Guidance on Cookies and Similar Technologies
A cookie is a small text file that may be stored on your computer or mobile device that contains data related to a website you visit.
In order to utilise cookies (or any similar technologies) on a website, user consent is normally required (as set out in Regulation 5(3) of the ePrivacy Regulations). Under the General Data Protection Regulation (GDPR), consent must be a clear, affirmative act, freely given, specific, informed, and unambiguous.
However, consent is not needed where the cookie or other technology is strictly necessary to provide a service which has been explicitly requested by the user, e.g. cookies which may be needed to provide the user with a functioning website which they want to access (see Regulation 5(5) of the ePrivacy Regulations for more information).
Users must be provided with easily accessible, ‘clear and comprehensive’ information on:
- The technology used by the website to collect personal data;
- The purpose for which the collected data will be used.
For more information, please see our guidance note on cookies and similar technologies (pdf).