This article is written by Shreya Patil, pursuing a Diploma in Advanced Contract Drafting, Negotiation and Dispute Resolution from LawSikho.

Introduction 

“Every move you make, I will be watching you.” Doesn’t this sound like stalking? Probably, yes! Have you ever wondered how you sometimes see personalised ads which are highly specific to you, especially after you just searched for it on the internet? There might be several reasons for it. But accepting “All cookies” on a cookie disclaimer is one of the prominent reasons behind the same. In case you operate a website or your mobile app or your computer, it is obvious for you to have come across the “Cookies” disclaimer at some point of time, where the site primarily notifies the user there will be using of “cookies” to track our activity in order to enhance our “experience”. It then invites us to read their policy if we refuse to accept such tracking. Not just the users of any website, even business owners who own such websites must understand what a cookie actually is and how they are placed in order to prepare your website’s compliance with privacy legislations such as the EU Cookie Directive. 

Since the whole world is online than since the pandemic, this without a doubt means more dependency on online platforms, therefore, wesee an increased number of “Accept cookies” banners where its acceptance not only threatens our privacy but may also costs fortune if we come across some shady websites unintentionally. Many of the website users aren’t aware of the fact that these cookie banners may be customised according to the website viewers which assures our security and identity. Apart from individuals, having such “cookie banners’ ‘ and including options for customisations is equally important for the website owners and business personalities which desire to have global clients, viewers and make the most of the globalisation era since each country has their privacy laws which cookie policy is a part of. 

In today’s world of technology, privacy on the internet has become an oxymoron but protecting it has become more necessary than ever. Accordingly, it is requisite for individuals to manage their cookies. Regardless of you being an individual, website owner or an entrepreneur, if you wish to understand the Cookie policy, this article is for you! 

Meaning of a cookie policy

Cookies are small text files which are placed on the computer and mobile devices of the people who visit those websites/apps. Is similar to a privacy policy that is used to inform the users about the collection and use of personal information, a cookie policy is where the website owners will: 

1. Provide detailed information about what cookies are being used by the website. 
2. The detailed use of these cookies. 
3. Provide an insight into the options that the users possess over these cookies. 

It is not all that uncommon to get confused between the Privacy policy and the Cookie policy. The privacy policy is a document which outlines the methods and the purposes of its data processing to users run by the data owners. If in case a website collects personal data, it is mandated to inform the data users of this fact or privacy policy. This consent is usually executed through the presence of a simple contract form. Where a cookie policy is concerned, it is a Section of the privacy policy dedicated to cookies that are responsible to track the behaviour which may result in potential privacy risk. 

There are various apps which contribute towards privacy and cookie policy generator resulting in its customization but it is always advisable to consult a tech/data privacy lawyer before incorporating any policy on your websites in order to acquire a clear perspective. 

Understanding Cookies and its types

Cookies are basically small text files that websites incorporate on our devices to further process and store on our web browser. Despite storing a lot of data to potentially identify us even without our consent, these are proven harmless as they can be easily viewed as well as deleted. Since the cookies can contain a lot of data, they have the potential to store personal data which are subject to GDPR. 

There are three different ways of classifying cookies based on how long they serve, what purpose they serve and their provenance.

• Duration of the Cookies:

1. Session cookies- These types of cookies are generally temporary and expire as soon as they close the browser. 
2. Persistent cookies- This category of cookies hover until we erase them or our browser does until the expiration. The duration generally lasts 12 months or in accordance with any action. 

• Provenance:

1. First party cookies- These cookies are put directly on our devices through the website we are visiting. 
2. Third party cookies- These cookies are placed by a third party like an advertiser or even as an analytic system. 

• Purpose:
• Necessary cookies– The cookies essential for the smooth functioning of websites and features according to the viewers recommendations and preferences are strictly necessary. We must be aware of shop apps such as “Amazon” and “Flipkart”. These types of apps use first party session cookies where consent of the cookies may not be necessary but why they are necessary are generally explained. 
• Preference cookies- Also known as ‘Functionality cookies” these cookies allow a website to collect data of the choices we have made in the past on the website such as language, region, name and passwords. 
• Statistics cookies- These cookies collect information about how we use a website and the pages we have visited and also the links we have clicked on but none of this information is used to identify you. These cookies are solely used for the improvisation of the website functions. 
• Marketing cookies– Tracking our online activity to help the advertisers deliver more relevant advertising, these cookies share the information with third party provenance. 
• Regardless of incorporating the cookie policy as a part of a privacy policy, many website owners leave their cookie policy as a stand-alone Section. However, it is mandatory for the websites to adhere to European GDPR and Californian CCPA to have one available for the website viewers and users. 

