GDPR stands for General Data Protection Regulation, which is a European Union law which specifies how personal data can be used and processed by a website. It also extends to any members of European Economic Area (EEA). It is designed to protect individuals who wish to maintain some level of control over their personal information and to be able to maintain some level of privacy. The basic stipulations of the GDPR are that organization or person who deals with individual personal data must adapt “appropriate technical and organizational measures” to ensure that data of individuals are protected against inappropriate use. In order to be compliant, anyone who controls data on individuals must disclose any collection of this data to the subjects involved. They must state explicitly how the data is being used, and how long this information is retained.
Cookies can be classified in several ways, and they are used for multiple purposes. They can be described in the following ways:
There are a number of criteria that are absolutely necessary for a cookie banner to be fully GDPR compliant. While it may be difficult to include all of this information on the banner itself, it is acceptable to have a banner with a link to the full agreement upon which the viewer can click and read the full document. The following are required for full compliance:
In your cookie notice, you need to include the following:
Other requirements include: