nerdexam
Isaca

CDPSE · Question #375

Which of the following is MOST important for an organization to include in its website's cookie policy?

The correct answer is A. Reason for collecting data using cookies. A cookie policy exists primarily to fulfill transparency obligations under privacy regulations (such as GDPR and CCPA). Telling users WHY cookies are used - the purpose and legal basis for data collection - is the core legal and ethical requirement. Without this, the policy fails

Privacy Governance

Question

Which of the following is MOST important for an organization to include in its website's cookie policy?

Options

  • AReason for collecting data using cookies
  • BSecurity controls to protect data
  • CImpact of selecting the option to disable cookies
  • DData retention period for browsing history

How the community answered

(43 responses)
  • A
    91% (39)
  • B
    5% (2)
  • C
    2% (1)
  • D
    2% (1)

Explanation

A cookie policy exists primarily to fulfill transparency obligations under privacy regulations (such as GDPR and CCPA). Telling users WHY cookies are used - the purpose and legal basis for data collection - is the core legal and ethical requirement. Without this, the policy fails its fundamental function. Security controls (B) belong in internal documentation, not the public cookie policy. Disclosing the impact of disabling cookies (C) and data retention periods (D) are supplementary details that support the primary purpose but are not the most critical element on their own.

Topics

#Cookie policy#Transparency#Informed consent#Data collection purpose

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice