By now, we all know about GDPR and cookie consent tools, but how can you actually see what cookies each website is storing and collecting from you? Keep reading to find out how you can view cookies on each website that you browse.
What Are Cookies?
Cookies are text files containing small pieces of data that are used to identify your computer and are used by a website to store information. Data stored in a cookie is created by a server upon your connection, and the data is labelled with an ID.
This data is passed between your browser and the network server, which reads your ID to know what information to serve to you. Your browser stores this cookie on your device.
The data may include your preferences – such as language, font size, location. This helps the website to track your visit and activity, such as keeping your items in a shopping cart whilst you explore the site.
There are different types of cookies, some of which include:
Session Cookies – used only when a user is actively navigating the website, and disappears once the session ends
Persistent Cookies – stored on a user’s device to help remember information and settings, which have an expiration date issued by a web server
Third Party Cookies – used to create long-term records of multiple visits to the same site
View Cookies in Address/URL Bar
You can also view cookies in the browser address bar (URL bar). To do so:
Click on the padlock symbol in the URL bar
Click on ‘Cookies’
Any cookies that you have consented to use will appear in the ‘Allowed’ tab, with blocked cookies appearing on the ‘Blocked’ tab. You can also remove cookies from here if you wish to.
How To View Cookies On Chrome
You can easily view which cookies a website is using:
Open Google Chrome
Load the website that you want to check
Right click and press ‘Inspect’
Go to ‘Application’
Scroll down to ‘Cookies’
You can also right click on the cookies and press ‘Clear’ to remove them.
Cookie Consent Bars
Once you click ‘Accept’ on a cookie consent bar on a website, you’ll see the cookies load in the right hand side on the Inspect tool. Watch the short video below to see this in action:
We build GDPR compliant websites that help you reach your target audience. Contact our friendly team now for more information.
When was the last time you updated your website’s legal documents?
It’s certainly not the sexy side of web design, but it’s important. Keeping the legal stuff on your website up-to-date may seem like an onerous task but it inevitably has to be done to protect your interests, as well as give your customers confidence in your products and services.
Website Terms & Conditions
These set out the parameters of the usage of your website, outline who you are as an entity, can form the basis of a contract of sale and protect intellectual property and information. The T&Cs required depend on the nature of your website and are best tailored to your specific circumstances.
Terms of Business
Whether you are B2B or B2C, outlining the way you do business and the rights and obligations of all involved parties is wise. Including these terms on your website means prospective clients can see what you’d be like to work with, and current clients have a quick point of reference.
Are you regulated by a professional body? Many organisations, such as the Financial Conduct Authority, require set terms to be plainly stated on your website. Many qualifications and memberships also require statements to be published outlining the standards you adhere to.
What to keep in mind
If you operate internationally you may need to have separate documents for each region as well as provide translated versions.
Failing to keep details up-to-date on documents and web pages could invalidate any claims or recourse that you pursue. So, that address change needs to be updated everywhere.
Depending on the nature of your website or business there could be very specific rules you need to follow, it is always wise to consult a legal professional to ensure you’ve covered all the bases.
Any documents you decide to add to your website should be converted to HTML so that they can be accessible and easily read by anyone. Formatting is important to get right so we do recommend that web professionals like ourselves add important wording and documents.
We recommend an audit of your small print to ensure everything is up to date. At the very least check the following are correct:
If you originally downloaded your terms and policies from a legal services website we advise checking to see if there are any updates to the version, or perhaps new policies that better match your current circumstances. Websites like Simply Docs, for example, have a vast array of website documents for specific trades and scenarios, which they keep up-to-date in line with current legislation.
Disclaimer: Now for a little small print of our own… Do not act upon any information on this website without first seeking advice from a qualified legal professional. Ballyhoo accepts no liability for your actions nor do we directly endorse any website linked to from our own. Phew.
When we talk about trust in websites, we could be referring to any number of things. Typically, website users are taught to look for a number of tell-tale signs as to whether or not the website they are using is safe (or trustworthy).
