Confused about Ireland’s new cookie policy? Here’s all you need to know

In April 2020, the Irish Data Protection Commission launched a report following a cookie “sweep” on several websites across a range of sectors in the Irish economy. This document reveals that most data controllers in the country use pre-checked boxes to acquire permission for using cookies on their websites, including marketing, advertising and analytics cookies. This and other breaches mean companies are not entirely compliant with the General Data Protection Regulation and might be collecting unnecessary data from users. 

To help Irish companies fully comply with the new rules, the DPC updated and issued new guidance on what 100% compliance should look like and a deadline for website operators to get their houses in order. This deadline is October 6, 2020, and if you are an Irish business owner with an eCommerce platform or a website, you might be wondering: what do I do now? The good news is that we can help! 

For starters — understanding cookies and tracking technologies 

Cookies are small text files stored on a device, such as a PC, a mobile device or any other device that can store information. These files come in different forms and serve several functions, including remembering a user and their previous interactions with a website, items in an online shopping cart, details such as name, addresses and contact info, loading information from pages, language and region settings, among others. Other types of tracking technologies are ‘flash’ cookies, software development kits (SDKs), pixel trackers (or pixel gifs), ‘like’ buttons and social sharing tools, and device fingerprinting technologies. 

Ok, that’s an easy one. Now, what exactly has changed? 

Well, a series of things have changed, but the biggest changes are the following: 

• No website will be able to stop users from navigating its pages if this user doesn’t accept their cookie policy. This is what we called “cookie walls”, and they are now banned; 
• Users must be able to see a list of the cookies collected on your website and choose precisely the ones they allow you to collect. 

All the updated guidance from the Data Protection Commissioner is designed to protect internet users, offering people control over the collection of their data. From now, if you are a business and want to collect information about your website users, you’ll need to:

• Inform your users about the data collection; 
• Ask the person for permission to collect their data — and this must be done in a clear, direct and easy-to-access manner;
• Enable people an option to give, withhold, or withdraw their consent if they change their mind about each cookie (reason to use their information); 
• Explain what data will be collected, why you want to collect it and how it will be used by your business;
• If you’re collecting and storing personal data, you need to ensure its safety and comply with the GDPR. 

How can I make sure that my website complies with the new guidelines?  

First and foremost, you’ll need to understand all the rules. To make sure your website is compliant with the DPC and GDPR, you must: 

• Get consent from each user for all non-essential cookies; 
• Remove all cookie walls — if a user doesn’t let you collect cookies from their navigation, they must still be able to access your website; 
• Offer user interfaces that allow your users to change their preferences about the use of their data at any time; 
• Offer straightforward and easy access to your cookie and privacy policies; 
• Avoid legal jargon in your cookies policy, making it clear and user-friendly. 

The easiest way to do that is by getting help from a specialist. 

I’m still confused. Can you help me? 

The Data Protection Commission offers a full guide on everything you need to know about the new cookie policy, and you can review it here. 

If you need any help updating your website so it complies with DPC and GDPR, our team is ready to go. Contact us today and get the guidance you need on the transition — we’ll make sure your site is fully compliant before the deadline!