CTpayments logo

New EU Regulations for Cookies

From May 26th 2012, any web site that uses Cookies, or similar tracking devices, needs to comply with the new regulations. Unless a cookie is deemed essential to the operation of the website (for example, as part of a shopping cart to track purchases), the website must obtain specific permission from the user in order to place a cookie on their machine.

Having reviewed the requirements, we have concluded that the session cookies we use for the operation of the sites are essential. As a result, we will be adding a banner at the top of CPWeb and PDD pages to explain this, with a link to additional information.

Tracking cookies, such as Google Analytics and similar programmes, are definitely considered within scope. If you are using these on your own web site, then you will have had to obtain permission already before passing the user to our site to make payment or complete a mandate. If you have set-up Affiliate Tracking on our systems, you will need to implement a new POSTed parameter when you pass the user to our page indicating whether the user has granted permission for you to use cookies or other tracking devices.

(Note - this applies only to CPWeb and PDD where the user is redirected to our page – CPWeb Direct, I-frame, and PDD Direct do not use cookies and are not affected)

The parameter required is named ‘cookiesaccepted’ and acceptable values are ‘Y’, ‘N’, or blank.

If you pass ‘Y’ then the affiliate tracking will operate as currently.

However, if you do not pass the parameter, we will assume no permission has been gained. Also, if you pass ‘N’ or blank we will assume the user has declined the use of cookies. In these cases, we will continue the payment process as normal, but we will not include the affiliate tracker you have set up.

Please note that if you are using templates, and you have embedded any form of tracking or cookie within the template, then you need to ensure that you have the necessary permissions from the user before you pass them to our system. We will be issuing a new standard stylesheet shortly that will include the notification banner and you should incorporate this into any custom stylesheet you may be using.

Although the law becomes effective on 26th May, we are aware that you may need to make changes to your systems to accommodate the above. We will be making the functionality available on the demo system shortly, and you will receive an email update when this is available. We anticipate making the changes on the live system two weeks after the demo system is made available, and a further notification will be sent prior to that date.

The link for more information will display the following statement in a new window:

Cookie statement

What has changed?

In line with the EU Cookie Directive which came into force on 26th May 2012, we must declare how cookies are used when you visit our website and offer you the chance to disable or reject cookies if required.

What are cookies and how does this affect my privacy?

Cookies are small text files that are saved by your browser on your computer that make a website easier to use.

What type of cookies are there?

There are two types of cookies - session and persistent. Session cookies are deleted when you close your browser, persistent cookies remain on your computer for a period of time after your browser is closed.

What type of cookies do we use?

We do not use persistent cookies. We do use session cookies because they are essential to the way the payment pages work and for ensuring your security. These session cookies are deleted as soon as you leave the website. Depending on the route by which you reached this payment page, cookies may have been used to see how you navigated the website. This information is used to improve the user experience in future. You should have already given your permission to use cookies in this way. If you have not given permission, or you declined the use of cookies, then we will not set any cookies of this type.
 
Google+