Cookies meaning

This Practice Note sets out detailed, relevant guidance on the principal legal and regulatory compliance obligations that a website operator should take into account within the EU, covering the following areas: the type and functionality of the website information disclosure requirements consumer protection data protection and privacy cookies accessibility cyber security platform-to-business online payments advertising, promotions and direct marketing AI competition law taxation liability for third party content intellectual property and observance of copyright geographic and territorial considerations Topics such as electronic data interchange (EDI), blockchain, smart contracts, or sector-specific laws and regulations—including those relating to financial services, intermediation services, or online auctions—fall outside the scope of this Practice Note. This Practice Note addresses only legislation that has been adopted to date by the EU. For further details on ongoing initiatives that may materially affect websites operating in the EU, also see Practice Note: Key EU digital...

Required document or action Compliant? Does your site include the necessary legal and regulatory statements? (See Precedent: Website terms and conditions of use) Do you maintain a procedure for approving, publishing and withdrawing website content?...

This Checklist outlines the principal considerations a legal adviser to an e‑commerce business (whether in‑house or external) should review to help the organisation comply with applicable e‑commerce laws and to manage legal risks particular to an online trading environment. It is suitable for e‑commerce businesses selling to consumers (B2C) as well as to other businesses (B2B). It does not cover matters that are generally relevant to all businesses (eg compliance with general data protection record‑keeping obligations, health and safety, employment law, taxation, and so on). For further guidance on e‑commerce, see Practice Notes: Business to business e‑commerce—introduction Business to business e‑commerce—legal issues Business to consumer e‑commerce—legal issues A. Website terms and information—ensure the following are in place Terms of use (of the website) It is prudent to include terms that explain the basis on which the website is provided and accessed. Common provisions include disclaimers, essential information and contact details, user obligations, and intellectual property rights, among others. See Practice...

The consumer groups claim that Meta, parent company of Facebook, violated the EU's General Data Protection Regulation (GDPR) by creating a smokescreen to obscure its data harvesting. Groups within BEUC (the European Consumer Organisation) — which represents 45 independent consumer groups across 31 countries — have submitted complaints to their national data protection authorities. A ‘consent-or-pay’ paywall enables internet users to access a website free of charge if they consent to the use of cookies — blocks of data generated by a web server. Users who refuse consent can visit the site only if they pay...

In this issue: Data Protection ePrivacy Cybersecurity Reputation management Confidential information Daily and weekly news alerts New and updated content Data Protection ICO reprimand Levales Solicitors LLP under Articles 32(1)(b) and (d) of UK GDPR The Information Commissioner’s Office (ICO) has censured Levales Solicitors LLP for breaches of Article 32(1)(b) and (d) of the United Kingdom General Data Protection Regulation, Retained Regulation (EU) 2016/679 (UK GDPR), after a security incident. A threat actor entered the firm’s cloud-hosted server using valid credentials and released sensitive data on the dark web, affecting 8,234 individuals in the UK; 863 were assessed as high risk given the sensitivity of the information. The ICO’s inquiry concluded the firm failed to ensure the ongoing confidentiality of its processing systems and had not deployed sufficient organisational measures to safeguard personal data. See: LNB News 14/10/2024 31. ICO reports on criminal record and suspended sentence handed to former RAC employees for personal information...

In this issue: Data protection and cybersecurity Financial services Insurance and reinsurance International trade Daily and weekly news alerts New and updated content Trackers Data protection and cybersecurity Comment—Google's reversal on killing cookies may prompt EU ad sector proposals MLex reports that Google’s revised plan, giving people greater control over how online adverts are delivered, is expected to draw rigorous scrutiny from European Commission officials, as they contemplate potential legislative measures on web cookies and digital advertising in the coming months. See News Analysis: Comment—Google's reversal on killing cookies may prompt EU ad sector proposals. X suspends processing of personal data of EU and EEA users to train AI tool The Irish Data Protection Commission (DPC) has reached an agreement with X, under which the platform will pause processing of personal data contained in the public posts of X’s users in the EU and the EEA, between 7 May and 1 August 2024, for...

