My Data Protection Diary (6 TH !) | Blog 2020

My Data Protection Diary (6 TH !)

What a thrill to be here again for the sixth 'My Data Protection Diary', the last for this 2020... now there are very few days left until the end of this year and I am so grateful to have shared with you this series about my profession and my business sector!

In fact, I’m going to take this opportunity to express some of my thoughts on these blank pages, which I am ready to fill with new and interesting topics on data protection.

I selected one of the most engaging and insightful lessons with Kellie, ending the year with sparkling reflections and bombshell information! Clarifying a hot topic in our society: cookies (and I am not talking about biscuits ;))

‘Cookies are small files that are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website and are accessible from the web server or client computer. This allows the server to provide a page tailored to a particular user, or the page itself may contain a script that is aware of the data in the cookie and therefore is able to carry information from a visit to the website (or related site). to the next.’ 

Starting from this definition, the thought in my mind arose spontaneously. Cookies are excellent tools to understand customer needs as well as being ‘data containers’. 

Here, exactly, from my reflection our lesson was born! Are you ready for a new dive into data protection?

G.P.: Cookies are containers of information that range in functionality, from security and performance of the website through to advertising.  We can see the effect when we visit a website with adverts, often related to our browsing history.  Sometimes the ‘cookie banner’ asking for our consent to place cookies is not on a website or the wording is wrong.  Yet consent is the lawful basis for non-essential cookies (e.g. advertising) and companies should be transparent about their use, as outlined by the first principle of the General Data Protection Regulation. So, Kellie when is consent needed to install cookies on a user’s device and who defines the guidelines?

K.P.: I love this topic Giulia. Good question!

Consent for non-essential cookies must be informed and based on an explicit and positive action; non-compliant actions include continuing navigation, such as clicking a link or scrolling the page.  There are cookie consent management tools which can help organisations provide choice and transparency to their web visitors.

For essential cookies, consent is not required, because they are active only for the period necessary for the transmission or provision of the requested service. Indeed, they are not used for purposes other than the request.

For non-essential cookies (such as Google Analytics, Facebook pixel, other marketing or targeting cookies etc.) consent is required, before the cookie is placed on the user’s device.

The correct use of cookies is explicit in the guidelines provided by the ICO. Unfortunately, most companies do not follow these guidelines as they limit the insight into consumer preferences. If you can’t find the consent box to accept cookies, it’s either because the company only uses essential cookies (very rare) or because the cookies have already been downloaded by the company and you do not have the possibility to consent whether to accept cookies or not!

G.P.:  Wow Kellie, great to know all this. I have taken various marketing courses and have heard of cookies as a great tool for companies to expand their business and to understand customer needs. But I have never found myself studying what the provisions to be followed are, so that the use of cookies complies with the respect and security of data and information of potential customers. 

In your opinion, what are the key suggestions to make sure organisations are correct in their processing of personal data of their website visitors?

K.P.: It is a real pleasure for me to answer this question and share key advice for the appropriate use of cookies. As a data protection expert, for me there are two important steps to follow to guarantee that visitors are informed about the use of their data.

Choice is essential!  People should be able to choose whether or not they accept the cookies you are using.  Tell them what type of cookies they are and the purpose for which their data is collected by your software. Furthermore, the choice should include the possibility for those who do not accept cookies to have the same visibility of the website as those who give their consent. There are many websites that "force" you to accept cookies in order to read their content, not giving you the option not to accept them.

My first suggestion Giulia is to give all visitors the freedom to choose and respect their choices! If you do not want to accept our cookies, you can still use all the information contained on our website! 

Also, as a second piece of advice, I recommend that all companies invest in consent, because you cannot rely on passive or implied consent. Be transparent in explaining your company's terms and conditions, provide a clear list of whether a customer wants to receive updates after purchasing a product and how they want to receive them (by email, text message... or I do not wish to receive information or your updates...). Consent and transparency in handling customer data are a fundamental ingredient for the reputation of any company.  This includes cookies, and there are some excellent cookie consent tools that can help organisations with this issue.

G.P.: Thank you Kellie for always helping me to look at the world of Marketing from a data protection perspective. I am grateful to have received this information which I share with you all today on my last page of this year's blog! I recommend to all marketers two training sessions that Kellie will be holding, this month and in January. I recommend training on data protection in general, suitable for every individual who wants to understand this world more and understand if their work is truly compliant with respect for the security of the data they deal with.  And finally, I recommend training for all individuals who work within the Marketing sector.  What can I say about this course? Well, we talk about consent and cookies, and an expert in the field will be answering your questions. If you use cookies and different marketing channels, do not hesitate to start 2021 safely!

You can find more details about the training via the following links and, if you’re curious, do not hesitate to talk to me about the ways these courses could impact on your profession.

Thank you so much for following my monthly diary entry and... I look forward to seeing you in January with a new blog page full of news ready for 2021!

See you in next year…

Giulia xx

The information and remarks provided in this article represent insight and guidance for best practice which is correct or valid or appropriate at time of publication.

Latest News & Events

What Is a Data Leak and How Do They Happen?

Data leaks are a serious problem for organisations and individuals. In this day and age, individuals freely provide personal information to organisations, therefore a data leak can have a significant impact on both the company and the person. They often involve the exposure of personal data (such as name, address and financial details), with additional damage to the company or organisation in terms of potential financial loss and reputational damage.

Read more

Contact Databasix

Tel 01865 346080

Get Data Protection Services t/a Databasix
is a registered company in England & Wales.
Registration No. 15292208

Unit B Oakwood
Oakfield Industrial Estate
OX29 4TH

Supported by Business Resilience secured by OxLEP Business
Supported by Business Resilience secured by OxLEP Business