SaaS Agreements – FAQs – Cookies

What is a Cookie?

Cookies are small text files placed on a user’s hardware device, such as a computer, tablet or mobile phone which record online activity. The majority of websites use cookies to measure visits and the use of websites (analytics cookies). Cookies are often also used to save user names, passwords and user preferences to make repeated use of a website more comfortable for the user. However, increasingly cookies are being used to collect information about users for the purposes of targeted marketing, tracking and other non essential purposes.

Opt In Consent Required

It is unlawful to use cookies to collect user data without first obtaining consent. There is an exception when a cookie is strictly necessary for a service which a user has requested i.e. where a user places an item in an online shopping basket and there is the need to ensure that payment is for the goods actually purchased.

Compliance and Fines

The UK Information Commissioners Office (ICO) investigates and prosecutes companies for breaches of the Privacy and Electronic Communications (Amendment) Regulations and the GDPR. These two laws set out the obligations of website operators to provide users with information about cookies and any other similar techonlogy that track use of a website and the need to obtain obtain a user’s consent to the use of cookies. Failure to comply with the rules can result in GDPR fines.


Irene Bodle is an IT lawyer specialising in SaaS agreements, GDPR and cloud computing with over 15 years experience in the IT sector. If you require assistance with any SaaS or cloud computing contracts, GDPR or any other IT legal issues please contact me:

To register for my newsletter click here