With a cookie policy on your WordPress website, you can inform your visitors about the use of cookies, local storage, or other used resources (such as tracking pixels) on your website. Because most website visitors do not know the difference we usually just call all of the methods “cookies”, and the document describing them a “cookie policy”.
In many countries, there are cookie laws and/or privacy laws that prescribe to the website owner or the person responsible for a website to give information about those resources. This is also the case for countries that still have an opt-out regime for cookies. The page with information can be reached via a link on the cookie banner, via a link in the Privacy Statement, or via a button or link placed in a menu of your website.
Generally speaking, it should at least give information about the function and the purpose of the used resources. A function is a particular task a cookie has. So a function can be “store the IP address”. Purpose can be seen as the Why behind the function. So maybe the IP address is stored because it is needed for Statistics, or it is stored because it is used for marketing/tracking purposes, or it is needed for functional purposes. It should also give information about retention: how long will the cookie or resource be used or be accessible, and will the data be accessible to third parties, or even sold to third parties? In some countries, it should also give information about the rights the website visitor has. In certain jurisdictions such as California, you should also give information about the data you have sold to other parties, and give the possibility to opt-out using a Do Not Sell My Information button or page. There are also jurisdictions where you are obliged to let website visitors know how you are dealing with browser requests such as Do Not Track!
You now understand why it can be wise or useful to have a special cookie policy for each region that you are targeting. You might also wonder why we offer all that information on a separate Cookie policy page, and not as part of a Privacy Statement. We think from a privacy and UX perspective it is considered best practice not to give too much information in just one document. This is not just our opinion. There are also countries, such as Spain, where the data Protection Authority actually prescribed that information about used cookies should indeed always be mentioned in a separate document instead of being an integral part of a Privacy Statement.
With Complianz GDPR/CCPA it is possible to create a nice cookie policy or a DNSMPI page for your WordPress website, for free! With Premium, it is also possible to differentiate between the different regions. Using GEO-IP you can serve the correct cookie policy depending on the region your visitors come from.