Effects of cookie policy under GDPR

The EU’s law on personal data i.e, the General Data Protection Regulation (GDPR), gives website visitors the right to receive specific, up-to-date information on what data is registered about, for what purpose, and where in the world it is being sent (along with the possibility to prevent it from happening). 

These rules affect your cookie policy as well as your cookie notification, your cookie consent and your documentation of consents.

The EU Cookie Directive is a legislation that came into effect due to Europe’s endeavour to provide protection for online privacy for the Europeans. The adoption of this directive in May 2011 not only applies to business websites or apps located in the EU, they are also subject to enforcement when residents of the European Union visit the website of businesses who are not European Union citizens. In accordance with the Directive, in the event of a European resident visiting your site, the usage of cookies must be informed to that person and moreover the option to refuse shall also exist. The only con of this is the less personalised browsing experience, however, the law requires the option to be strictly available. 

Consequently, the combination of these two laws, i.e., General Data Protection Regulation and e-privacy directive administered many websites to implement cookie banners to legally resume the engaging of business and their practices with respect to personalised advertising, retargeting and analytics. 

GDPR provides the users statutory rights with regards to their data. The controller is obligated to honour those rights. Such rights include: 

• The right to be informed about the privacy policy. 
• The right to access personal data and information on the procedure of how their data is being used. 
• The right to rectify the personal data if it is inaccurate or incomplete. 
• The Right to object to any activities in relation to their personal data. 
• The Right of the users to obtain their personal data for their own purposes. 
• The right to erase the users’ personal data where it no longer serves the original purpose. 
• The right to restrict processing of the personal data in specific cases. 

This is how the protection of data takes place in the European Union. But what countries outside of the EU have such laws? Every country, without a doubt, has privacy laws, but what are the rules on cookies around some major markets around the world?

Before we understand how consent for cookies takes place in major economies of the world, it’s important to get a clarity of the concept of valid cookie consent and the contents included in a cookie policy. 

Contents included in a Cookie policy

It should be taken into utmost concern that that cookie policy is an extremely serious document that affects the privacy of the visitors and clients on their website. Thus, when working on the consideration of policies to be added, use of legal services for your policy, either internal or external is essential. 

However, in the event of you deciding to write the policy by yourself, there are some typical sections that should be used. They can be broken down as follows: 

Policy Introduction  

The purpose of introduction of the cookie policy is to get informed consent of the visitors in order to use their cookies who start using your website. The first stage of this cookie policy is to introduce your cookie policy, the display of the cookie consent should be immediate upon a user’s first visit which receives informed consent from the visitors of your website. 

Where can a banner be incorporated? There is no law that states a method of incorporation but the fact remains that it should ideally be visible. 

Website, in most manners, introduce their policies in 4 different ways: 

1. Fixed Footer Notification – Adding cookie consent notice in the footer for your website is a smart move universally since most of the legal links are included in the footer which individuals are aware of the fact of looking for important things. 
2. Top-header Notification – This notification gets displayed in front and centre at the top of the website which makes it impossible for the visitors to miss. 
3. Inline Top-Header Notification – The notice uses a slightly lighter colour blue from the site background that fits well with the logo Section line and the “Welcome to GOV.UK” Section. Another example of a more inline notification can be seen here from Barclays. This notification bar is located between the top Section of the website and the start of their website content, which makes it pretty much impossible to miss.
4. Box Notification – Some names need no introduction, right? This box notification works best with mobile phones since it can display largely on the screen. The small box is placed on a fixed position regardless of how you scroll. 
5. Persistent Pop-Up- Few websites do not allow the users to interact with them unless they have given a consent. This is executed through consistent pop-up. 

What are Cookies? 

Despite being generated for smooth user experience, cookies have generated a lot of controversy with growing concerns of virtual privacy. Since cookies have an ability to track, store and share the activities of an individual, it’s a legal requirement for websites to get clear consent from website users. This information is extremely important to notify the users that your website is using cookies, and more specifically, what cookies are. 

Kind of cookies that shall be used (either by website owner or by a Third party)

The fundamental step of creating a cookie policy is to identify an accurate cookie policy as every website uses them differently. It is pertinent to take the use of cookies used by your website and the ones set by a third party to take into a consideration. If one’s not sure, using https://www.cookiebot.com/en/ can help to audit it with a complete overview of all the cookies in use. Generally, cookies are either used for marketing purposes or for the data you are tracking which should be clearly mentioned. 

