Cookie Law Guidance Notes
These Cookie Law Guidance Notes address the important privacy and consent
requirements imposed on website owners operating websites within the EU and
provide practical guidance for compliance.
The law is currently comprised of the Privacy and Electronic Communications
(EC Directive) Regulations 2003 and the GDPR. Under the
law, anyone operating a website in the EU must obtain users’ consent for
the placing of all but strictly necessary cookies (and similar
technologies) on users’ computers and devices.
These Guidance Notes reflect important improvements in the law governing
privacy and data protection, not least the increased breadth of the
definition of “personal data” and the increased importance of obtaining
individuals’ consent ushered in by the GDPR. Providing clear, detailed
is offering them genuine control over the cookies that you use. In these
Guidance Notes we show you some useful examples of how this can be
Brief reference is also made in this document to the (currently draft) EU
ePrivacy Regulation. This was planned to enter into force on 25 May 2018 alongside the GDPR, but has not. Consequently, the PECR remain in place. These Guidance Notes will be updated as and when more
information about the ePrivacy Regulation becomes available.
Once you have purchased access to the appropriate document folder click on
the “Download Document” link below. You will be asked what you want to do
with the file. It is recommended that you save the document to a location
of your choice prior to viewing.