PECR Cookie Compliance Template

PECR governs cookies, electronic marketing, and communications security in the UK. Unlike UK GDPR it has its own consent standard for cookies. This template covers cookie compliance, consent banners, and the interaction between PECR and UK GDPR.

Quick Answer

PECR sits alongside UK GDPR for UK businesses. It sets a consent requirement for non-essential cookies that is stricter than any legitimate-interests basis. The soft opt-in exception for email marketing only applies to existing customers for similar products. ICO enforcement of cookie and marketing violations is active and regular.

Compliance Checklist (8 items)

Audit all cookies and trackers on your website — categorise as strictly necessary, functional, analytics, or marketing
Strictly necessary cookies do not require consent — all others do; do not pre-tick optional cookie categories
Implement a consent management platform (CMP) that records consent with timestamps and allows withdrawal
Do not load analytics or marketing scripts until consent is obtained — server-side tagging does not exempt you
For email marketing, obtain prior consent unless the soft opt-in exception applies (existing customers, similar products)
Include a clear unsubscribe mechanism in every marketing email and honour opt-outs immediately
For business-to-business calls, screen against the TPS/CTPS before calling
Combine PECR cookie policy with your UK GDPR privacy notice or link clearly between the two

Penalty if not compliant

ICO can issue monetary penalty notices up to £500,000 for serious PECR breaches. The maximum increases to £17.5M under the proposed updated regulations. The ICO actively enforces unsolicited marketing with fines regularly in the £50K–£200K range.

Need this turned into a real document?

Our compliance sprint service delivers production-ready documents tailored to your organisation in 5–15 business days. A senior compliance specialist reviews every document before delivery.

Get Expert Help →Browse All Templates

PECRcookie compliance UKcookie consentemail marketing GDPRPrivacy and Electronic Communications RegulationsICO cookies