The 60 second version
Concerned about this subject but short of time? Here’s what you need to know in 1 minute:
- We DO NOT store personal information in cookies
Need More Information ?
When did the law change and who enforces it?
The original EU legislation that became known as the “E-Privacy Directive“ was published in 2003 and implemented as European Directive – 2002/58/EC. It was concerned quite widely with the protection of privacy in the electronic communications sector. In 2009 the Directive was amended by Directive 2009/136/EC that included a requirement to seek consent for cookies and similar technologies. The EU Directive entered UK law on 26th May 2011 as “The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011”. It is regulated by the Information Commissioner’s Office (ICO) www.ico.gov.uk who decided that enforcement would commence from 26th May 2012.
What are cookies?
A cookie is used by a website to send ‘state information’ to a Users’ browser and for the browser to return the state information to the website. The state information can be used for authentication, identification of a User session, User preferences, shopping cart contents, or anything else that can be accomplished through storing text data on the User’s computer.
Cookies cannot be programmed, cannot carry viruses, and cannot install malware on the host computer. However, they can be used to track users’ browsing activities which was a major privacy concern that prompted European and US law makers to take action.
Cookies are used by most websites for a variety of reasons – often very practical reasons to do with the operation of the website. However, they are also used to monitor how people are using the website (which pages are visited and how long is spent on each page). Each “visitor session” is tracked even though no effort is made to try to identify them in person.
The new legislation now states that you must be able to opt-out from having cookies stored on their computer.
What happens if you disable cookies (i.e. opt-out)?
If you decide to disable cookies we record this so you don’t get asked the question again. You will find that most of the website works as expected although functions that rely on cookies are obviously disabled. These functions include using online forms (e.g. our enquiry form) or any feature that requires login. We use a cookie to remember your cookie preferences, this has a couple of consequences:
- If you delete all your cookies you will have to tell us your preference again
- If you use a different device, computer profile or browser you will have to tell us your preference again
What happens if you ignore the question?
If you ignore the question the website will continue to set cookies as necessary. This approach of “implied opt-in” is specifically discussed and approved in the guidance notes issued by the Information Commissioner’s Office (the organisation charged with enforcement of this legislation).
“Strictly Necessary” cookies let you move around the website and use essential features like secure areas and online billing. These cookies don’t gather any information about you that could be used for marketing or remembering where you’ve been on the internet.
|apache||This cookie is set to provide a unique identification of the User and is passed back to the server with each subsequent request. The cookie allows us to distinguish between requests from multiple Users vs. multiple requests from the same User. The information is used by many features of the Content Management System as well as the systems responsible for protecting the website from abuse (e.g. a Denial of Service attack).||one “session” (i.e. until the browser is closed)|
|cookie_option_shown||This cookie controls whether the “privacy options” tab has been shown to the use. The tab appears only once per session on the first page that the User lands on.||one “session” (i.e. until the browser is closed)|
|privacy_preference||This cookie is set to record the fact that a User has opted to disable cookies.||1 year from set/update.|
|privacy_cookie_status||This cookie is set to record the fact that a User has opted to enable cookies.||1 year from set/update.|
“Performance” cookies collect information about how you use our website e.g. which pages you visit, and if you experience any errors. These cookies don’t collect any information that could identify you – all the information collected is anonymous and is only used to help us improve how our website works.
We use Google Analytics to monitor usage of the website. Google Analytics collects information anonymously. It reports website trends without identifying individual visitors (not by name or IP address).
|__utma||This cookie is typically written to the browser upon the first visit to your site from that web browser. If the cookie has been deleted by the browser operator, and the browser subsequently visits your site, a new __utma cookie is written with a different unique ID. This cookie is used to determine unique visitors to your site and it is updated with each page view. Additionally, this cookie is provided with a unique ID that Google Analytics uses to ensure both the validity and accessibility of the cookie as an extra security measure.||2 years from set/update.|
|__utmb||This cookie is used to establish and continue a user session with your site. When a user views a page on your site, the Google Analytics code attempts to update this cookie. If it does not find the cookie, a new one is written and a new session is established. Each time a user visits a different page on your site, this cookie is updated to expire in 30 minutes, thus continuing a single session for as long as user activity continues within 30-minute intervals. This cookie expires when a user pauses on a page on your site for longer than 30 minutes. You can modify the default length of a user session with the _setSessionCookieTimeout() method.||30 minutes from set/update.|
This cookie is no longer used by the ga.js tracking code to determine session status.
Historically, this cookie operated in conjunction with the __utmb cookie to determine whether or not to establish a new session for the user. For backwards compatibility purposes with sites still using the urchin.js tracking code, this cookie will continue to be written and will expire when the user exits the browser. However, if you are debugging your site tracking and you use the ga.js tracking code, you should not interpret the existence of this cookie in relation to a new or expired session.
|__utmz||This cookie stores the type of referral used by the visitor to reach your site, whether via a direct method, a referring link, a website search, or a campaign such as an ad or an email link. It is used to calculate search engine traffic, ad campaigns and page navigation within your own site. The cookie is updated with each page view to your site.||6 months from set/update.|
|_ga||This cookie is used with Google Universal Analytics. This cookie allows Google to track unique users via a client identifier that is randomly generated.||2 years from set/update.|
|_gat||10 minutes from set/update.|
“Functionality” cookies are used to provide services or to remember settings to improve your visit.
“Targeting” cookies are linked to services provided by third parties, such as ‘Like’ buttons and ‘Share’ buttons. The third party often provides these services in return for recognising that you have visited our website.