About the ICO’s Guidance
- Cookie consent is the same as GDPR-compliant consent (unbundled, specific, granular)
- Consent needs to be actively given (no interaction with the banner does not imply consent)
- Only strictly necessary cookies can be dropped automatically, all others require consent (including analytics and audience tracking)
- Consent cannot be “hidden” in the online Terms & Conditions
- No “nudging” toward consenting to cookies (emphasizing agree over reject is not advised)
- No prescribed retention periods for cookie data – but organizations are expected to be reasonable when setting the lifespan for the trackers and information collected through them.
How OneTrust Helps
OneTrust’s Cookie Consent and Website Scanning solution has been updated with recent ICO, CNIL and country-specific guidance built in. To help meet the ICO’s new guidance, OneTrust’s solution provides:
All Required Information
Include all required information on the cookie banner and in the preference centre to ensure data subjects are fully informed. OneTrust automatically generates a detailed Cookie List based on the latest website scan. Easily update the information provided from the OneTrust user-friendly interface at any time without the intervention of a technical team, while tracking changes in an audit log.
Granular Records of Consent
Granular records of a user’s consent and audit trails are available on demand within the OneTrust platform.
Historical Audit Trails
User’s modifications to settings on the cookie banner or preferences are stored in a detailed audit log to show compliance over time
Allow The User To Update Their Preferences At Any Time
Provide choices at all times with a granular preference centre to easily manage cookie preferences. Enable granular preferences across cookie categories determined within the OneTrust platform.
Adaptable Consent Approach
OneTrust can support multiple consent models, whether it be opt-out, opt-in, explicit, implied, notice only. Set up different models for each cookie category to meet compliance while maintaining optimal performance using analytics.