Top
ePrivacy
Blue gradient overlay
Business

ePrivacy PECR Flash Briefing

PECR Checklist - how do you match up to our initial five point plan?

  • Audit your sites' cookies - for number, function and how they work
  • Update your Cookie consent form
  • Change your site to only deploy the correct cookies at the right time
  • Update your Cookie page
  • Update your social media profiles

Key questions answered

Why? 

Privacy and Electronic Communications Regulations (PECR) say that you must tell people the cookies are there, explain what the cookies are doing and why and get the person’s consent to store a cookie on their device.

When? Since June 2019, sites have been expected to comply with the higher level of consent in GDPR for their cookie notices, too.

What?

  • Your cookie consent form must be clear
  • Positive action must be taken for consent (No pre-ticked boxes)
  • Clearly explain the cookies that will be set and what they do – including any third party cookies and strictly necessary cookies
  • Users must have control over any non-essential cookies, like analytics, marketing or social
  • Non-essential cookies must not be set on landing pages before you gain the user’s consent
  • Your Cookie page and social media profiles must be updated.
  • Who?
  • This applies to all sites, even if you have used a 'legitimate interest' argument for GDPR or have a cookie wall

What's the tricky bit? 

PECR applies to your specific cookies, and your site may have a lot of them. Each one may work differently, and whilst we already have a long list of ones we have seen there are thousands of services, which use cookies. The technical challenge is stopping cookies being deployed on your site, which can be tricky with some services.

How does the NDP PECR Audit work? 

First, we will run a cookie scan on your website, in order to identify all the cookies that can be set by all the pages and elements of the site. We review the results of the scan and categorise all the cookies identified across three categories:

  • Essential (which is defined as essential to the proper functioning of the website from the user's perspective). For instance, cookies necessary to track the items that a user has added to their shopping cart on the site.
  • First party: cookies directly set by the website (for instance, Hotjar or Google Analytics cookies).
  • Third party: cookies set by other services, via embedded elements on your site (for instance, cookies set by Google when a user views a YouTube video embedded on your site, or by Facebook/Twitter if a user clicks a social sharing button on one of your site's pages).

Finally, we will review each cookie, how it is set and how we can block it (if it is non-essential and a user chooses to reject cookies). At the end of this process, we will deliver the conclusions of our Cookie Audit to you, which will include our recommendations on how to manage the cookies on your site.

 

Latest Insights

Storytelling on your website

Welcome to the April edition of TechTrends! In this issue, we delve into the quite literally ‘captivating’ world of website animation and micro-interactions. As web experiences become increasingly dynamic and interactive, animation and micro-interactions play a growing role in engaging users and enhancing usability.

Learn More geometric figures

AI-powered personalisation

How best to go about writing an article about AI-powered personalisation - I know a fair amount, that's why I’m here writing this, but maybe I could brush up a bit on the topic first?

Learn More geometric figures

Bulk email sending - are we there yet?

Google and Yahoo handle a lot of email. Google alone delivers over 100 billion every day, an eye-watering number. So when these players change the rules about how those messages are delivered, we should probably pay attention.

Learn More geometric figures

Unravelling the Cookie Mystery: What You Need to Know!

The UK Government Information Commissioner’s Office has some startling news for you. They’re fed up with searching the web and then writing letters to companies about lack of compliance (it’s so old-fashioned).

Learn More geometric figures