Read This First

Having a cookie policy will not make you compliant with GDPR; it is just one step toward compliancy.

The sample cookie policy below is provided as an EXAMPLE ONLY. It is not guaranteed in any way to be accurate or thorough. Since I am not a lawyer, you should not consider any information on this page as legal advice. I am providing this for informational purposes only, as an example. You are responsible for writing your own cookie policy.

PLEASE DO NOT simply cut-and-paste this policy and rely on it to be wholly accurate, without error, 100% what the law requires, or even that it covers the cookies that are present on your website. It is an example only.

You still need to do a cookie audit so you can address the specific cookies on your site. If you want my help with the cookie audit on your site, click the big blue button below and request assistance. During a cookie audit, I will visit each page of the site and make a list of cookies that are loading when accessing pages and interacting with content. When finished, I will provide you with a list so you can write your policy. 

Information about pricing for my assistance can be found on the GDPR page.

Request Help with a Plugin & Cookie Audit


Want to DIY Your Cookie audit?

If you want to DIY the cookie audit on your site, check out the Do A Cookie Audit tab under the Getting Started & DIY section of the GDPR page.


OFFICIAL GUIDANCE FROM THE EU

For official guidance on writing a cookie policy, utilize the official cookie policy template provided in the Cookie Consent kit by the EU. You can find it here.


Cookie Policy – Example

 
What’s a cookie?

A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences, or items in online shopping carts) over a period of time, so you don’t have to keep re-entering that information whenever you come back to the site or browse from one page to page. Not all cookies collect information that identifies you, though. Some just collect general information such as how users arrive at and use a website, which helps website owners evaluate and find ways to improve features and content.


Types of Cookies

There are four kinds of cookies:

  • Session cookies. These cookies last only for the session and are erased when the user closes the web browser.
  • Persistent cookies. These cookies remain even after the internet browser session is closed. These cookies are stored on a user’s computer or mobile device until they expire or until the user deletes the cookie. Persistent cookies are used to collect identifying information about the user, such as web surfing behaviour or user preferences for a specific website. They have expiration dates which may vary from cookie to cookie.
  • First-party cookies. These cookies are placed by the website a user is visiting. For example, if you visit Amazon.com, then Amazon.com generates cookies for direct interaction with their website.
  • Third-party cookies. These cookies are placed by a site other than the one a visitor is using. These types of cookies are most often related to online advertising and marketing, social media networks like Twitter and Facebook, and content from embedded media services such as Vimeo, YouTube, and SoundCloud.

The majority of modern web browsers support cookies and most have settings that can be customized to decline some cookies and the abliity for a user to delete the cookies at will.

For more information about cookies, see http://www.allaboutcookies.org


Cookie Categories

There are four main categories of cookies:

Strictly Necessary Cookies
These cookies are essential to a user’s ability to navigate a website and use its features. Example: Without these cookies, a user would not be able to log into their account at the website or complete a purchase at an online store. Another “strictly necessary” example is a cookie that retains a user’s preference on whether or not to accept cookies from a website they visit.

Performance Cookies
These cookies collect information about how a visitor uses a website. These cookies do not collect personally idenitifying information but allow website owners to evaluate the site’s performance in order to improve user experience and content. Example: Cookies related to Google Analytics.

Functionality
These cookies remember user preferences in order to provide a more personalized experience of a website. They may store things such as your user name, language or the region preference, or even text size. These cookies may also be used to provide services a user has asked for, such as watching a video or commenting on a blog, or logging into a website. Example: When you visit a weather reporting website, you might enter your postal code so you see weather specific to your region.

Targeting or Advertising
These cookies are used to deliver advertisements that are more relevant and suited to a user and their interests. They are also used to limit the number of times a user might see an advertisement, as well as help measure the effectiveness of an advertising campaign. They are usually placed by advertising networks with the website owner’s permission. They remember what websites a user has visited and the information is shared with other organisations such as advertisers. Sometimes these cookies are linked to site functionality.
 


How This Site Uses Cookies

You MUST tailor the information in this section to your site.

For example:

This website uses cookies essential to the efficient and consistent operation of the site and to offer a personalized experience for users, as well as to: 

  • Enable user interactions with blog comments
  • Improve site speed and content through usage of anonymized analytics.

This site also uses some third-party services that may place cookies on your computer when you interact with the service or third-party content. For example:

  • When you watch a video from YouTube
  • Listen to an audio sample from SoundCloud
  • Share a blog post using the social media icons at the bottom of a post.

Additionally, we do engage in online marketing that uses cookies that may track you beyond this website.


First-Party Cookies

First-party cookies are cookies that relate to the functions and features of this website specifically, and are set by this website, not a third party.  

In this section, you will detail any cookies that YOUR site is placing. These might include cookies related to:

  • Cookie Consent preference
  • Mobile Theme preference
  • Blog Comments 
  • Newsletter Popup Window  
  • E-commerce Store or Shop
  • Analytics 

In my review of the core set of plugins on the site, I made a list of cookies associated with those plugins and have put that information together so you can reference it when writing your cookie policy. You can check it out here: 

Cookie Reference


Third-Party Cookies

This website uses third-party services for some site features and functionality, as well as advertisting and marketing services. These third-party services may place cookies in your internet browser when you visit this site. Third-party cookies are specific to the third-party’s domain (example: Google Analytics and google.com), or service. The owner of this website does not have control over the cookies themselves or what personal data they may gather. The website owner cannot view or manage the data related to any third-party’s cookies.

