Frequently Asked questions

 

Privacy Policy on Web Sites

What should be considered when using cookies?

Recital 24 of Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications, hereinafter referred to as the Directive) provides that electronic communications network users terminal equipment and any stored information on such terminal equipment is part of the private area of users requiring protection under the European Convention for the Protection of Human Rights and Fundamental Freedoms. So-called spyware, invisible pixels, hidden identifiers and other tools, without the user’s knowledge, can enter the terminal equipment of the user to access information to store hidden information or track user’s actions and may seriously violate their privacy. The use of such instruments can only be allowed for legitimate purposes, by informing the users concerned about the use of these tools.
The Recital 25 of the Directive states that such tools, for example, so-called cookies, may be legitimate and useful, for example by analysing website design and advertising and verifying the identity of the users involved in online transactions. Where such tools, as cookies, are intended for a legitimate purpose, such as the promotion of the provision of information society services, their use should be permitted provided that users, in accordance with Directive 95/46 / EC, provide clear and accurate information about the use of cookies or similar tools’ intention to ensure that users learn about the information, which is placed on the terminal equipment used. Users should be able to opt out of storing cookies or similar devices in their terminal equipment. This is especially important if users other than the original users have access to the terminal equipment and thus to any information that contains sensitive personal data stored in such terminal equipment. The information and the rights to opt out of the various tools to be installed in the user’s terminal equipment can be offered at one connection, including further use of these tools during subsequent connections. The ways in which information is provided, the right to opt out or ask for consent, must be made as user-friendly as possible. However, access to a specific web site’s content may depend on the informed acceptance of the cookie or similar instrument when it is used for legitimate purpose.
The information and the right to opt out of the various tools to be installed in the user’s terminal equipment can be offered at one connection, including further use of these tools during subsequent connections. The ways in which information is provided, the right to opt out or ask for consent, must be made as user-friendly as possible. However, access to a specific web site’s content may depend on the informed acceptance of the cookie or similar instrument when used for legitimate purposes.
In this context, it is important to define the conditions for browser settings to comply with the requirements of Directive 95/46/EC and the consent “in accordance with Directive 95/46 / EC” is therefore legal.

Firstly, based on the definition of legitimate consent and the requirements under Article 2 Subparagraph h) of Directive 95/46/EC, it cannot generally be assumed that data subjects have given their consent by simply purchasing a browser or other application which by default allows the collection and processing of their data. It is misleading generally to assume that the lack of action by the data subject (the data subject has not set up the browser to reject cookies) has a clear and unambiguous indication of his wishes.
Secondly, if users agree to receive all cookies in accordance with the browser’s settings, it means that they agree to further processing the data, possibly without knowing about the purposes and types of the use of the cookie. Generic consent to any further processing of data without knowing about the circumstances of this processing cannot be legal consent.
Article 5 Paragraph 3 of the Directive provides that Member States shall ensure that the use of electronic communications networks for the storage of information or access to information stored in the subscriber or user terminal equipment is permitted only on condition that the relevant subscriber or user, in accordance with Directive 95/46/EC provides clear and comprehensive information, inter alia, on the purpose of the processing, and offers the right to prevent the controller from performing such processing. This shall not prevent any technical storage or access to the purpose of conducting or facilitating the transmission of communications over the electronic communications network or the provision of an information society service explicitly requested by the subscriber or user.

Page last updated: November 6, 2017 08:21 AM