European Union: EU Privacy Regulations: Consent Requirements In An On-Line Environment.

Last Updated: 6 November 2013
Article by Felix Hofer

1. The Privacy Regulations in force within the European Union are currently contained in two Directives: (a) the original Data Protection Directive (No. 95/46/EC of 24 October 19952 "on the protection of individuals with regard to the processing of personal data and on the free movement of such data"), (b) the ePrivacy Directive, adopted a few years later (No. 2002/58/EC of 12 July 20023) with the specific intent to regulate "the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications)".

Both Directives provide for a strict opt-in system and therefore require that "... that personal data may be processed only if: (a) the data subject has unambiguously given his consent" (so Article 7 of Directive No. 46/1996) and set (b) that " ... the use of electronic communications networks to store information or to gain access to information stored in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned is provided with clear and comprehensive information in accordance with Directive 95/46/EC, inter alia about the purposes of the processing, and is offered the right to refuse such processing by the data controller. This shall not prevent any technical storage or access for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network, or as strictly necessary in order to provide an information society service explicitly requested by the subscriber or user" (so Article 5/3 of Directive No. 58/2002).

In 2009 Directive No. 2009/136/EC4 has amended the provisions of Article 5/3 mentioned above with the following wording: "Member States shall ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia, about the purposes of the processing. This shall not prevent any technical storage or access for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service." In short, the provisions previously in force has been significantly strengthened by affirming the need of data subject's "informed prior consent" for placing any - not strictly functional – access mechanism on an end user's technical equipment.

No doubt, that in a society where more and more business activities are performed on-line, such consent requirements pose significant practical and technical challenges. In order to avoid differing interpretations and with the intent to offer useful guidance to the national Privacy Commissioners of the countries members to the European Union, the Article 29 Working Party5 has dedicated repeated efforts to the task of how consent should be obtained from data subjects in an on-line environment.

2. Already back in 2010 the Working Party explained – in its Opinion 2/2010 [WP 171] adopted on 22 June 2010 and focusing on online behavioral advertising – that the ePrivacy Directive, in its amended version, was clear about the fact that ".. an ad network provider who wishes to store or gain access to information stored in a user's terminal equipment is allowed to do so if: i) it has provided the user with clear and comprehensive information...., inter alia, about the purposes of the processing and; ii) it has obtained the user's consent to the storage of or access to information on his or her terminal equipment, after having provided the information requested under i)", additionally clarifying that "i) consent must be obtained before the cookie is placed and/or information stored in the user's terminal equipment is collected, which is usually referred to as prior consent and ii) informed consent can only be obtained if prior information about the sending and purposes of the cookie has been given to the user. In this context, it is important to take into account that for consent to be valid whatever the circumstances in which it is given, it must be freely given, specific and constitute an informed indication of the data subject's wishes. Consent must be obtained before the personal data are collected, as a necessary measure to ensure that data subjects can fully appreciate that they are consenting and what they are consenting to. Furthermore, consent must be revocable."

The Working Party then passed on to indicating how consent could be – legitimately - obtained in an on-line environment and to flagging some criteria to the attention of the advertising and marketing industry. With respect to browser settings is was felt that including the basic uses/purposes of third party cookies in a website's general terms and conditions and/or privacy policy does not meet the requirement of 'informed prior consent'. Neither is 'consent by implication (i. e. by use)' to be deemed as a viable solution. Technical means capable of "bypassing" users' browser settings meant to block cookies are also not acceptable. Finally, browser settings with agreement to receive future cookies in bulk are definitely incompliant.

To the purpose of achieving a valid consent, browser settings must engage data subjects in an "affirmative action" resulting in a clear choice in favor of accepting cookies and must "convey clear, comprehensive and fully visible information" about cookies' uses and purposes.

Therefore, generic warnings about the placement of cookies and their uses and purposes may not be considered as a suitable solution. The same goes for "opt-out" mechanisms and their 'implied choices': in the Working Party's opinion, they are not apt to result in compliance with the consent requirement.

While admitting to be "conscious of the current practical problems related to obtaining consent, particularly if consent is necessary every time a cookie is read for the purposes of delivering targeted advertising" and to be ware about the fact that in the ePrivacy Directive's wording ".. users' acceptance of a cookie could be understood to be valid not only for the sending of the cookie but also for subsequent collection of data arising from such a cookie" (therefore covering also the ".. subsequent 'readings' of the cookie that take place every time the user visits a website partner of the ad network provider which initially placed the cookie"), the Working Party feels that such an interpretation could easily result in a "once-for-ever" acceptance practice, not exactly in line with the Directive's intention. It therefore considers essential implementing safety measures, such as: limiting the scope of consent in time (e. g. no longer than one year, with a limited lifespan of cookies placed) and seeking for a renewal of consent after such period, offering additional information about the fact that consent will imply targeted advertising (with specific indications about the networks performing such practice), alerting periodically that monitoring is in place and providing a user friendly and easy to activate mechanism for revoking consent previously given.

