Complying with the new cookie regime: practical steps (GDPR and DPA 1998 and PECR) | Practical Law

Complying with the new cookie regime: practical steps (GDPR and DPA 1998 and PECR) | Practical Law

An overview of the practical steps that businesses should take if they want to achieve compliance with the new data protection regime governing the use of cookies.

Complying with the new cookie regime: practical steps (GDPR and DPA 1998 and PECR)

Practical Law UK Practice Note 0-517-0695 (Approx. 19 pages)

Complying with the new cookie regime: practical steps (GDPR and DPA 1998 and PECR)

by Practical Law Data Protection
Law stated as at 24 May 2018United Kingdom
An overview of the practical steps that businesses should take if they want to achieve compliance with the new data protection regime governing the use of cookies.
Please note: We have replaced this overview with Practice note, Cookies: UK issues and the impact of the GDPR and DPA 2018 (UK) to reflect the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (SI 2019/419) which came into force on 29 March 2019 and formally amended PECR to reflect GDPR consent.
This resource is currently being updated in the light of the UK leaving the EU on 31 January 2020. However, during the transition period the UK will continue to be treated for most purposes as if it were still an EU member state, and most EU law (including as amended or supplemented) will continue to apply to the UK (see Brexit essentials: Q&As on agreements, timeframes and no deal: What happens during the transition period?). This will mean, for example, the continued participation of the UK in the EU customs union and single market, the continued application of the four freedoms, and the continued application of the usual EU supervisory, judiciary and enforcement mechanisms, including CJEU jurisdiction. Accordingly, the guidance contained in this resource remains materially valid and applicable. This resource will be updated again at the end of the transition period when the changes made by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (SI 2019/419) take effect (see Article, Practical Law Data Protection: what to expect in 2020: UK data protection law post-Brexit). The transition period will end on 31 December 2020 unless extended for up to one or two years before 11.00 pm (UK time) on 30 June 2020. For more information, see Practice notes, Future UK-EU relationship: negotiations: Data protection, European Union (Withdrawal Agreement) Act: Transition period and Brexit: transitional arrangements.