A cookie policy is a declaration to your users on what cookies are active on your website, what user data they track, for what purpose, and where in the world this data is sent.

Also, a cookie policy should contain information on how your users may opt out of the cookies or change their settings in regard to the cookies on your website.

Many website owners choose to incorporate the cookie policy as a section of their privacy policy. You can also leave your website cookie policy as a stand-alone section.

The privacy policy is a document, usually a page on the website, in which all of the methods and purposes of the data processing activities on the site are outlined, including contact forms, mailing lists etc.

Cookies are a potential privacy risk, because they are able to track, store and share user behavior.

Whereas most of the remaining privacy policy may be static, the cookies used on a website are dynamic and might change often.

Therefore, an adequate cookie policy should be regularly updated to make sure that the information is accurate.

These rules affect your cookie policy as well as your cookie notification, your cookie consent and your documentation of consents.

The first thing to do is to discover what cookies are in use on your website. This is fundamental for creating a specific and accurate policy, as required, because every website is different.

In other words, you need to know exactly what cookies and other forms of tracking technology is present and operating on your website.

Keep in mind that you have to take into account both your own use of cookies, and the ones that are set by third parties present on your website. Read your third party services’ cookie policies to find out what cookies they may be using on your site.