3. In the following year, the Working Party released another extensive document – Opinion no. 15 [WP 187] dated 11 July 2011 – on the topic, meant to clarify the exact meaning of some terms frequently used in EU Privacy Regulations. This opinion intends to meet a specific request for input submitted by the EU Commission in order to achieve a better and common understanding on expression such as "indication", "freely given", "specific", "unambiguous", "explicit", "informed". The Commission's concern originated from the fact that " the online environment - given the opacity of privacy policies - it is often more difficult for individuals to be aware of their rights and give informed consent. "

On the premise that in the current EU Privacy Regulations "consent is used ... both as a general" (even though not the exclusive one) "ground for lawfulness .." [of the processing of an individual's personal data] "and as a specific ground in some specific contexts", the Working Party found that "Member States have taken their own approach and, in some cases, this has led to diversity. The concept of consent has not always been transposed word for word at national level."

So, what are we to consider when confronted with the requirement of 'informed, freely given, specific, explicit and unambiguous consent'?

In the conclusions of its Opinion, the Working Party summarizes the essential characteristics of such requirement and explains that "consent":

  • Is one (but not the only one) of the legal grounds for legitimate data processing,
  • When sought, has to comply with the indications set by Directive no. 46 of 1999 (and with some additional aspects established in Directive no. 58 of 2002),
  • When obtained, does not exempt the data controller from all the other compliance obligations set by the Directives (such as the proportionality principle and the adoption of technical measures suitable to grant safe processing),
  • Must be obtained from individuals in their full legal capacity,
  • Is always subject to data subject's right of withdrawal,
  • Must necessarily be achieved before the processing starts, and

then additionally clarifies that consent may be considered as:

  • 'Freely given', only if obtained without any "risk of deception, intimidation or significant negative consequences for the data subject" eventually not agreeing to the processing,
  • 'Specific', when it relates to the exact purposes of the processing as exposed in the in-advance notice provided to data subjects (therefore no 'blanket consent' being allowed),
  • 'Informed', when extensive and adequate information has been provided to data subjects before the start of the processing, being implied that such information has to be offered not in "overly complicated legal or technical jargon", but in in appropriate and easy to understand language as well as directly and in an easily accessible way (therefore 'availability somewhere' not meeting such requirement),
  • 'Explicit', if achieved through an "active response", allowing no doubts about data subject's 'express wish' to have its data processed for a certain – specified – purpose (where pre-ticked consent boxes would not result as a suitable mean),
  • 'Unambiguous', only where there is a mechanism or action in place that show individual's clear agreement to the processing (being obvious that 'consent by implication' is not deemed as acceptable).

In its final remarks the Working Party also stresses that in an on-line environment "explicit consent as a general rule for all types of processing" does not appear to result in an effective and adequate standard. On the contrary, "unambiguous consent" – especially if additionally clarified and defined, in the context of the upcoming revision of the current Privacy regulations - would not only encompass 'explicit consent', but would also offer data controllers broader flexibility in coming up with simple and user friendly technical solutions for collecting and substantiating individuals' consent to the proposed processing.

4. Just one year later the Working Party felt appropriate dealing with some aspects related to the so-called Cookie Directive (i. e. Directive no. 2009/136/EC), amending parts of the ePrivacy Directive (No. 2002/58/EC). With the aim of offering providers guidance on when they may consider themselves as exempt from seeking and obtaining users' consent for placing cookies or similar access mechanism on an individual's terminal device, it issued Opinion no. 4 [WP 194] of June 7th, 2012.

According to the Opinion the following may legitimately claim the benefit of consent exemption as provided by the criteria laid down in Directive no. 2009/136/EC6: "User input cookies" (i. e. first party 'session cookies', expiring at the session's end), "Authentication cookies" (identifying users once they have logged in; but if used for secondary purposes such as behavioral monitoring or advertising, exemption would not apply), "User centric security cookies" (also known as 'flash cookies', used for storing technical data needed to play back video or audio content; but no additional information must be collected), "Load balancing session cookies" (which allow to distribute web server requests over a pool of machines instead of just one), "User interface customization cookies" (simply meant to store a user's preference – e. g. as to language or result display - regarding a service across web pages), "Social plug-in content sharing cookies" (usually allowing social networks users to share contents they like with their 'friends'; but attention has to be paid in order to make sure that the exemption criteria are exactly met).

In the Working Party's view the following instead fall under the user consent requirement: "Social plug-in tracking cookies" (when not strictly necessary and functional, but used for tracking individuals, both members and non-members, with third party cookies for additional purposes such as behavioral advertising, analytics or market research), "Third party cookies" (when 'operationally' used for behavioral advertising purposes), "Cookies used for first party analytics" (i. e. for statistical audience measuring of websites, for detecting the preeminent search engine keywords or for tracking down navigation habits; even though for such systems the WP finds that in most cases "analytics cookies are not likely to create a privacy risk when they are strictly limited to first party aggregated statistical purposes and when they are used by websites that already provide clear information about these cookies in their privacy policy as well as adequate privacy safeguards")

5. Earlier this year the Working Party specifically addressed privacy concerns and issues involved by the simply booming use of apps on smart devices. Opinion no. 2 [WP 202] of 27 February 2013 contains a section dedicated to consent requirements in such particular context.