Third party cookies on our site, if there are any 

A user must be informed if there shall be any third-party cookies usages in the website with necessary cookies. This helps the user to make a decision if they are willing to proceed with a valid consent. Third party cookies might be stored, this may enable it to collect data and show relevant ads on the device of the user. 

Tip for website users: Disabling third party cookies on your device can immediately refrain the advertisers from tracking any third-party entities.

Opt-out possibilities and consequences 

Some users are extremely conscious and protective about their data privacy, as they should be! Hence offering an opt out option is reasonably considerate. 

• From an opt out option the user can deny storage of any data and information will no longer be stored in the cookies. The hard fact is that a few companies are not considering this option of privacy policy which makes it difficult for the users to object to the usage of personalised advertisements. 
• The users should be informed that they have the right to refuse the “storing of the data” pertaining to any information. 
• Lastly, a contact address should be provided for in case of questions and complaints. 
• A valid consent from end-users to have their personal data processed by cookies and trackers on a website has to be an informed, clear and affirmative and unambiguous indication of their wishes. This means that websites are not allowed to activate non-necessary cookies that process personal data until after users have given their explicit consent.

Explicit or Implicit cookie consent mode and its validity geographically

There are two main modes of cookie script of consent depending on how strict you want it to be and it is called consent mode. The cookies which are set at the visitors’ computer where they are just informed about the storage of cookies are known as Implied consent cookies. However, under the GDPR the option of implied consent doesn’t comply with the law and hence no cookies can be stored without an informed consent of the visitor of the website when dealing with Europeans. 

It is pertinent to note that some EU Data Protection Authorities in alignment with the GDPR now also require records for the consent instead of proofs to be kept to maintain valid records of consent. Generally, website owners default use the explicit consent considering their website’s reach over the globe. It cannot be denied that Europe is way ahead in terms of its data privacy but understanding how the cookie consent works around the globe where data privacy may be developed or may not be is extremely important not only for website owners but visitors as well for self-awareness of their privacy. 

Cookie Consent in North America

• United States 

The privacy law in the United States is considered to be extremely weak compared to the other major economies as the USA doesn’t require consent for cookies. However, the federal law places few restrictions on the usage of cookies for the children below 13 years of age and is named as the Children’s Online Privacy Protection Act (COPPA). The strongest privacy laws can be found in California where they are effectively applied to any business operating in the US. The very specific act relating to privacy policy i.e The California Online Privacy Protection Act” required the website owners to disclose their mode of the collection of personal information and they too should be collected via cookies. Not restricting to this, it also states that the Privacy policy should let the users know how the website treats browser “Do Not Track” requests but they aren’t actually obliged to obey such requests. Hence, although disclosure in a privacy policy is advised, California too doesn’t require consent for cookies. 

• Canada 

When it comes to Canada, it definitely proves to be stricter than the USA. The two main privacy laws followed by the Canadian legislation are: 

1. Personal Information Protection and Electronic Documents Act (PIPEDA) 

This law mentions two types of consent: 

> Express consent- where the consent is explicit, through a specific action. 

> Implied consent- it’s an inferred consent where the user has been given an option to opt but does not do so. 

2. Canada’s Anti-Spam Legislation (CASL) 

This law requires the website and app operators to get “express consent” for installation of certain “computer programs” and it deems the cookies as a type of computer program. 

The combination of these two legislations provides a requirement for cookie consents but not necessarily cookie banners. So, it definitely depends on the opt out choices of people and have express consent to set cookies under Canadian law. Concludingly, Canadian law does not require (express) consent for cookies unless proper information and opt-out process are provided. 

Cookie Consent in South & Central America

• Argentina: 

Argentina’s Personal Data Protection Act requires that the websites only allow for the personal information to be collected with express consent given in writing or other similar means. But the personal information can be only collected in terms of information such as Name, National Identity Number, Occupation, Address and Phone number. So, coming to the question, are cookies considered as personal information? Though the law is unclear about this, cookies are world-wide considered as personal information. 

• Brazil

The two privacy laws in Brazil are: 

1. The Civil Rights Framework for the Internet 
2. The Brazilian General Data Protection Law which came into force in 2020

These laws don’t provide any specific reference to the cookies; however, they do suggest that containing personal information requires express consent. Hence, Brazil may require consent for cookies. 

