Written by Super User on . Posted in Uncategorised

GDPR and cookies

The GDPR is a set of EU regulations that represent the most significant initiative on data protection in 20 years.

The purpose is to protect “natural persons with regard to the processing of personal data and on the free movement of such data”, e.g. the website user.

Cookies are mentioned once in the 88 pages long regulation. However, those few lines have a significant impact on the compliance of cookies:

(30): “Natural persons may be associated with online identifiers […] such as internet protocol addresses, cookie identifiers or other identifiers […]. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.”

In other words: when cookies can identify an individual, it is considered personal data.

What’s the deal with cookies anyway?

Cookies are small files that are automatically dropped on your computer as you browse the web. In and of themselves they are harmless bits of text that are locally stored and can easily be viewed and deleted.

But cookies can give a great deal of insight into your activity and preferences, and can be used to identify you without your explicit consent.

This represents a major breach from a legal point of view, and as data technologies grow more and more sophisticated, your privacy as a user is increasingly compromised.

Often, the cookies don’t even origin from the website you are visiting, but from third parties that track you for marketing purposes. All of which is going on “behind the scenes”.

While not all cookies are used in a way that could identify users, the majority (and the most useful ones to the website owners) are, and will therefore be subject to the GDPR.

 

What cookies we use?

Cookies for analytics, advertising and functional services, such as survey and chat tools, are all cookies that can identify our site users.