Understanding Website Cookies and the Law
What are these cookies?
Cookies make your life as a website user much easier because you do not have to log in every time you visit the same page. Your online experiences can be personalised to your preferences.
Does my website contain cookies?
What does our South African laws say?
Yes. POPIA does not explicitly mention cookies, but POPIA does apply.
- A cookie can contain personal information
- The definition of electronic communication means “any text, voice, sound or image message sent over an electronic communications network which is stored in the network or in the recipient’s terminal equipment until it is collected by the recipient” (which can include cookies).
- The definition of personal information includes an online identifier (which can include cookie identifiers).
- The definition of a unique identifier “means any identifier that is assigned to a data subject and is used by a responsible party for the purposes of the operations of that responsible party and that uniquely identifies that data subject in relation to that responsible party” (which can include cookie identifiers).
- If personal information (including by using cookies) is collected, the responsible party must take reasonably practicable steps to ensure that the data subject is aware of many things (section 18).
- One of the duties of the Information Regulator is to monitor the use of unique identifiers and make recommendations to Parliament on the need to take legislative, administrative, or other action (section 40(1)(b)(vii)).
- The regulator must consider any developing general international guidelines relevant to the better protection of individual privacy (section 44(1)(d)).
- The “responsible party must obtain prior authorisation from the Regulator … prior to any processing if that responsible party plans to process any unique identifiers of data subjects:
- for a purpose other than the one for which the identifier was specifically intended at collection; and
- with the aim of linking the information together with information processed by other responsible parties” (section 57).
- Direct marketing by means of unsolicited electronic communications to prospects requires consent (section 69).
What can I do to comply with the Cookie Policies?
- Comply with the law by having an up-to-date cookie notice and policy.
- Get consent from visitors through pop-ups by asking for our advice.
- Read up more on the latest international and national cookies privacy laws.
- Contact us (Print and Web Designs) to help you setup your privacy statements and pop-ups for your website.
- Order your security features from us to help us set it up for you – from the store link here