|
|
|
|
|
|
by wongarsu
2055 days ago
|
|
|
Following the link from there to https://ico.org.uk/for-organisations/guide-to-pecr/guidance-... you find this paragraph: """
Are we required to provide information and obtain consent for all cookies? No – PECR has two exemptions to the cookie rules. Regulation 6(4) states that: (4) Paragraph (1) shall not apply to the technical storage of, or access to, information -
(a) for the sole purpose of carrying out the transmission of a communication over an electronic communications network; or
(b) where such storage or access is strictly necessary for the provision of an information society service requested by the subscriber or user.
"""Strictly nessesary includes "Cookies that help ensure that the content of a page loads quickly and effectively by distributing the workload across numerous computers (this is often referred to as ‘load balancing’ or ‘reverse proxying’)". That covers at least one of the Cloudflare cookies directly, and gives good indication that the other two also qualify. |
|
|
Apart from GDPR law, there's also separate EU Cookie Legislation which was passed before GDPR. This regulation require clear user notification (not consent) that cookies are used. As far as I know (but I might be wrong, I don't follow it) this law is still in place and GDPR did not replace it. So that means you still need cookie notification banner (but not with "I accept" button but with "I understand").