Privacy and cookies policy
From a lawyer's perspective, the key purpose of a website privacy and cookies policy is help a website operator comply with data protection and cookies legislation. In the UK, that primarily means compliance with the Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended).
Data protection legislation requires that "data controllers" disclose to "data subjects" information about the personal data that they collect and the ways in which it is processed. Failure to comply with data protection legislation may lead to civil liability and criminal law penalties.
This document was created for use by businesses based in the UK, to cover standard types of data collection and use. Although the UK data protection regime derives from EU law, there are differences in how that EU law has been implemented in the different member states of the EU.Ask about this document
Privacy and cookies policy contents
- Collecting personal information: personal information collected; disclosure of third party personal information.
- Using personal information: general uses of personal information; specific uses of personal information; publication of personal information on website; privacy settings; no third party direct marketing; third party provider of financial transaction services.
- Disclosing personal information: persons to whom personal information may be disclosed; disclosure to group companies; legal and regulatory disclosures; no other disclosures of personal information.
- International data transfers: transferring data to operating countries; transferring data outside the EEA; publication of personal data on internet; consent to international data transfers.
- Retaining personal information: data retention introduction; personal data retention default rule; personal data retention specific rules; personal data deletion exception.
- Security of personal information: personal data: technical and organisational security measures; personal information stored on secure servers; security of electronic financial transactions; data sent over internet is insecure; keeping password confidential.
- Amendments: amendment by publication; check for changes to policy; notification of changes to policy.
- Your rights: subject access requests; subject access: withholding personal information; no marketing instructions; consent to marketing communications.
- Third party websites: hyperlinks to third party websites; no responsibility for third party privacy policies.
- Updating information: correcting or updating personal information.
- About cookies: what are cookies?; persistent and session cookies; cookies and personal information; cookie tracking.
- Our cookies: types of cookies used; cookies used on website and purposes.
- Third party cookies: use of third party cookies; google AdSense cookies; third party cookie details.
- Blocking cookies: how to block cookies; negative impact of blocking cookies; effects on website use of blocking cookies.
- Deleting cookies: how to delete cookies; effects of deleting cookies.
- Cookie preferences: managing cookie preferences.
- Data protection registration: registered with ICO; data protection registration number.
- Our details: website operator name; company registration details; place of business; contact information.