Please, please, please, don’t rely on the information here or in any other communications from Austin DesignWorks as being 100% accurate or thorough. I’m certain that there are things not included here that you will need to address. Official policies and agreements should be the only source you rely on for disclosing the ins-and-outs of cookies and privacy of/with third-party services. I’m not even close to being an expert and, if you’re an affiliate, you have certain terms that must be met legally on which I cannot advise.

Google Analytics

Some third-party services used on this website may place Google Analytics cookies in your browser. This website has no control over those cookies or any data they may collect.

Common Cookie Name(s):
__utma, __utmt, __utmb, __utmc, __utmz, _dc_gtm_*, AMP_TOKEN, _gac_*

Google Analytics Cookie Usage
Google Privacy Policy
Google Cookie Types
Google Analytics provides an Opt-Out Browser Add-on
 

AFFILIATE Cookies

If you are using affiliate links from Amazon or other online retailer, you will to disclose this and that the retailer will place a cookie on their device when they click the link. Essentially, the cookie will “tag” your website so that you receive your commission.

 

Associates Program Operating Agreement:
https://affiliate-program.amazon.com/help/operating/agreement

Associates Program Policies (see section 4e):
https://affiliate-program.amazon.com/help/operating/policies

Amazon Privacy Notice: https://www.amazon.com/gp/help/customer/display.html?nodeId=468496

http://www.authorityazon.com/90-day-amazon-affiliate-cookie-frequently-asked-questions/

http://www.garethjames.net/affiliates-guide-cookies/

Socia Media Buttons

This website provides ways to share our pages and blog posts to social media websites such as Facebook and Twitter. If you choose to share content from this site through any of the social media buttons on this site, be aware that these sites are likely to collect information about your online activities. This site has no control over placement of those cookies and how they function, therefore it is recommended that you review the official privacy policy of the respective social network to find out more about their use of your information and/or how to opt out or delete such information.

Facebook: http://www.facebook.com/about/privacy/ 
Twitter: http://twitter.com/privacy 
YouTube: http://www.youtube.com/static?hl=en&template=privacy 
LinkedIn: http://www.linkedin.com/static?key=privacy_policy
Google: https://policies.google.com
Pinterest: https://policy.pinterest.com/en/privacy-policy
Tumblr: https://www.tumblr.com/privacy
 

YouTube

This website uses YouTube to deliver video content. YouTube cookies enable you to view any YouTube-embeded videos included on this site’s pages or blog posts. The expiration date of these cookies vary; some expire after a session ends or a browser window is closed, and some end after 20 years. 

If you’re embedding ALL YouTube videos using the privacy-enhanced embed code, you can use text similar to the following: 

This website embeds videos from YouTube using YouTube’s privacy-enhanced mode. YouTube cookies may be set on your computer after you click on the YouTube video player, but YouTube will not store any personally identifying information for playbacks of videos embedded with privacy-enhanced mode. To find out more, please visit YouTube’s embedding videos information page.

Things to consider:

  • To use this text, ALL YouTube content must be embedded with the privacy-enhanced code.
  • If your site currently has YouTube videos that are NOT embedded using the code, then you cannot use this text OR you must go through your site and re-embed all YouTube videos using the privacy-enhanced embed mode.

The WordPress core doesn’t automatically embed videos with the privacy-enhanced embed code, so this code must be generate at YouTube from the page of the video. See: https://youtu.be/wha2v8hhS1M

Common YouTube cookies:
APISID, CONSENT, HSID, LOGIN_INFO, PREF, SAPISID, SID, SSID, VISITOR_INFO1_LIVE, YSC, 1P_JAR, DV, NID

YouTube (Google) Privacy Policy: https://policies.google.com
 

SoundCloud

This features audio content from SoundCloud, a service that delivers audio content managed by SoundCloud Limited. If you visit a page on this website with embedded SoundCloud audio content, SoundCloud.com will place a cookie (sc_anonymous_id) to enable the SoundCloud player. It may also place others, so please review SoundCloud’s privacy and cookie policies for more information.

SoundCloud Cookie Policy: https://soundcloud.com/pages/cookies
SoundCloud Privacy Policy: https://soundcloud.com/pages/privacy
 

Advertising and Marketing

 If you’re using Facebook pixels or any other marketing code or plugin, you MUST put information about that here. Include what cookies are involved, what the code is doing, what personal data it may be collecting, if it’s tracking the user, etc.

Your site visitors NEED to know what they’re opting into by accepting cookies related to marketing. They are typically the most intrusive cookie in regards to personal privacy.


Other Cookies

This website may cease usage of some cookies and introduce others from time to time to improve user’s experience. Any changes will be reflected on this Cookie Policy page.


Managing Cookies

Most browsers (Internet Explorer, Firefox, Chrome, Safari, Opera, etc.) are configured to accept cookies but allow users to manage those cookie settings and provide ways to delete cookies. These are official instructions for major browsers:

For more information about cookies, see http://www.allaboutcookies.org