Your website designer or software design platform may already have contacted you about this. The important fact is that GDPR significantly expands the notion of a “Data Subject”.
Under the Data Protection Act 1998, data privacy was related to the identification of “living persons”. Under GDPR (Article 4 and Recital 30), this now extends to any “identifier” which “directly or indirectly” could identify a Data Subject.
This may include such things as IP addresses (Internet Protocol address) or URLs, which are basically the internet addresses of your computer, laptop or network. Cookies may collect this data to do their work. There is still some dispute amongst experts as to the extent to which this activity actually breaches an individual’s privacy, but the current consensus is that it does.
Each website will have its own individual usage of Cookies and in the Template below we summarise the common types. Some are more inquisitive than others, for instance they may request and store the log-in details of an enquirer and/or enable the site to “remember” that user and their preferences (e.g. type size or language) the next time they log in. it depends on how complex or interactive your site is.
Finally, under GDPR it should be as easy for a Data Subject to withdraw consent as to give it. Your Privacy or Cookies Policy should be easily accessible and enable a user to modify their consent using tick-boxes.
(You should also be aware that Cookies are expressly covered by PECR – the Privacy and Electronic Communications Regulations 2011, which are, coincidentally, also being revised. (These Regulations prohibit the storage of any information on a user’s equipment unless the user is fully informed of the storage and has given consent.)
What are Cookies?
- For more information on Cookies, go to: www.AboutCookies.org
You can prevent the setting of Cookies by going to your web browser settings (go to the Help page in the browser menu). Depending on your browser type, you may be able to choose which types of Cookies you disable.
The Cookies we set
[You will need to identify which types of Cookies are actually used on your website – and, optionally, to list their filenames if you wish. It is probably unlikely that dental websites will contain Category 4 Cookies and this section can then be deleted] There are different types of Cookie. We use the definitions of the International Chamber of Commerce.
1. Strictly Necessary Cookies These Cookies are essential for you to be able to move around our website and use its features. They do not collect information that can be used to contact you outside this site, and they do not remain on your device after you have finished looking at this site (known as “session Cookies”).
2. Performance Cookies These Cookies collect information about how visitors use our website, such as which pages are viewed, how often, and whether it is working well. This data is used only when aggregated and does not identify you as a single visitor. These Cookies may be sent to a third party, such as Google analytics so that we can see how many people (but not who they are) have used our site. These are also session Cookies.
3. Functionality Cookies These Cookies allow our website to remember any preferences you have such as text size. They may also allow you to watch videos, blogs or access our social media pages, or to leave comments or messages for us. These Cookies may remain in place for a time after you have left our website (“Persistent” Cookies).