What cookies are used on the Volcanic platform?
The Volcanic platform uses these cookies:
volcanic_saved_jobs_id - This is used to store some jobs for users before they register on the website. These jobs can then be logged on the users account when they do register.
volcanic_rumble_uid - This cookie name is associated with Volcanics CMS platform tracking. It is used to track and record the unique actions of each user on the website. By default it has no expiry date. The main purpose of this cookie is: Performance
_user_logged_in - This cookie name is associated with Volcanics CMS platform tracking. It is used to keep the user logged in if they leave the website and return. By default it expires after the users session ends. The main purpose of this cookie is: Performance
_oliver_session - This cookie name is associated with Volcanics CMS platform tracking. It is used to track the users session on the website for Analytics. By default it expires after the users session ends. The main purpose of this cookie is: Performance
First of all, it's important to understand the relationship between the GDPR and the ePrivacy Directive. In a nutshell, the GDPR provides overarching legislation to govern all aspects of processing personal information, whereas the ePrivacy Directive has a tighter focus on communications and internet services. This means in practice that it relies on the general rules of the GDPR and adds more specific requirements within its own remit. It will ultimately remove differences in interpretation of the cookie rules in different countries.
Where are cookies mentioned in the GDPR?
The GDPR mentions cookies once, in Recital 30:
Natural persons may be associated with online identifiers…such as internet protocol addresses, cookie identifiers or other identifiers…. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.
What this essentially means is that cookies, where they are used to identify the device or, in combination with other data, the individual associated with or using the device, should be treated as personal data.
Privacy and Electronic Communications Regulations (PECR)
Cookies are governed by the Privacy and Electronic Communications Regulations (PECR) which sit alongside the Data Protection Act. In recognition of the forthcoming changes, the European Commission has launched a public consultation as part of a process for a revision of the ePrivacy Directive from which the EU cookie laws are derived.
The PECR do not set out exactly what information you must provide or how to provide it – this is up to you.
In regulation 6 of the PECR, it is set out that you should:
- Tell people that the cookies are there
- Explain what the cookies are doing and why
- Get the individual’s consent to store a cookie on their device.
Volcanic is supporting the recruitment industry towards GDPR compliance. Make sure your and your team are trained in GDPR awareness using our free resources: watch our GDPR awarenesss training video here.