Cookies are one of the first things that come to mind when discussing the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Cookies collect information from people, and, under data privacy laws, businesses must inform users about these trackers and obtain their consent before setting them into action.
- A list of all active cookies on the website
- The purpose of the cookies (e.g. for functionality, statistics, marketing, etc.)
- How long cookies persist on the user’s browser
- Where data collected is sent or shared, including names of third parties involved
- How a user can reject cookies
- How a user can change the status of cookies
Since the GDPR is a law originating in the European Union (EU), you may wonder, does GDPR apply to non-EU citizens? If so, follow the link to see the answer.
After listing all active cookies, you must create a policy that details the purpose of each one, what data they collect, store, use, or sell, and how users can opt-in or opt-out of them. You can find templates for these online. But it’s good to review the regulations set by the GDPR and the CCPA to make sure that everything’s done by the book.
Cookie Policies Are Essential