United Kingdom - PECR (Privacy and Electronic Comunications Regulations)

What is PECR in UK?

In the United Kingdom, the cookie law encompasses the Privacy and Electronic Communications Regulations (PECR), which implements the EU Electronic Privacy Directive (2002), along with the data protection rules established in the Data Protection Act 2018 (DPA) and the UK GDPR. If a UK company plans to use cookies, it must consider both the PECR and the data protection regulations.

The key statute to consider regarding cookies and similar technologies is Regulation 6 of the PECR. Although it does not specifically mention cookies, it aims to set restrictions on their use. Therefore, if a company wishes to use cookies, it must provide clear and comprehensive information about them, explaining their purpose, and obtain consent under the conditions of the UK GDPR to store them on the user's devices.

Proper consent, as established by the UK GDPR, must be freely given, specific, informed, and unambiguous from the user. Additionally, the user should not face negative consequences if they choose not to grant consent; for instance, the website should continue functioning with its general features even if consent for cookies is not given.

If you want to know more about the different regulations you can access our article "Laws and regulations for each region"

How should my cookie banner be to comply with PECR?

When a company uses cookies, it must inform about the type of cookies it uses, provide details about their purpose, and obtain explicit consent from the interested user. The simplest way to do this is by implementing a cookie consent tool, commonly known as a cookie banner.
But, 1 law made up of 3 laws or regulations, how should a banner be to comply with this?

• Include a Button to Accept Cookies: The text in the cookie banner and the button must make it clear that by clicking the button the user agrees to the deployment of cookies, this is known as Opt-in consent. 
• Include a Button to Reject Cookies: Must include a statement telling the user that they can deny the consent of data collection and a button that allows them to do so.
• Provide Detailed Information About Cookie Use: The cookie banner should contain information about why the website uses cookies. For example, does it collect data for analytics, advertising, or social media purposes?
• Alert the User if the Website Shares Data with Third-Party cookies: If the website shares the data collected through cookies with third parties the cookie banner should explain this.
• Link to the Website’s Cookie Policy: Here the website will provide further information about the cookies in use on the site, including a list of all the cookies.

Observations: With illow's GDPR banner you will be ready to comply with this law.

If you want to know the different types of banner cookies that you can find on our platform, access our article "Types of banners you will find on our platform"