No website can function without cookies because they not only make your website functional but also help your company analyse what the visitors to the website are interested in. The National Data Office put together guidelines on cookies in 2022, but creating adequate cookie notices is still a big problem. This article will talk you through steps in creating a pop-up cookie notice on your website that complies with the General Data Protection Regulation.
People using your website should be given a choice between allowing or blocking cookies, and users should be able to choose what cookies they want to allow. Of course, there are cookies without which your website cannot really function, so it’s not necessary to give the user discretion about using those. We recommend your pop-up notice should give the user three options: “Accept”, “Reject” and “More information”.
Your pop-up notice should inform the user of your intended personal data processing through cookies, but you may wonder when the user’s consent is required and when it’s not necessary.
It’s not mandatory to ask the user’s consent for technical or essential cookies, but that does not mean you do not need to have a pop-up cookie notice that gives relevant information.
Consent should be sought if your website uses analytical cookies and marketing cookies, split into first-party cookies and third-party cookies.
The first-layer information should include the controller’s identity, the intended uses of cookies, what party cookies are used, types of data collected in the case of profiling, how the user can make a decision about cookies, and a clear reference to the second-layer information.
The second-layer information contains information that helps the user understand the intended uses of cookies and why such uses are necessary. This means the user should have easy access to your privacy policy and/or cookie policy.
It’s common for companies to highlight one of the selection tools, thereby prompting the user to choose the highlighted field. The National Data Office’s guidelines state that the user should be given discretion, without prompting them to make a certain choice (e.g. if the consent button is green but the rest are grey).
If the user wants to learn more about cookies in the pop-up notice, what they often see is that a choice is made for them. For example, it’s automatically stated that the user agrees to marketing cookies and statistical cookies. This practice should be abandoned, and the user should be allowed to mark any cookies they like.
The user should always find that revoking consent is as easy as giving consent. If the user needs to carry out any additional activities, such as phoning the company and requesting revocation of consent given electronically with a single click, this will be a breach of the General Data Protection Regulation.
Best practice: Once the user has allowed or blocked your cookies, your home page always displays a cookie the user can click to change their selection.
Best practice: The option to close your pop-up notice cannot be treated as the user’s consent, so your website cannot use cookies.
If you have any comments on this article please email them to lv_mindlink@pwc.com
Ask questionOn 21 December 2023 the Court of Justice of the European Union (CJEU) passed ruling C-288/22 on whether a public limited company’s board members are taxable persons for VAT purposes. This ruling is important because it explains what criteria must be met if a person is to be treated as carrying out an economic activity that forms the basis for paying VAT and what factors should be considered to determine whether someone is an independent taxable person.
On 17 October 2023 the EU amended its blacklist of uncooperative tax havens that are subject to special taxation procedures. The blacklist now contains 16 jurisdictions, including Antigua and Barbuda, Belize, the Republic of Seychelles, and Russia. As 2023 saw the list being amended several times, there are certain tax aspects that may raise questions, yet national law does not always provide the answers. In this article we take a look at what the Ministry of Finance (MOF) and the State Revenue Service (SRS) think about the tax treatment of a Latvian-resident individual’s income from a substantial participation in a foreign company, including dividends from a blacklisted tax haven.
Court ruling No. SKC-165/2023 was published last November. While it does not address any fresh legal issues, the subject of worker postings combined with the significant amount of this claim creates the need to analyse this ruling in more detail. The pay components assessed in the ruling allow us to summarise and evaluate pay issues relevant to any worker posting.
We use cookies to make our site work well for you and so we can continually improve it. The cookies that keep the site functioning are always on. We use analytics and marketing cookies to help us understand what content is of most interest and to personalise your user experience.
It’s your choice to accept these or not. You can either click the 'I accept all’ button below or use the switches to choose and save your choices.
For detailed information on how we use cookies and other tracking technologies, please visit our cookies information page.
These cookies are necessary for the website to operate. Our website cannot function without these cookies and they can only be disabled by changing your browser preferences.
These cookies allow us to measure and report on website activity by tracking page visits, visitor locations and how visitors move around the site. The information collected does not directly identify visitors. We drop these cookies and use Adobe to help us analyse the data.
These cookies help us provide you with personalised and relevant services or advertising, and track the effectiveness of our digital marketing activities.