Cookie consent checklist and GDPR
What is GDPR cookie consent ?
Provide accurate and specific information about the data on each cookie tracks
1 – Asking for consent
Check that consent is the most appropriate lawful basis for processing.
Make request for consent prominent and separate from terms and conditions.
Ask people to positively opt in.
Don’t use pre-ticket boxes, or any other type of consent by default.
Specify why you want the data and what you’re going to do with it.
Give granular options to consent to independent processing operations.
Name your organisation and any third parties.
Tell individuals they can easily withdraw their consent.
Ensure that the individual can refuse consent without detriment.
Don’t make consent a precondition of a service.
Seek consent with age-verification and parental-consent measures if offering online services directly to children.
2- Recording consent
Keep a record of when and how we got consent from the individual.
Keep a record of exactly what they were told at the time.
3- Managing consent
Review consents regularly to check that the relationship, the processing and the purposes have not changed.
Implement processes to refresh consent at appropriate intervals, including any parental consents.
Consider using privacy dashboards or other preference management tools as a matter of good practice.
Make it easy for individuals to withdraw their consent at any time, and publicise how to do so.
Act on withdrawals of consent as soon as possible. .
Don’t penalise individuals who wish to withdraw consent.
Back to GDPR summary.