• Mexico:

The two prominent legislations in privacy laws amongst many are: 

1. The Federal Law on the Protection of Personal Data held by Private Parties
2. The Privacy Notice Guidelines

Under these legislations, the consent for cookies is mandatorily required besides the cookies for technical purposes. The express notice as to how cookies collect the personal information shall be legally required. 

Cookie Consent in Africa

• Nigeria: 

Nigeria’s privacy laws are: 

1. The National Information Technology Development Agency Act 2007 
2. The Nigerian Data Protection Regulation 2019

While there is no express reference to the Cookies in 2007 legislation, the 2019 regulation circles around consent which is quite similar to that of the EU’s GDPR suggesting a strong opt-in or express model of consent which is one of the six legal reasons for processing personal information. Therefore, Nigeria does require consent for cookies. 

• South Africa: 

The privacy laws in South Africa are: 

1. The Electronic Communications and Transactions Act 2002
2. The Protection of Personal Information Act

The latter law bears similarities with the EU data protection law. Regardless of being passed in 2013, it has yet to come into full force. This law does not regulate the use of cookies as they are considered as “Online identifiers” and hence qualify as personal information covered by consent requirements. However, until POPIA comes into full force, it can be safer to state that South Africa does not require consent for cookies. 

Cookie Consent in Asia

• China: 

There are a myriad of regulations, statutes and court opinions covering privacy law in China. However, Internet censorship, cybersecurity laws and the “Great Firewall of China” present additional challenges to enter the online market. The online markets include: 

1. The Internet Email Services Regulations 
2. The law of tortious Liability

Interestingly, no Chinese law appears to have made reference to cookies. Hence it can be partially considered as China does not require consent for cookies. 

• Hong Kong: 

The main privacy laws in Hong Kong are: 

1. The Personal Data Ordinance 
2. The Unsolicited Electronic Messages Ordinance

These both laws don’t require consent for cookies and hence it can be concluded that Hong Kong does not require consent for cookies. 

• India: 

Despite not having any comprehensive data protection or privacy law, the Information Technology the Information Technology Act, 2000 prohibits the use of cookies without consent since any Computer virus, can be considered as cookies. Hence, India may prohibit the use of cookies without consent. 

Position of Cookie Policy in India

As far as India is concerned, there is definitely a lack of comprehensive personal data privacy legislation with respect to regulating the usage of cookies. We all are aware of how right to privacy is a fundamental right as declared in the case of K.S. Puttuswamy v. Union of India. It was also stated that without the consent of the user, no information of the user shall be utilized by websites. However, it is pertinent to note that cookies, regardless of their type, are not considered as personal information in India which benefits the websites as they are allowed to apply various types of cookies in the device of the user. 

So how are websites regulated if not through any cookie law legislation? 

Such websites are regulated by legal binding agreements under the Indian Contract Act, 1872 which are mandated on agreeing to the terms and conditions as shown to the user where terms and conditions of a privacy policy are mentioned. The next legislation which governs such websites is the Consumer Protection Act, 2019 which contains important provisions related to the data privacy of the consumer which includes according to Section 2(46) of the Consumer Protection Act any unreasonable imposition of a condition on the consumers which certainly puts them in jeopardy would be treated as an unfair contract under the unfair trade practices. 

However, the arbitrariness and ambiguity under these legislations concerning privacy is prevalent in the inclusion of the definition of the privacy protection and hence there is no hard and fast rule as compared to other countries. 

What does India need to work on?

1. Revised Personal Data Protection Bill, 2019: The new Personal Data Protection Bill, 2019 although has not been enacted yet but should be modified. This bill defines personal data as any data about a natural person that is directly or indirectly identifiable. This certainly pertains to identification of information related to a natural person. However, cookies generally do not have a function of identification of a natural person and thus this is outside its purview. In accordance with the views of the experts, personal data cannot be irreversibly anonymized and hence the companies which use browsing history as a way to identify individual users run the risk of de-anonymization. 

A study also finds that half of the population is uniquely identified based on place, date of birth and gender details. This bill proves to be inadequate in the regulation of the cookies as it does not address the standards of characterisation of the process of anonymisation and hence should be revised considering the gravity of the issue of privacy in the future. 

2. Need of a Cookie Law: 

The solution to all questions regarding the ambiguity in different legislations related to privacy, is a comprehensive cookie policy law which is jurisdiction-based, which shall prove beneficial in resolving interpretational problems and ensure robust enforcement. Enforcing a cookie law shall also ensure the protection of economic interests of the companies with elimination of privacy concerns by incorporating penalising regulations under such laws. 

