When you visit the Service, we may send one or more cookies — a small text file containing a string of alphanumeric characters — to your computer that uniquely identifies your browser and let Ogatin help you log in faster and enhance your navigation through the site. A cookie may also convey information to us about how you use the Service (e.g., the pages you view, the links you click and other actions you take on the Service), and allow us, or our business partners, to track your usage of the Service over time. A persistent cookie remains on your hard drive after you close your browser. Persistent cookies may be used by your browser on subsequent visits to the site. Persistent cookies can be removed by following your web browser’s directions. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, some features of the Service may not function properly if the ability to accept cookies is disabled.
What are cookies and why are they used?
Cookies make your life as a website user much easier because you do not have to log in every time you visit the same page. Your online experiences will be personalized to your preferences.
Types of cookies
There are different types of cookies saving different information and for different periods of time.
Period cookies are deleted at the end of a web sessions, while persistent cookies have a pre-determined expiry date and will appear until the expiry date is reached.
Does POPI apply?
POPI does not explicitly mention cookies, but POPI applies because:
- a cookie can contain personal information,
- the definition of personal information includes an online identifier, or
- one of the duties of the Information Regulator is to monitor the use of unique identifiers (which includes cookies).
What about my personal information?
Cookies store certain personal information you provide on a website. This personal information can be processed if done so in accordance with the conditions of POPI.
Cookies do not generally store credit card information and account numbers but if they do the information must be protected securely.
Cookies only store information from your browser, they cannot access data on your hard drive. Cookies are text files that cannot transfer viruses to your computer or mobile device.
EU ePrivacy Directive
The EU ePrivacy Directive (as amended by Directive 2009/136/EC) requires a data subject to give prior informed consent.
EU ePrivacy Directive Article 5(3) says, “the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information”
The Directive is not a law but failure to follow the directive will lead to action taken against the Member state. Member states must implement the directive into local laws.
This is contrary to the current South African position where consent is not needed.
South African cookie law position?