Russian legislation requirements for cookies
Posted: Wed Jan 22, 2025 10:42 am
Sites that use cookies must display a notice asking visitors to consent to the use of information they have personally entered and that relates to their interaction with the resource.
The use of such information without permission is prohibited in the Russian Federation by Law 152-FZ "On Personal Data", and in the European Union by the GDPR regulation.
Russian legislation classifies any information directly or indirectly related to a specific person as personal data. Cookies are not mentioned in the regulation, but in essence they are a storage of users' personal data. Proven use of such information without the visitor's consent entails a large fine and even blocking of the resource (in 2016, LinkedIn was subjected to such a punishment).
Fine
To avoid such sanctions, websites benefits of using our homeowner database that use cookies are required to post a "Privacy Policy" or Privacy agreement for European users. The document lists:
what specific data about visitors the resource collects;
how they are stored and used;
what is the purpose of the collected information;
when information is transferred to third parties;
what needs to be done to change or delete data.
Some sites additionally publish a "Cookie Policy" that specifies the types of files used and the purposes for which information is collected.
The cookie notification banner should contain a link to these publicly available documents.
Case: VT-metall
Find out how we reduced the cost of attracting an application by 13 times for a metalworking company in Moscow
Find out how
Use of cookies in the EU and the US
Let's look at the basic requirements for working with cookies in the EU and the USA.
European Union
The collection and processing of cookies in the EU is regulated by the General Data Protection Regulation (GDPR). This document classifies cookies as personal data and sets out strict requirements for their use, aimed at maximum protection of users' personal information.
Pre-filled checkboxes for all cookie categories except strictly necessary ones are prohibited in the EU. In addition, separate consent is required for the use of each type of cookie, while in the Russian Federation it is enough to click OK once to allow the site to collect and store personal data.
The second difference is that the EU has an opt-out button. The visitor can choose whether to allow the site to use them or to continue viewing the content without consenting to the collection of information about themselves.
Use of cookies
United States
In the United States, the use of personal data on the Internet is not regulated at the federal level; only three states have relevant laws: Colorado, Virginia, and California. The term "cookies" as a designation for unique identifiers is present only in the Californian regulation.
In the United States, special attention is paid to the protection of personal data of minors under 13. The Children's Privacy Act (COPPA) is in effect there. This document obliges web resources to obtain the consent of parents and other legal representatives of the child to collect information through cookies. Putting a tick on the website page is not enough; a written consent with a personal signature is required, a scan of which is sent to the operator of the online platform.
Recommended articles on this topic:
Examples of USP to make yours even cooler
Sales Triggers That Have Never Failed
Lead generation - what is it? Basic methods and how to manage them
The use of such information without permission is prohibited in the Russian Federation by Law 152-FZ "On Personal Data", and in the European Union by the GDPR regulation.
Russian legislation classifies any information directly or indirectly related to a specific person as personal data. Cookies are not mentioned in the regulation, but in essence they are a storage of users' personal data. Proven use of such information without the visitor's consent entails a large fine and even blocking of the resource (in 2016, LinkedIn was subjected to such a punishment).
Fine
To avoid such sanctions, websites benefits of using our homeowner database that use cookies are required to post a "Privacy Policy" or Privacy agreement for European users. The document lists:
what specific data about visitors the resource collects;
how they are stored and used;
what is the purpose of the collected information;
when information is transferred to third parties;
what needs to be done to change or delete data.
Some sites additionally publish a "Cookie Policy" that specifies the types of files used and the purposes for which information is collected.
The cookie notification banner should contain a link to these publicly available documents.
Case: VT-metall
Find out how we reduced the cost of attracting an application by 13 times for a metalworking company in Moscow
Find out how
Use of cookies in the EU and the US
Let's look at the basic requirements for working with cookies in the EU and the USA.
European Union
The collection and processing of cookies in the EU is regulated by the General Data Protection Regulation (GDPR). This document classifies cookies as personal data and sets out strict requirements for their use, aimed at maximum protection of users' personal information.
Pre-filled checkboxes for all cookie categories except strictly necessary ones are prohibited in the EU. In addition, separate consent is required for the use of each type of cookie, while in the Russian Federation it is enough to click OK once to allow the site to collect and store personal data.
The second difference is that the EU has an opt-out button. The visitor can choose whether to allow the site to use them or to continue viewing the content without consenting to the collection of information about themselves.
Use of cookies
United States
In the United States, the use of personal data on the Internet is not regulated at the federal level; only three states have relevant laws: Colorado, Virginia, and California. The term "cookies" as a designation for unique identifiers is present only in the Californian regulation.
In the United States, special attention is paid to the protection of personal data of minors under 13. The Children's Privacy Act (COPPA) is in effect there. This document obliges web resources to obtain the consent of parents and other legal representatives of the child to collect information through cookies. Putting a tick on the website page is not enough; a written consent with a personal signature is required, a scan of which is sent to the operator of the online platform.
Recommended articles on this topic:
Examples of USP to make yours even cooler
Sales Triggers That Have Never Failed
Lead generation - what is it? Basic methods and how to manage them