• Japan: 

The main privacy laws in Japan are: 

1. The Act on the Protection of Personal Information. 
2. The Act on Regulation of the Transmission of Specified Electronic Mail.

Under the APPI, consent for transfer of personal data and its collection requires mandatory consent. So, the first party might not require cookies; however disclosure of the privacy policy is prohibited. Hence it can be stated that Japan might require consent for third party cookies. 

Cookie Consent in Australia

• Australia: 

Information collected by the cookies might constitute personal information if the person could be reasonably identified under Australian law. Therefore, Australia does not require consent for cookies as disclosure of your cookies in a Privacy Policy under Australia law is deemed to be necessary. 

• New Zealand:

The main privacy laws in New Zealand are: 

1. The Privacy Act 1993, 
2. The Unsolicited Electronic Messages Act 2007. 

Neither of these laws make reference to cookies and hence New Zealand does not require consent for cookies. 

Determining the Law of Reference

Many users and service providers wonder which privacy laws they must honour. Here’s a simple rule of thumb-

Generally, the laws of a particular region apply if:

• You base your operations there; or
• You use processing services or servers based in the region; or
• Your service targets users from that region.

This effectively means that regional regulations may apply to you and/or your business whether you’re located in the region or not. For that reason, it’s always advisable that you approach your data processing activities with the strictest applicable regulations in mind.

General Legal Requirements to incorporate a Cookie policy on your website

There is absolutely no straightforward answer to whether there is a legal requirement to incorporate a cookie policy onto your website as it largely depends on the privacy laws of each country. However, in countries like Europe and California, there is a legal requirement to incorporate such a policy and comply with these laws. If your business is based in Europe or California; wants to deal with their clients, the inclusion of cookie policy is mandatory. 

Since the trading and commercial activities are executed flourishingly in the European countries and USA, the pressing question shouldn’t focus on whether it is a Legal requirement but how you can get a cookie policy for your website. However, if you desire to get your website noticed, flourished and have customers or viewers all around the globe, it needs to comply with the privacy laws of that country. Hence having no cookie policy might affect the smooth functionality of your website, if it doesn’t add value unless you have economic profits. Hence it is not a legal requirement but certainly a necessary requirement in order to flourish in the world. 

Subject to the above, there can be questions as to how we consciously make ourselves aware of which country’s privacy laws. In terms of Data Privacy and Protection, the European Union is way ahead than any of the jurisdictions in the world. If you are a website owner from the EU or you are dealing with EU citizens, your website should comply with the EU’s General Data Protection Regulation. 

According to the EU Cookies Directive, the notice of usage of cookies is separate from your privacy policy. In order to comply with these, anyone who visits the website should: 

1. Notify that the website is using cookies. 
2. Inform about the type of cookies being used. 
3. Inform the options available to them if they want to opt out of having the website’s cookies stored on their devices. 

Under the privacy policy of the United States, if cookies are used for the website, they are required by the law to have a privacy policy that discloses the use of cookies. 

Situational Legal Requirements

If your website is in operation of an e-commerce industry, there are applicable commercial laws and industry rules. 

Business to Business commerce

Commercial transactions that are subject to the applicable contracts, industry and national guidelines, falling within the scope of such governing law shall be applied in such cases. 

Business to Consumers commerce

Under most countries, the consumers need to be informed about the following- 

• Returns/Refund details. 
• Warranty/Guarantee information where applicable. 
• Safety Information such as legal address and business name. 
• Rights of consumers (such as withdrawal rights), where applicable.
• Seller contact details (e.g., email address).

Other Legal Requirements

A terms and Conditions document also known as “terms of service, End-user license agreement or a Terms of Use agreement is often not legally required but is always a good practice for the sake of practicality and safety. It executes a contractual relationship between the users and therefore, is essential in terms of protection of potential liabilities. This legally binding agreement must be ensured to be updated and understandable to the layman.

