
Time Remaining
What is the ICO?
The Information Commissioner’s Office (ICO) is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
Under the Data Protection Act 1998, all organisations that process personal information must register with the ICO, who publish the names and addresses of the data controllers. They also include a description of the type of processing each organisation performs. If your organisation processes personal data, failure to register with the ICO is against the law.
Earlier this year, the UK Information Commissioner’s Office (ICO) released new guidance on the use of cookies and similar technologies, providing updated directions for complying with the PECR and GDPR.
The ICO issues monetary penalties of up to £500,000 to those who have broken the Data Protection Act 1998 or breached the terms of the Privacy and Electronic Communications Regulations (PECR). Serious breaches will be met with direct action and failure to comply with the law might lead to enforcement action.
-
Cover each purpose for which personal data will be processed
-
Collect specific, freely given and unambiguous consent to the cookies prior to the cookie being dropped
-
Identify all parties placing cookies, meaning that organizations should name all parties who will rely on users’ consent.
-
Provide an option to withdraw consent
-
Maintain evidence of consent – who, when, how, and what you told users
Who Does the ICO Apply To?
This is not defined by the ICO. It is believed that the ICO might follow the rules given by the ePrivacy. This would mean that its guidance would apply to use of cookies carried out by an established controller or processor that monitors the behavior of individuals in the U.K.
Solutions to Help Organizations Follow ICO Guidance

Scan your website against the largest database of cookies and get a report of the cookies and online tracking technologies on your website. CookiePro enables users to generate a cookie banner to inform visitors that cookies are being used on the website.
- Deep scanning across cookies, tags, beacons and tracking pixels
- Cookie consent banner customization with opt-out mechanism
- Preference center creator with option to include Do Not Sell link
- Language auto-detection
- Cookie policy generator based on web scanning results
- Automatic cookie control
- Consent record management

Scan apps for tracking technologies and unknown SDKs, collect app consent, and give both privacy and mobile app development teams visibility into how their app is sharing data with third parties.
- Tracking technologies scanner
- Visual reports to understand the app’s health
- Communication management settings by product, channel, frequency, etc.
- Central consent records management and preference database
- Marketing and IT technologies integration

Build and configure web forms to capture data subject requests based on regulation-specific requirements. CookiePro enables you to consolidate your requests and track them through the entire lifecycle to demonstrate compliance.
- Request form customization
- WordPress Do Not Sell plugin
- Workflow management to respond to requests
- Built-in response templates to use when communication with users
- Consolidation of requests to track through the entire lifecycle

CookiePro Do Not Sell WordPress Plugin
Download the new CookiePro Do Not Sell WordPress plugin to allow website visitors to opt of the sale of their personal information.