How do I get Compliant?

If you have worked your way through this website progressively, you should already have a good idea of what is required by now.
If you have jumped straight to this page, we suggest looking at our What is a Cookie Audit? section before continuing.
Now that you know what cookies your website uses, and you have categorised them according to the ICO/ICC recommendations, your next step is to inform your website visitors BEFORE you set any cookies, and let them decide whether to opt in or out.
How you go about this is a matter of personal preference, and you will see a number of differing approaches when you browse other websites on the internet. Although there is no 'black' or 'white' solution, there are some clear do's and don'ts...
DO
- Be honest and transparent about your cookie usage
- Allow visitors to opt out of accepting non-essential cookies
DO NOT
- Set non-essential cookies without express permission
- Bury information about your cookies in a privacy policy page
- Ignore the legislation and think that it will just go away
So what are the options?
Javascript Alerts
The easiest and most basic solution to implement, but it is also the most obtrusive and could well put visitors off your website completely. The other obvious draw-back is that these will not work if Javascript is disabled (currently accounts for 10-11% of website visitors on average).
Pop-up Windows
Another approach is to use a 'pop-up' window requesting permission before setting any cookies. This approach has been used by a number of websites, but it can appear alarmist and intrusive. So much so that some websites make the window disappear after a short time, and if you didn't click on the button they assume 'implied consent'. Read about the pro's and con's of implied consent' to make your informed decision.
Cookie Policy Page
You could create a page on your website which details your cookie usage, and includes a simple 'accept or decline cookies' form. If you take this approach, you must provide prominent links to this page throughout your website, and not just bury it amongst your privacy policy or terms and conditions.
The No Nonsense Approach
By using a discrete banner at the top of the page, that (if accepted) sets a Compliance Cookie and then goes away, we do not intrude on the website layout or visitor experience. The customisable 'more info' section is used to display a brief summary of the cookies used on the website (based on our Cookie Audit), and a link to our No Nonsense Cookies website which provides full details for those that are interested.
Note: although our solution does include a little JavaScript, it still works perfectly even if JavaScript is not enabled. Try it and see for yourself ;-)
By taking this approach we put the visitor in control. They can choose to accept or decline cookies after reading as much or as little information about them as they like. In short - "Informed Consent!".
A few useful tips:
- Following the EU Cookie Legislation to the letter can be a lengthy task, depending on the complexity of your website. The approach you take should be tailored to your available time and/or budget, but you MUST be seen to be doing something! Please see Why should I bother? if you are in any doubt.
- Try to design your website so that it still functions well without the use of non-essential cookies or JavaScript, and try to provide alternative methods where possible.
- Get as much user feedback as you can, and modify your compliance implementation if necessary.
- Analyse your website traffic stats carefully. Has your implementation had a significant impact? If so, try to find out why.
We feel that this 'Informed Consent' approach is more visitor-friendly than the 'Implied Consent' alternative. Please see What is Implied Consent? and make your own choice.