Website Cookies Introduction.

Me loveeee cookies

At this point we will assume you know what an internet cookie is. Unfortunately it is not the tasty type from a Jamie Oliver online recipe but more the type your website leaves on a persons device when they visit your website.

NOTE: You will find a cookie recipe below however.

Cookies serve a number of important functions, for example:

remember a user and their previous interactions with a website
keep track of items in an online shopping cart
keep track of information when you input details into an online application form
identify users when they log onto your WP site

Certain cookies are also used to help web pages to load faster and to route information over a network. However, the information stored in cookies can include personal data, such as an IP address, a username, a unique identifier, or an email address. It may also contain non-personal data such as language settings or information about the type of device a person is using to browse the site. Advertising IDs, user IDs and other tracking IDs may also be contained in cookies.

Data Protection Commission

The Data Protection Commission (DPC) is the national independent authority in Ireland responsible for upholding the fundamental right of individuals in the European Union (EU) to have their personal data protected. The DPC is the Irish supervisory authority responsible for monitoring the application of the General Data Protection Regulation (GDPR), and we also have functions and powers related to other regulatory frameworks, including the Irish ePrivacy Regulations (2011).

In 2020 the Data Protection Commission released guidelines relating to ‘cookies and other tracking technologies’. This was following a review of general practices and implimation at the time (which was found wanting in most cases).

In order to utilise cookies on a website, user consent is normally required (as set out in Regulation 5(3) of the ePrivacy Regulations). Under the General Data Protection Regulation (GDPR), consent must be a clear, affirmative act, freely given, specific, informed, and unambiguous.

Consent is not needed where the cookie is strictly necessary to provide a service which has been explicitly requested by the user, e.g. cookies which may be needed to provide the user with a functioning website which they want to access (see Regulation 5(5) of the ePrivacy Regulations for more information).

So what does this mean for you?

The ePrivacy Regulations require that you obtain consent in order to gain any access to information stored or to store any information on a person’s device.

This means you must get consent to store or set cookies, regardless of whether the cookies you are using contain personal data. The user must also be able to withdraw consent and you must not ‘bundle’ consent for cookies with consent for other purposes, or with terms and conditions for other services you provide.

You may not obtain consent by ‘implication’, this means wording your cookie banner or notice which inform users that, by their continued use of your website – either through clicking, using or scrolling it – that you will assume their consent to set cookies, is not permissible.

To lay it out in the simplest terms:

Vague or nondescript cookie notices are a thing of the past
One tick ‘I agree’ consents are a thing of the past
Your ‘GDPR Privacy Policy’ or ‘Terms of Use’ is not sufficient you should have a dedicated cookie policy
Keeping a log of consent will be a requirement
You must give the option for a user to change their consent preference
Understanding necessary Vs unnecessary cookies is important

What is the impact to my website?

Most vast majority of websites choose to implement a cookie banner or pop-up, which displays when a user lands on the website.

If you use this method, you must not use an interface that ‘nudges’ a user into accepting cookies over rejecting them. Therefore, if you use a button on the banner with an ‘accept’ option, you must give equal prominence to an option which allows the user to ‘reject’ cookies, or to one which allows them to manage cookies and brings them to another layer of information in order to allow them to do that, by cookie type and purpose.

The user’s consent must be specific to each purpose for which you are processing their data, it must be freely given and unambiguous and it requires a clear, affirmative action on the part of the user.

What are my options?

Thankfully you will be happy to hear there are a number of solutions available for consideration. Some are free, some a one-off-payment and others licence based. Remember, at the end of the day you get what you pay for. The free or cheaper options may offer less in the way of customisation or lack key features like consent logging, cookie-sweeps, etc…

A few worthwhile considerations are as follows:

One Trust Cookie Consent – Licence (https://www.onetrust.com/products/cookie-consent)
Cookiebot – Licence (https://www.cookiebot.com)
Cookie First – Licence (https://cookiefirst.com)
Osano – Licence (https://www.osano.com/cookieconsent)
Big Dog Digital – yes of course we have a solution to, its being used on this very site

So, there you have it an overview on cookie consent and what it means for you. As always we are only a phone call or email away should you need further help – to reach out!

And now what you really want, the recipe

Ingredients:

100 g unsalted butter , slightly softened
125 g golden caster sugar
1 large free-range egg
½ teaspoon vanilla extract
200 g self-raising flour
1 pinch of fine sea salt
100 g quality chocolate (use a mixture of milk and dark, if you like)

Method:

Preheat the oven to 170ºC/325ºF/gas 3. Line two baking sheets with greaseproof paper
Beat the butter and sugar in a large bowl until pale and creamy. Crack in the egg, add the vanilla and mix well. Sift in and fold through the flour and salt. Roughly chop and stir in the chocolate
Roll tablespoons of the dough into balls and place onto the lined trays. Cover and chill in the fridge for 15 minutes
Flatten the balls slightly with your fingers, then place in the hot oven for 10 to 12 minutes, or until lightly golden (make sure you don’t overdo them – the chewier the better)
Leave to cool completely, then serve with a glass of cold milk

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_9LZGTB6XJL	2 years	This cookie is installed by Google Analytics.
_gat_gtag_UA_37717232_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.