1. Be upfront about the data you’re collecting. If your cookie notice is vague about why cookies are used or who can access the data, you’re already on shaky ground. Make sure it clearly explains the purpose of each cookie, how long data is stored, and whether any third parties are involved.

2. Get proper consent – without any shortcuts. Under UK GDPR and PECR, businesses must obtain meaningful consent before using any non-essential cookies. No auto-ticked boxes, vague explanations, and hidden settings! If cookies aren’t essential for functionality visitors must actively choose to allow them.

3. Make consent choices easy to find and easy to change. The ICO is clear: consent must be based on a deliberate, informed action. Visitors should have simple controls that let them turn non-essential cookies on or off. Users shouldn’t have to hunt through multiple menus to opt out.

4. Keep all your website policies aligned. Your cookie notice shouldn’t exist in isolation. To avoid non-compliance and complaints it needs to dovetail neatly with: • Your Privacy Policy • Website Terms • Contracts with analytics, hosting, and marketing providers

Need a Second Pair of Eyes? If you’re unsure whether your current cookie banner is fully up to scratch, you can speak to Richard Jenkins for a no-obligation chat: 📞 024 7698 0613 ✉️ [email protected]