EU law, information commissioners, cookies, implied consent, data protection, The ICO, e-privacy directives… Recently you could be forgiven for asking ‘what ever happened to running a simple, honest to God website!?’
Fear not. Due to a number of clients contacting us for clarity on these issues, below we detail the basic information you need to navigate the jungle of website small print.
Terms & Conditions
Every website must have them. Every website should also, in theory, get their Terms and Conditions checked by or written by someone in the legal profession. This would be the most right and proper way to get your T’s & C’s arranged. However, if your website is relatively small and simple, does not sell overseas, does not gather large amounts of data and is not in any other way complex we can provide a basic set of Terms & Conditions. You can legally tailor these to your needs and they are suitable for 90% of our clients. If you wonder whether you need to pay a visit to a lawyer to get yours, give us a call.
Your Terms & Conditions need to have a prominent link to them. It is normal to find this in the footer or in the header of your website.
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
You should also have a statement telling the user the implications of disabling cookies. This is especially important if you are an online retailer. John Lewis states:
“If cookies aren’t enabled on your computer, it will mean that your shopping experience on our website will be limited to browsing and researching; you won’t be able to add products to your basket and buy them.”
• First party cookies. These are your cookies. Supply the Cookies name & what the Cookies function is.
• Third party cookies (e.g. Google Analytics). For these you should supply the Cookie’s name, purpose and also the source code of the cookie.
How do I find out what Cookies are on my website?
The ‘easiest’ way to do this is to use the browser Firefox combined with Firebug and the Firecookie extension.
To be absolutely sure of getting all the cookies you will need to visit every page of the website.
First party cookies will have www.mywebsite.co.uk addresses displaying
Third party cookies will have .mywebsite.co.uk addresses displaying
It is important that you get the Name and the Purpose of the cookie. There should not be any cookies on your website that you don’t understand the purpose of.
Social Networking buttons include scripts from third party sites may well be gathering usage information and these need to be listed.
Any other embedded content must also be stated to possibly be gathering usage information for example You Tube or Vimeo.
What is a ‘prominent position’?
The online retailer PC world has a ‘Privacy & Cookies’ link in the footer of their website.
The Information Commissioners method is the most correct. However, the new rules on Cookies were bought in so that the Information Commission could pursue disreputable websites using malicious third party cookies (no Reflow Studio website does this to the best of our knowledge). Therefore a ‘Privacy & Cookies’ page, clearly linked to from the footer of your website, listing all the cookies that are on your website, should suffice for the IOC.
Still want more?