including confirmation of how this may impact on the user experience of the website). The ICO recommend that businesses undertake regular cookie audits to identify the cookies which are used by the website and the characteristic of each cookie. Oury Clark can review your current policies and provide advice on updates and implementation in order to ensure that you are compliant with data protection laws in both the UK and the EU. We can also provide advice on the process needed to conduct a cookie audit. If you require any further information or assistance about your obligations in connection with cookies or data protection more generally then please contact Ben Robson at ben.robson@ocsolicitors.com or on +44 (0)207 067 4300. Oury Clark Solicitors 10 John Street London WC1N 2EB T: +44 (0) 207 067 4300

Recommended

10 THINGS TO CONSIDER WHEN SETTING UP IN THE UK
10 THINGS TO CONSIDER WHEN SETTING UP IN THE UK10 THINGS TO CONSIDER WHEN SETTING UP IN THE UK
10 THINGS TO CONSIDER WHEN SETTING UP IN THE UK
Ana Gresa Pico
 
Buyback of Shares
Buyback of SharesBuyback of Shares
Buyback of Shares
Ana Gresa Pico
 
Buyback of Shares
Buyback of SharesBuyback of Shares
Buyback of Shares
Ana Gresa Pico
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 

Recommended

10 THINGS TO CONSIDER WHEN SETTING UP IN THE UK
10 THINGS TO CONSIDER WHEN SETTING UP IN THE UK10 THINGS TO CONSIDER WHEN SETTING UP IN THE UK
10 THINGS TO CONSIDER WHEN SETTING UP IN THE UK
Ana Gresa Pico
 
Buyback of Shares
Buyback of SharesBuyback of Shares
Buyback of Shares
Ana Gresa Pico
 
Buyback of Shares
Buyback of SharesBuyback of Shares
Buyback of Shares
Ana Gresa Pico
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
bd2c5966a56d
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
SUHANI PANDEY
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptx
elysemiller87
 
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Dr. Oliver Massmann
 
Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptx
filippoluciani9
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in Law
Nilendra Kumar
 
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
Airst S
 
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
Finlaw Associates
 
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
PamelaAbegailMonsant2
 
The Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in SpainThe Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in Spain
BridgeWest.eu
 
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
e9733fc35af6
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction Fails
Aurora Consulting
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
Airst S
 
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptxAnalysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
advabhayjha2627
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
JillianAsdala
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
Julian Scutts
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
Khushdeep Kaur
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
Kelechi48
 
一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书
irst
 
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
Airst S
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 

More Related Content

Recently uploaded

一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
bd2c5966a56d
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
SUHANI PANDEY
 
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
Airst S
 
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
e9733fc35af6
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction Fails
Aurora Consulting
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
Airst S
 
一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书
irst
 
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
Airst S
 

Recently uploaded (20)

一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptx
 
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
 
Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptx
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in Law
 
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
 
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
 
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
 
The Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in SpainThe Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in Spain
 
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction Fails
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
 
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptxAnalysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
 
一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书
 
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
 

Featured

Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 

Featured (20)

Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
 

Cookies and Data Processing

  • 1. Cookies and Data Processing Correct at time of publication: November 2016 DP5 Disclaimer: This note does not contain a full statement of the law and it does not constitute legal advice. Please seek legal advice if you have any questions about the information set out above. © Oury Clark 2016 Contact@ ouryclark.com Or see our website for more details act@ ouryclark.com Businesses use cookies on their websites for various purposes. This Guide sets out some of the legal issues surrounding usage of cookies and the legal requirements for websites that are accessible in the UK. What are cookies? Cookies are small files which track user access of websites in order to collect information about individuals and their online behaviour. They are implanted on the user’s hard drive, often without the user’s knowledge, in order to collect information about each visit to the website. Certain information such as setting preferences and login details is then retained for subsequent visits. Cookies are most frequently used to:  optimise the efficiency of a website;  collect details about visitors to a website;  track movements around a website; and  analyse visitor trends Cookies can be used to collect a variety of information and will have differing lifespans. Some cookies will be automatically deleted as soon as a session ends, whereas others will remain on the users device for subsequent visits to the website. The lifespan will generally reflect the type of information being collected and the intended use of the particular cookie. What are the EU/UK requirements on cookies? In the European Union (“EU”), data protection laws apply whenever a business collects ‘personal data’ from individuals that are based within the EU. Personal data means any information which relates to a living individual who can be identified from that data, whether on its own or in conjunction with other obtainable information. This includes basic details such as names, addresses, photos and IP addresses. (For more information about data protection please see our related Wuick Guides and booklet on this subject). If cookies are only being used in a way that does not collect personal data (e.g. where they are solely for navigation purposes), then data protection laws should not apply. Where cookies are used which do collect personal data (e.g. to remember login data) then the website host must meet certain requirements, as set out below: Consent: Under UK law, a business must obtain the consent of an individual before collecting and processing their personal data. Therefore, if a website collects personal information through its cookies, the website owner/host will need to obtain consent prior to processing. This consent can be implied or explicit as follows: Implied Consent can only be relied upon where the website owner/host is able to show that the user has taken a specific action to consent to the use of cookies. The UK’s Information Commissioner’s Office (“ICO”) states that implied consent can be demonstrated by a user moving to the next page of a website where the front page of the website clearly and predominantly states that cookies are used. In order to rely on implied consent, information about cookies must be clearly displayed, usually via a roll-down notice with a link to a more detailed Privacy Policy and/or Cookie Policy (please see below for more information on this). A hidden Privacy Policy would not suffice. Explicit Consent involves the user knowingly indicating their consent (e.g. checking a box). In practice, explicit consent is the safest means of ensuring compliance with the EU data protection requirements. Whether this is needed will depend upon the nature of the business and any regulatory concerns surrounding this. Providing Information: Website owners/hosts are required to provide clear and comprehensive information about the cookies used on a website. This should include information about any third parties which host cookies on their websites; any transfers to third parties; and the owner/host’s use of the data collected by the website. The easiest way to provide this information is through a Cookie Policy linked to the website’s Privacy Policy. When do EU laws apply? Each of the EU member states has its own data protection laws, however these are all governed by the same set of overarching principles. The laws of a particular member state will apply in the following circumstances:
  • 2. Cookies and Data Processing Correct at time of publication: November 2016 DP5 Disclaimer: This note does not contain a full statement of the law and it does not constitute legal advice. Please seek legal advice if you have any questions about the information set out above. © Oury Clark 2016 Contact@ ouryclark.com Or see our website for more details act@ ouryclark.com 1. The website owner is ‘established’ (please see below) within that member state and the owner collects and processes personal data within the context of that establishment; or 2. The website owner is not established within a member state, but is established in a place where international public law dictates that the laws of that member state apply (this generally only applies to government agencies and embassies so is unlikely to be applicable to most businesses); or 3. The website owner is not established within that member state but uses ‘equipment’ (please see below) situated in a member state. A business is considered to be established in a member state if they have human and technical resources permanently available in that member state (e.g. a physical presence). In the context of the above, equipment does not necessarily have to be owned by the business. Furthermore, when a website places cookies on a user’s device, that device technically becomes equipment used by the website owner to collect data. If the cookie is saved on a hard drive in a member state, the website host will be subject to EU laws. In practice it is very difficult for the EU authorities to enforce data protection laws against businesses which do not have an EU presence, however, businesses should be aware that they will be subject to these laws whenever they process the data of an individual resident in an EU member state and the relevant EU IP registrars do have powers to issue fines or demand changes made to non- compliant websites. Whilst the above requirements are not compulsory in countries outside the EU, many other jurisdictions recommend that website operators obtain consent or, as a minimum, provide users with details of cookies in their Privacy Policy. How to ensure your business complies with its cookie obligations The best way to ensure compliance is through a Cookie Policy and a roll-down notification statement that appears when users first access the website. A Cookie Policy must be noted prior to full use of the website and should include the following information:  The type of information collected through cookies.  How long information will be held.  Whether any information will be shared with third parties.  Whether any information will be transferred out of the EEA.  The purpose of each type of cookie.  How to opt out of the use of cookies (including confirmation of how this may impact on the user experience of the website). The ICO recommend that businesses undertake regular cookie audits to identify the cookies which are used by the website and the characteristic of each cookie. Oury Clark can review your current policies and provide advice on updates and implementation in order to ensure that you are compliant with data protection laws in both the UK and the EU. We can also provide advice on the process needed to conduct a cookie audit. If you require any further information or assistance about your obligations in connection with cookies or data protection more generally then please contact Ben Robson at ben.robson@ocsolicitors.com or on +44 (0)207 067 4300. Oury Clark Solicitors 10 John Street London WC1N 2EB T: +44 (0) 207 067 4300