Cookies and your organisation: make sure you have a good cookie policy in place
A good cookie policy creates confidence among your visitors. Do you ask for consent for placing cookies in the correct manner?
On this page
Why is having a good cookie policy important for your organisation?
Many organisations use cookies on their website or app. Cookies may be useful, but may also affect the privacy of your visitors. That is why it is important to handle this with due care.
By being honest and clear about the use of cookies, you will gain the confidence of your visitors. This creates a better relationship with your visitors. By following the rules, you also prevent fines. The Dutch DPA is checking the correct use of cookies increasingly strictly. Reed more about this on the page This is how the Dutch DPA monitors the use of cookies.
What should you do as an organisation?
It is wise to take a good look at your cookie policy from time to time. The steps below can help you do this.
Why do you need cookies?
Consider if all cookies you want to use are really necessary for your website or app. Do you really need all data that these cookies collect? What exactly do you want to know and what do you want to do with that knowledge?
Some organisations want to collect as many data as possible about their visitors, but do little or nothing with this information in practice. It is not always a good idea to collect more data about your visitors. Your visitors run fewer privacy risks when you use fewer cookies. Besides, collecting more data than necessary is not permitted. Read more on the page The rules for cookies.
DPIA
Do yo want to use cookies that are likely to result in a high privacy risk? Then you will have to carry out a DPIA. A DPIA is an instrument to map out the privacy rights of a processing in advance. By knowing what the risks are, your organisation can take measures to reduce these risks.
Ask for consent in the correct manner
You have to ask visitors of your website or app correctly for consent for placing cookies. You are only allowed to place functional or limited analytics cookies without consent. You can read more about the various types of cookies on the page What are cookies?
You have to ask correctly for consent for placing cookies. With a cookie banner you explain to visitors how their personal data are collected using cookies, and why. To help organisations get started, we highlight the nine most important aspects of cookie banners. Read more about this in: Clear and misleading cookie banners.
Make sure that visitors can refuse cookies without experiencing disadvantageous effects as a results. Refusing cookies should be just as easy as accepting them.
Provide information about which cookies you use
Explain clearly which types of cookies you use, and for what purpose. Mention this, for example, in your cookie statement or privacy statement. Make sure that these explanations are easy to find for visitors of your website or app. And that the explanations have been written in clear, understandable language.
Third parties
Do you share data with third parties? Then indicate which organisations these are and why you share these data.
Retention period and safe storage
Inform your visitors about the period during which your cookies remain active on their computer, telephone or other device. Also make sure you have appropriate security measures in place to protect the data of your visitors. For example, against theft or loss.
Professional advice
Do you have doubts about the cookie policy of your organisation? Seek professional advice then. This can help you prevent problems.