On the 5th October 2020 the 6-month grace period the Irish DPC gave for websites and apps to become compliant with the Irish cookie rules ends. After this date, the DPC will consider taking enforcement action against non-compliant website / app owners.
You can read our previous article on this Cookie Sweep here
Background
August 2019, the Irish Data Protection Commission (DPC) commenced an examination of the use of cookies and similar technologies on a selection of websites across a range of sectors, including media and publishing, the retail sector, restaurants and food ordering services, insurance, sport and leisure and the public sector.
Following on from this Cookie Sweep, the DPC issued full guidance on the use of cookies. You can read the full guidance here.
To summarise, the main points were:
- All cookies require consent except strictly necessary cookies and cookies used for communication. Analytics / Marketing cookies always require consent.
- Consent must be reaffirmed within 6 months and must be given to each cookie purpose (e.g. statistics, functional, marketing).
- Pre-checked boxes and implied consent is not allowed. Websites may not assume that users give consent merely by scrolling down the website or has seen information in a cookie pop-up.
- Cookie pop-ups must give users the option to decline cookies. Pop-ups only with ‘accept’ buttons are not compliant.
- Cookie pop-ups may not ‘nudge’ users into accepting cookies or make it difficult to reject cookies.
Read our previous article here.
What can CookieScan do for you
CookieScan identifies all the cookies use by your website and categorises them into the appropriate category, such as Marketing, Statistics, Preference or unclassified. Of course any cookies identified as ‘Necessary’ for the operation of the website functions is categorised and deployed to the user’s device.
The cookie categories are displayed on the cookie pop-up for the site user to decide on consent. A full description of the cookies purpose, provider and expiry date is given to the user.
CookieScan requires the site user to provide explicit consent for the category of cookie and records the user’s consent for your records, making this available to you upon request.
CookieScan automatically generates a cookie notice and allows you to link your privacy notice on the pop-up. This cookie notice is update each time the site is scanned and new cookies are identified or redundant ones removed.
Your complete cookie management system will ensure your website is totally compliant with he DPC’s requirements, keeping you safe from scrutiny. Give our 30-day free trial a go and see how easy it is to be compliant with the requirements of the DPC.