Creating a GDPR-compliant cookie policy

In this article, you will learn what a Cookie Policy is, what the requirements are under the General Data Protection Regulation (GDPR), and how to create and display a GDPR-compliant Cookie Policy page on your website.

What is a Cookie Policy?

A Cookie Policy is a crucial document that explains to your website users what cookies your website employs, what user data these cookies track, the purposes they serve, and where this data is managed.

Under the GDPR, your Cookie Policy should also detail how visitors can opt out of cookies or adjust their cookie settings on your website. To ensure full control over your cookies and to maintain an accurate and up-to-date Cookie Policy, it is essential to create a GDPR-compliant Cookie Policy that is integrated with the key data collection areas of your website.

Who needs a Cookie Policy?
The GDPR is a universal law applicable to the European Union, meaning that it affects all websites, regardless of their location, if they receive visitors from the EU. Hence, all websites should explain the use of cookies to users.

Do I need a separate Cookie Policy if I already have a Privacy Policy?

The GDPR grants website visitors the right to access specific, up-to-date information about the data recorded about them, the purposes for which it is collected, where it is managed, and how they can prevent it.

This legal requirement necessitates a dedicated Cookie Policy on your website, containing specific, accurate, and up-to-date information on your website's use of cookies and users' options for accepting or rejecting them. These rules apply to your Cookie Policy, cookie notification, cookie consent, and documentation of such consents.

The difference between a Cookie Policy and a Privacy Policy

It's important to differentiate between your Cookie Policy and your privacy policy. While the privacy policy is a comprehensive document covering all data processing on your website, the Cookie Policy specifically addresses the use of cookies. This is necessary because cookies can change rapidly due to their ability to track, store, and share user behavior, often involving third-party services with their own policies. Hence, your Cookie Policy must encompass these aspects.

When you update your Privacy Policy, you must notify your users. Frequent updates may discomfort your users. However, when you update your Cookie Policy, there is no obligation to send a notification.

What your Cookie Policy should cover

Your Cookie Policy should provide detailed information on:

  • Types of cookies in use.
  • Duration of cookies on users' browsers.
  • Data collected by cookies.
  • Purposes for collecting this data (e.g., functionality, performance, statistics, or marketing).
  • Data recipients and sharing practices.
  • How to reject cookies and modify cookie settings.

You can find many examples and templates for your Cookie Policy on the internet.

Note: Your Cookie Policy must be reviewed and updated regularly to ensure that it provides accurate information about the cookies in use on your site.

How to create a Cookie Policy page

To create a new page for your Cookie Policy:

  1. Click Pages on the Topbar to open the Page manager menu.WL - Cookie policy - 1.png
  2. Click the blue Plus (+) button to add a new page.
  3. Choose the Empty page template in the Add page menu and enter the new name for this page: Cookie Policy. Here you also have the Display in navigation option, leave it unticked unless you want it to appear in your header navigation. Click Submit to save your new page.

    WL - Cookie policy - 2.png
  4. Click the blue Plus (+) button to add a block to your new page. Choose the Text block from the Blocks library and then select a layout (with or without an image).

    WL - Cookie policy - 3.png

5. Type or paste the text of your Cookie Policy into the block and format its text. Once done, click Publish to save the changes on your website.

Displaying your cookie policies page on your website

You have multiple options for displaying your Cookie Policy:

  • Include it within your Privacy Policy.
  • Place it in the website footer.
  • Present it in the cookie consent banner.

Adding a Cookie Policy to the footer

Here's how you can display your Cookie Policy in the footer: 

  1. Navigate to your footer block and click the footer navigation to open the List settings. (If you don’t have navigation enabled in the footer, go to the Block settings and tick the Footer navigation option.)
  2. Click the blue Plus (+) button to add the new item.
  3. Choose Open a page for the click action and choose your Cookie Policy page from the dropdown list below.

    WL - Cookie policy - 4.png
  4. Type the navigation item name into the Title field and click Submit in this and the next window to add your Cookie Policy link to the footer navigation.

You can also encourage your visitors to read the Cookie Policy page in the cookie consent banner or CookieBot banner.

Best practices for creating a Cookie Policy

  • Identify all cookies in use on your website to create a specific and accurate policy.
  • Write your policy in plain language to comply with GDPR requirements.
  • Keep your Cookie Policy up to date, providing specific, accurate, and continually updated information.
  • Consider third-party cookies, as they may have their own policies.
  • Educate users about their rights regarding data collection and how to exercise those rights.

Note: Remember that GDPR compliance is a complex matter, and consulting legal experts may be necessary to ensure full compliance with the regulation.

Was this article helpful?
0 out of 0 found this helpful