Understanding Website Cookies and the Law

Understanding Website Cookies and the Law

Understanding Website Cookies and the Law

What are these cookies?

Cookies are text files transferred from your browser to your computer’s hard drive. They store information about your activity on a browser. Companies worldwide use cookies to monitor user behaviour and to improve website interactivity. Cookies store certain personal information you provide on a website. This personal information should be processed in accordance with the conditions for lawful processing of personal information required by POPIA. Personal information collected using cookies must be safeguarded and if this includes credit card information an appropriate level of security must be implemented. Cookies only store information from your browser, they cannot access data on your hard drive. Cookies are text files that cannot transfer viruses to your computer or mobile device.

You will notice when you search for a specific product, ads relating to that product appear on other sites you visit.  When you log onto a website that uses cookies and later re-visit it, the cookies allow the website to ‘remember’ you. It will for instance remember items in your shopping cart or that your language preference is English.

Cookies make your life as a website user much easier because you do not have to log in every time you visit the same page. Your online experiences can be personalised to your preferences.

Does my website contain cookies?

The chances are your website does use cookies. If your website have been designed by Print and Web Designs – the answer will be yes. One of the basic setups we do is connect your website with Google Search Console and Google Analytics to improve and pull stats on your websites’ performance. These stats are pulled using cookies on your clients websites’ browser to check which country they are from, the keywords they used to find your company’s website, the pages they are interested in and how many times they return to those pages. If you want to double check if your websites uses cookies – there are free tools you can use to check, here is one tool you can use: https://www.cookieyes.com/cookie-scanner/

What does our South African laws say?

The South African Protection of Personal Information Act (POPIA) requires a cookie notice and policy

Yes. POPIA does not explicitly mention cookies, but POPIA does apply.

  • A cookie can contain personal information
  • The definition of electronic communication means “any text, voice, sound or image message sent over an electronic communications network which is stored in the network or in the recipient’s terminal equipment until it is collected by the recipient” (which can include cookies).
  • The definition of personal information includes an online identifier (which can include cookie identifiers).
  • The definition of a unique identifier “means any identifier that is assigned to a data subject and is used by a responsible party for the purposes of the operations of that responsible party and that uniquely identifies that data subject in relation to that responsible party” (which can include cookie identifiers).
  • If personal information (including by using cookies) is collected, the responsible party must take reasonably practicable steps to ensure that the data subject is aware of many things (section 18).
  • One of the duties of the Information Regulator is to monitor the use of unique identifiers and make recommendations to Parliament on the need to take legislative, administrative, or other action (section 40(1)(b)(vii)).
  • The regulator must consider any developing general international guidelines relevant to the better protection of individual privacy (section 44(1)(d)).
  • The “responsible party must obtain prior authorisation from the Regulator … prior to any processing if that responsible party plans to process any unique identifiers of data subjects:
  • for a purpose other than the one for which the identifier was specifically intended at collection; and
  • with the aim of linking the information together with information processed by other responsible parties” (section 57).
  • Direct marketing by means of unsolicited electronic communications to prospects requires consent (section 69).

What can I do to comply with the Cookie Policies?

  • Comply with the law by having an up-to-date cookie notice and policy.
  • Get consent from visitors through pop-ups by asking for our advice.
  • Read up more on the latest international and national cookies privacy laws.
  • Contact us (Print and Web Designs) to help you setup your privacy statements and pop-ups for your website.
  • Order your security features from us to help us set it up for you – from the store link here
Spread the love

Leave a Reply