Written by Raúl Carrión
Índice
Many companies ask us if their website complies with the current law on cookies, for this reason I decided to write an article that brings together all the interesting information on this tricky subject.
A cookie (in the computer field) is a small file that websites store in the user’s browser in order to store information about your browsing habits and be able to consult it on subsequent visits.
A cookie can store a wide range of information: user sessions, display options, passwords, products added to the shopping cart, etc.
The vast majority of websites use cookies as they are used by the most common web functionalities. Any website where we have to log in will surely use cookies, and if the website has Google Analytics it will also use cookies to record the information of the visit.
Since April 1, 2012, the regulation on the treatment of cookies on websites included in the Information Services Law (Ley de Servicios de la Información: LSSI).
This regulation ensures the privacy of Internet users by giving them the possibility to decide whether to accept the use of cookies while browsing a website.
Human Level as an official agent of Confianza Online counts on your invaluable help to advise our clients on this subject. Below is a list of the tasks to be carried out when adapting a website to the cookie law.
Cookie Policy
Content page independent of the legal notice and linked in the footer. It must contain the following information:
- Information on the type of cookies used by the website and their purpose. Whether it is a session cookie, authentication cookie, plugin cookie, etc.
- Information on the identification of who uses cookies. Differentiate between first-party and third-party cookies. In the latter case, please indicate the company providing the cookies.
- Information on how to disable or delete cookies in the main web browsers. It will be sufficient to link manuals for each of the browsers.
You can see an example of this section in our cookies section.
The website must clearly ask the visitor to consent to the use of cookies before any cookies are downloaded. For this purpose we recommend an information bar at the top of the web where consent to install cookies is requested, it should also include a link to the cookie policy page and a button to accept.
The cookie law allows the acceptance to be tacit, so we can understand that if once the message has been seen, the user continues browsing -by scrolling the page or clicking on any element- he/she is accepting the conditions stated.
At that moment is when we will be able to create the cookies and not before. Unfortunately, this is not a trivial matter and involves a certain technical complexity.
There are many websites that do not comply with this law, why do I have to?
Indeed, today there are many websites that do not comply with the law, but this does not exempt you from your responsibility.
This law is mandatory for companies and professionals that meet one of the following requirements:
- Are established in Spain
- Are established outside of Spain but specifically address their services to the Spanish territory.
- Other cases: Article 2 of Law 34/2002
In this link you can read Law 34/2002 in full.
The law provides for a penalty of up to €30,000 for minor non-compliance and up to €150,000 if the non-compliance is more serious.
Downloading cookies in the browser before informing the user may be considered a minor breach, therefore, we should pay special attention to this fact.
Several blogs have already echoed penalties for violating the cookie law.
From Human Level we recommend you to make the above modifications in order to comply with the regulations and avoid future problems. In addition, if the visitor accepts its installation by continuing to browse, we should not notice substantial changes in our web analytics systems.
You can also consult this Guide on the use of cookies, published by the Spanish Data Protection Agency.