Safe and Secure
At the top of the list is usually the “padlock”. Does the website show a padlock in the left hand corner of the address bar? If it doesn’t, it is likely that any data you provide is not encrypted and could be intercepted. Checking for a padlock is good advice, the padlock shows that the site you are using has a valid SSL certificate and that it is secure. In some cases Google is starting to exclude sites that do not have an SSL certificate from its search results and, in other cases, is warning searchers that the site it is sending them to might be insecure.
Word of Mouth
Another sign that promotes trust within a website is reviews. Reviews show visitors how other users have found the experience of working with this organisation. Reviews validate the business and can give people confidence that the product or service they are about to purchase or order will be as described, the quality will be as they expect it to be, it will actually be delivered and what the companies customer service department is like.
It’s All Well and Good Ticking the Boxes…
All the usual methods of earning trust from an online visitor are absolutely necessary. These are the things that people are taught to look out for and if you don’t have at least an SSL certificate, then you are likely losing out on valuable traffic and conversions. However, it’s all well and good taking these steps to gain the trust of your visitors, but if your website is poorly designed, hard to use, frustrating, or generally not very pretty to look at, your customers still won’t trust you.
A website, whether it sells a product, a service or is there to provide information, is just like a physical store, if its not appealing to your audience, then it will lose business.
Think of it this way; it’s Friday night, you’ve had a busy week and you want to treat the family to a take away. You check out Tripadvisor to see what’s good in the area and the local Chinese has great reviews. Everyone is raving about the food and how great the service is and you can see that they have a great food hygiene rating. So, you hop in the car and make your way over. When you get there, there are a couple of dodgy looking characters hanging around outside, it puts you off slightly, but you squeeze past and make your way inside. As you open the door, a rancid smell smacks you in the face. You proceed to the counter wading your way through, what looks like, rat droppings and when you get there the hygiene of the person impatiently waiting to take your order seems questionable. Are you still going to place your order? Or are you going to try the other place a few doors down, that looks a bit newer and seems much nicer?
If the answer is “I’m going to try the nicer looking place down the road”, then read on. If not, then take a long, hard look at yourself in the mirror and consider getting some help.
Decide for yourself…
Take a look at these two sites:
Exhibit A is the website of a company that provides holiday courses for children. Exhibit B provides… exactly the same thing, in exactly the same areas. Neither of the websites have official reviews, but Exhibit B does have some testimonials. They both have a valid SSL certificate and show the secure padlock (at least on the booking/payment page). Which one would you feel safer handing your details over to? The answer is Exhibit B, and if you disagree, then take a long, hard look at yourself in the mirror and consider getting some help.
You are in the market for some home-brewing equipment, these two websites sell exactly the same products, for roughly the same prices:
Which one do you buy from? Exhibit A, right? It’s much nicer, seems more trustworthy and is generally more pleasing on the eye. What if I told you that it isn’t secure and doesn’t have the padlock in the address bar? Did you even notice, or just make your decision on how the site looks? (It does, by the way, so don’t bother checking, I’m just trying to prove a point).
What is the Point I am Trying to Prove?
My point is, if your website is secure and has trusted reviews, but doesn’t look as good as your competitors, then you are going to lose business.
If your website looks great but isn’t secure, you will be losing out on business too and you should definitely consider upgrading your hosting, especially if you want to comply with (and you 100% should) the new General Data Protection Regulation (GDPR) that comes into play on 25th May 2018.
If your website isn’t secure and looks terrible, then you need to take a long hard look at yourself in the mirror and consider getting some help!
GDPR is starting to become a familiar acronym. You may be aware of upcoming changes to the law concerning privacy, and perhaps you’ve even received a few scary emails saying that the end of data protection as we know it is nigh.
But what is it all about, really? And how will it affect your website? We want to let you know in real terms what you need to know and how Ballyhoo will aim to help you transition to new General Data Protection Regulation (GDPR) requirements.
Disclaimer: This article provides an overview of GDPR and does not constitute legal advice. Ballyhoo’s focus is on how to become website-compliant, and we have partnered with the specialist security firm, Aristi, should you require more in-depth information on best-practice within your organisation.
Are you ready for GDPR? Are you?!
