Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Slovenia: Commissioner publishes new guidelines on the use of cookies

On December 20, 2023, the Information Commissioner (the Commissioner) issued new guidelines on the use of cookies and similar tracking technologies. The Commissioner explained that the revised guidelines unify the cookie requirements arising both from national control procedures and issued opinions, as well as from the guidelines and recommendations of the European Data Protection Board (EDPB). According to the Commissioner, the guidelines are aimed at giving website operators simple, clear, and transparent guidance on how to use cookies in practice while complying with current legislation.

What do the guidelines entail?

The guidelines are divided into four chapters with the first and second chapters discussing the basic concepts and types of cookies and similar technologies such as web beacons and browser fingerprinting. The guidelines clarify that the term cookies refers to all technologies that enable the storage or retrieval of data from a user's equipment.

The third chapter highlights the legal framework regarding the use of cookies including the Electronic Communications Act (ZEKom-2) and the new Personal Data Protection Act (ZVOP-2). Notably, the guidelines state that under ZEKom-2 the use of cookies can only be permitted if the subscriber or user has given their consent. According to the guidelines, consent is not required for cookies which are strictly necessary to provide an information society service explicitly requested by the subscriber or user.

How can organizations use cookies while complying with relevant legislation?

Finally, the last chapter of the guidelines provides practical measures organizations can take to ensure compliance with relevant legislation when using cookies. These measures include:

  • determining the type, purpose, and duration of cookies in use;
  • assessing the need for all the cookies in use based on the services offered;
  • checking whether the invasiveness of cookies can be reduced;
  • informing users about cookies in an easily accessible, clear, and understandable way;
  • ensuring that users consent to the use of cookies; and
  • placing the option to revoke consent to the use of cookies in a visible place.

You can read the press release here and the guidelines here, both only available in Slovenian.