This Practice Note This Practice Note offers a high-level overview of the data protection framework relevant to direct marketing, particularly how such activities may give rise to compliance obligations under the Assimilated Regulation (EU) 2016/679, the United Kingdom General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR 2003), SI 2003/2426. It is aimed at commercial organisations in the UK, with further, scenario-specific guidance signposted. The main difficulty in direct marketing is determining what the UK GDPR and PECR 2003 permit and whether consent is needed, which will differ according to the activity undertaken and the audience targeted. This Practice Note reflects the following ICO guidance: Direct marketing guidance Direct marketing using live calls Making live marketing calls about claims management services Making live marketing calls about pension schemes Direct marketing using electronic mail Guide to PECR, cookies and similar technologies Guide to PECR, what counts...

What is digital health? Digital health is a broad umbrella describing how information and communication technologies are used to enhance prevention, diagnosis, treatment, monitoring, and the management of health conditions and lifestyle habits that influence wellbeing. Its rise reflects the coming together of healthcare and technology, and a move away from provider‑focused, ‘one size fits all’ delivery towards personalised, patient‑centred care. This Practice Note explores data protection considerations across three digital health use cases: Wearables Use of artificial intelligence (AI) in medical diagnostics Digital health records Unlike mobile health (mHealth), which is limited to care delivered via mobile devices, digital health is wider in scope. It encompasses modern care models such as digital therapeutics, telemedicine, digitised health systems and electronic health records, as well as AI, machine learning and data analytics. For more on mHealth, see Practice Notes: Digital health—regulation of mHealth apps and medical software and mHealth—data protection considerations. Digital health solutions can be applied at every stage...

This Practice Note sets out the principal Irish legal and regulatory points a website operator should consider when running a site, such as: The type and functionality of the website Information disclosure requirements Consumer protection Privacy and data protection Cookies Accessibility Cybersecurity Platform-to-business Online payments Advertising, promotions and direct marketing Competition law Taxation Liability for third party content Intellectual property and respecting copyright Geographic and territorial considerations Consideration of electronic data interchange (EDI) arrangements, blockchain, smart contracts or sector-specific laws or regulations, including those applicable to financial services, intermediation services or online auctions, is outside the scope of this Practice Note. The type and functionality of the website Applicable compliance duties and rules differ according to a site’s nature, functionality or purpose. Pinpointing these characteristics is the crucial first step for an operator to establish its Irish legal and compliance obligations. For example, is the website ‘information only’;...

This Precedent sets out a broad template for a website privacy policy, informing data subjects about how a site operator gathers personal data, the lawful grounds for processing, subsequent uses and potential recipients. It has been prepared to meet the EU GDPR’s information and transparency obligations, taking account of guidance from the European Data Protection Board (EDPB). The website privacy policy sits within a wider collection covering website terms of use, e‑commerce, privacy and cookies. Where cookies or similar tools are deployed, a distinct cookie policy is required. See Precedent: Ireland—Cookie policy. EU GDPR and UK GDPR Designed for commercial organisations established in Ireland, this Precedent reflects EU GDPR requirements. It also offers optional clauses for Irish organisations that maintain a UK establishment and/or provide goods or services to, or monitor the behaviour of, people in the UK, bringing them within the scope of equivalent UK data protection laws. The UK GDPR and EU GDPR regimes are largely consistent...

1 Introduction Our website is a key channel for engaging with existing and prospective clients and is a significant expression of our brand. Accordingly, it is essential that our website activities are managed appropriately. This policy explains our procedures for running the website, including: who holds responsibility for website management; content governance; website security and data protection; permitted and prohibited use; linking; accessibility; client confidentiality. 2 Responsibility The [ state who ] holds overall responsibility for managing our website. Their responsibilities include: authorising and supervising content; ensuring the website meets legal and regulatory requirements; overseeing linking arrangements; maintaining the website terms and conditions and the privacy policy; and carrying out an annual review of this policy to confirm it operates effectively. 3 Cookies and other...

1 General information Review date [ Insert date ] Person(s) carrying out the review [ Insert name(s) ] 2 Review and findings Is your Website management policy, along with its processes, current and suitable for purpose? ☐ Yes ☐ No— be sure to record an action point in section 3 below Is your Website privacy policy current and appropriate for its purpose? ☐ Yes ☐ No— be sure to record an action point in section 3 below Are your Website terms and conditions current and appropriate for purpose?...