GDPR will mean a shake-up of how we manage data consent and requires more stringent policies and possible changes to your website and data storage.
Despite the law not being enforceable until May 2018, we’ve already seen a lot of information circulating about how to comply. And quite rightly, it’s much better to prepare.
GDPR will mean a shake-up of how we manage data consent and requires more stringent policies and possible changes to your website and data storage. However, in the grand scheme of things, this is a positive development and, with a little foresight and proper management, it should be reasonably painless – especially if you are already on top of your duties under the Data Protection Act.
If you’re in any doubt about how to comply and what changes you may need to make to your website (and we can almost guarantee there will be some), we’ve created a GDPR audit service especially to help you meet your obligations.
So, what is GDPR?
GDPR is a new European Directive which focuses on the rights of the individual. It is being introduced to give people more control over how and where their data is in use.
GDPR supersedes the Data Protection Act 1998 (the DPA). We’ve made many technological advances in recent years, so GDPR takes into account how these affect the way we now store and use personal data. If you are already DPA-compliant, you are on the right track and may find that not much has to change.
As a website owner, you are responsible for any data received through your website; at a minimum, you probably have at least one contact form on your site. It’s more complicated for those of you who are selling products or taking bookings online as the amount of personal data required to carry out the purpose of the website increases.
Personal data now includes other information that can be used to identify an individual, other than the information they actively provide to you, like cookies stored on their devices and IP addresses.
Should anything go amiss, you’ll also have a legal obligation to report any data breaches promptly and in their entirety to the Information Commissioner’s Office (ICO).
When does GDPR come into force?
Despite the UK leaving the EU, our requirement to adhere to GDPR will not be affected, and compliance with legislation becomes mandatory on 25th May 2018.
That’s not to say you shouldn’t start complying straight away. Many businesses are already rolling out their GDPR-compliant privacy policies and systems, with the intention of ironing out the kinks over coming months.
To whom or what does GDPR apply?
Different rules apply depending on the size and scale of your organisation, but the basics are the same, whether you are an individual or a company. You might be large enough to have a dedicated data controller who can take the lead on GDPR, but many of the companies we work with aren’t, so we’ll do what we can to help you meet your responsibilities.
How enforceable is GDPR?
As a small business owner or SME, you still have a legal duty to comply, even if you’re not sure you’re large enough to be on the ICO’s radar. You shouldn’t face any sleepless nights as long as you protect the interests of your users. In a sense, it primarily comes down to ethics:
Are you giving customers enough information about how you will use their data?
Are they able to opt-in (as opposed to opt-out) of communications when they hand over their details?
Do they have the right to withdraw consent, if given, at a later date?
Are you doing your utmost to protect their data while it is in your possession?
We can see similarities here with the “Cookie Law” of 2011. Scaremongering was commonplace when this was introduced, and many websites went a bit OTT, but as long as you employ best practice, you should have nothing to fear.
However, you should be aware that non-compliance carries fines of up to €20 million or 4% of global annual turnover, whichever is greater.
What is Ballyhoo doing to comply?
From now on, we will develop every project undertaken by Ballyhoo with GDPR in mind, in advance of the law coming into force. We will discuss the requirements for compliance with clients and ensure everyone knows their responsibilities.
Ultimately, the onus is on you as a site owner to comply with GDPR, but we’ll do everything we can to help. For existing websites that we have built or manage, first and foremost we recommend that you take advantage of our new GDPR audit service.
Our audit has been designed to take a snapshot of your website or application so we can pinpoint where and how to make improvements. You’ll receive a report detailing our findings, and we can then work with you to implement a plan of action. Alternatively, you can take the audit results away and work through them at your own pace, or even with someone else if you prefer.
Typically we’ll look at:
Data encryption and SSL
User registration and contact forms
Opt-in and explicit permission for communications
Existing stored data
We will ensure that our hosting service has rigorous security protocols in place to protect data, and we’re currently working on a new hosting infrastructure to improve our service offering using the latest technologies and protocols. More will be announced on this soon.
New information and best practice on GDPR is continually coming to light so we will be monitoring the situation closely in the lead up to May 2018 and will keep you apprised of anything else we think you need to know.