While different businesses have different contexts of terms and conditions, they should at least include the following:

• Identification of the business
• Description the service that your site/app provides
• Information on risk allocation, liability, and disclaimers
• Warranty/Guarantee information (where applicable)

• The existence of a withdrawal right (if applicable)
• Safety information, including instructions for proper use (where applicable)
• Terms of delivery of product/service
• Rights of use (if applicable)
• Conditions of use/ purchase (e.g., age requirements, location-based restrictions)
• Refund policy/exchange/termination of service and related info
• Info related to methods of payment
• Any additional applicable terms

Third Party Legal Requirements and Obligations

An organization may be held liable for not meeting any legal obligations leading to reputational damages, fines and sanctions. Hence, it’s often mandatory for all the partners, customers to meet regulatory service standards. Generally, they require that organizations that use their services have in place a compliant privacy policy (and cookie policy if cookies are in use) that discloses relevant details about the relationship and services rendered.

Consequences of non-compliance, undoubtedly initiate legal ramifications which may include the following: 

1. Fines: Government officials bring suits seeking civil penalties which can go beyond US$ 120000 for any violations whereas GDPR fines were raised to EUR 20 million. 
2. Disciplinary measures: Measures such as official reprimands and periodic data protection are included in the event of any violations. The GDPR grants the users exclusive right to file a complaint with a supervisory authority if they suspect any processing of their personal data. 
3. Liability Damages: To compensate for any unjust damage is a general principle of Civil law. Both GDPR and CalOPPA grants individual users the right to claim compensations. 
4. Loss of service and contractual penalties: Some third-party services (including marketplaces and app stores) may be in compliance with specific regulations as a part of their terms of use; violation of their terms may lead to service termination or potentially, permanent bans.
5. Criminal Law: It is possible to be held criminally liable if the conditions are met and if the sovereignty of a nation is at stake. 

Drafting and Incorporating an Ideal Cookie Policy

Considering the legalities of Cookie policy in different jurisdictions, finding the right template of a cookie policy which satisfies the requirements of data privacy laws of major economies is definitely a tough row to hoe. As we have now educated ourselves about the types of cookies used on websites, the most fundamental step is to identify the type of cookies which are being used for our website as every website uses them specifically and in varied forms. Since the third-party cookies are also taken into consideration while taking into account the use of own cookies, reading the cookie policies of third-party service is essential! Most websites practice displaying a pop up notification at the bottom of the screen when a visitor lands on the site. This ensures the visitor a brief notification about the cookies the sites might use where a link is provided for detailed information about the cookie policy that sits on. 

As mandated by the GDPR compliance regulations, the language needs to be plain and intelligible which shall include the following information: 

• The type of cookies the website is using.
• The data the website is tracking.
• How long cookies shall stay on a user’s browser.
• Why the website is using cookies (for marketing purposes for example).
• Where the data is sent and with whom it’s shared from your website.
• How to reject cookies and how to change cookie settings.

Consequences of rejection of cookies by the user

In the event of rejection of cookies, the activity of the user cannot be tracked. For this purpose, there are extremely strict rules with regards to gaining consent and in order for it to be valid, it must be gained through free, informed and specific consent. It also must be noted that simply providing information about cookie policy which the reader barely understands shall not be counted as a consent. Building on the same, it’s always a good idea to display the notification of the policy on all the pages of your website. 

Conclusion

If you are a website owner, customising your policy according to your needs, style and aesthetics is your own personalised choice, however to get a consent for your privacy policy, essential information, required links with notices not being placed before the consent cookie policy should be cautiously addressed in order to ensure that there are no legal implications upon you or your business. Hence, availing legal services shall always be preferable. Appointing a Data protection officer who carries out the task of ensuring all the processing activities and monitoring compliance with applicable laws is highly encouraged by all jurisdictions. When it comes to website users, consider your personal information as your wealth and hence make efforts in order to protect it. Consenting to cookies just for sake of efficient running of the website can be detrimental, reading the consent policy/cookie policy and acting upon it might save you a fortune. 

References

• https://www.termsfeed.com/blog/4-ways-notify-users-cookies/
• https://ico.org.uk/for-organisations/guide-to-pecr/guidance-on-the-use-of-cookies-and-similar-technologies/how-do-we-comply-with-the-cookie-rules/#comply6 
• https://www.privacypolicies.com/blog/cookie-consent-examples/#Persistent_Pop_Up
• https://cookie-script.com/geo-targeting.html
• https://www.iubenda.com/en/help/5720-legal-requirements-overview#consequences
• https://www.privacypolicies.com/blog/eu-cookies-directive/
• https://gdpr.eu/cookies/
• https://www.termsfeed.com/blog/cookie-consent-outside-eu/

---

Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skill.

LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join:

https://t.me/joinchat/J_0YrBa4IBSHdpuTfQO_sA

Follow us on Instagram and subscribe to our YouTube channel for more amazing legal content.