Considering that "when installing an app, information is placed on an end user's device" and that "many apps also access data stored on the device" (such as: contact details, addresses, images, other personal documents, etc.), it is quite clear that under the ePrivacy Directive such a practice needs to be covered by users' consent. While such requirement may be sufficiently met by downloading and installing an app (after clicking an "install" button) for such initial purpose, collecting information from an end user's device is clearly a different issue and needs the targeted individual's informed, freely provided and unambiguous affirmative choice. Therefore a "Yes I accept option" will not result suitable for meeting specific consent requirements: all purposes and further uses of the collected information will have to made patent and behavioral monitoring and profiling practices will have to be laid open. Different types of data accessed and collected by an app cannot achieve proper consent by simply clicking on an "Install" button, as consent may not result in a general or generic authorization formula, but in some cases may involve "granular acceptance"7. In addition, app developers will be well advised by carefully considering that, even after having achieved users' consent, they have no free license for excessive or disproportionate processing of the data collected through the app. They should also remind that all processing purposes – as explained in the in-advance notice – must be strictly maintained and that any significant changes to their business models will require a new notice and additional consent. Finally, they will have to bear in mind that business partners or third parties, capable of gaining access through data collected via an app, are hold to respect strictly the processing purposes revealed to app users.

6. Recently the Working Party, aware of "a range of practical implementations .... developed by websites in order to obtain consent for the use of cookies or similar tracking technologies", has felt necessary offering further guidance on issues relating to the achievement of proper consent for cookie placement on an end user's device.

It has therefore delivered additional suggestions - in Opinion no. 2 [WP 208] dated 2 October 2013 – to website operators and providers of on-line services making use of cookies for various purposes, such as: enhanced functionalities, analytics, targeted advertising or product optimization. In the Working Party's view, operators are free to use any suitable mean for achieving consent, as long as their practices are apt to inducing targeted individuals to validly agreeing on the processing of their personal information through the use of cookies or of similar technologies.

On such premise, the Working Party starts by individuating the most common means put in place in order to seek for users' consent and finds that operators and providers tend to rely on the following systems:

  • "an immediately visible notice that various types of cookies are being used by the website, providing information in a layered approach, typically providing a link, or series of links, where the user can find out more about types of cookies being used,
  • an immediately visible notice that by using the website, the user agrees to cookies being set by the websites,
  • information as to how the users can signify and later withdraw their wishes regarding cookies including information on the action required to express such a preference,
  • a mechanism by which the user can choose to accept all or some or decline cookies,
  • an option for the user to subsequently change a prior preference regarding cookies."

With respect to such systems, the Working Party feels that, "although it is important to note that whilst each" [practice] "may be a useful component of a consent mechanism, the use of an individual practice in isolation is unlikely to be sufficient to provide valid consent as all elements of valid consent need to be present". It therefore passes on to reminding the main elements of valid consent, consisting in "specific information, prior consent, indication of wishes expressed by user's active behaviour and an ability to choose freely", where:

  • 'Specific information' has to consist in "clear, comprehensive and visible notice on the use of cookies, at the time and place where consent is sought", e. g. the entry page of a webpage where a user's browsing session starts and where "users must be able to access all necessary information about the different types or purposes of cookies being used by the website" or should at least find a link to a location with a detailed description of the cookies in use as well of the cookies' purpose(s); such 'necessary information' would also have to include indications about aspects such as: placement of third party cookies or third party access to data collected via operator's cookies, cookies' expiry date and users' choice on (complete or partial) acceptance or refusal of cookie placement
  • 'A time requirement' must be considered, which involves an obligation of providing a consent system not allowing to set a cookie on a user's device before the latter has made an explicit choice in favor of such placement,
  • 'A clear acceptance' requirement has to result in a mechanism through which an adequately informed user can express – by adopting an active behavior or a positive action – his/her express choice in favor of the placement of cookies and the collection of his/her personal information through them. Such mechanisms may typically ".. include splash screens, banners, modal dialog boxes, browser settings .." and expressing a choice via an 'active behavior or a positive action' may consist in ".. clicking on a link, image or other content on the entry webpage ..", provided the choice is based on clear and comprehensive information about cookies' purposes and is expressed via a system (e. g. an "Accept" button), made available close to the location of such information. User's choice therefore must always result expressed in 'conjunction' with comprehensive purpose information. User's passive attitude and absence of active behavior will never be considered as correct fulfillment of the requirement,
  • 'Freely given consent' means that users must find at their disposal – right on the entry page – a mechanism allowing a real and meaningful choice with respect to cookie use on their terminal devices and offering an option to accept (entirely or partially) or to decline such placement. Browsing a website without receiving cookies (or by receiving just some of them) should be a standard situation for users and 'general access' to a site should not result conditional on consent to cookie use; such condition may cover and limit only access to certain, specific content.

Finally, the Working Party reminds operators and providers that cookies not functional and necessary to delivering a certain service, but intended to offer additional benefits must always provide for a real acceptance choice. An identical obligation has to be fulfilled with respect to cookies primarily set for tracking purposes.

7. To conclude, website operators and providers of services of the Internet society will have to accept the fact that under EU privacy regulations consent by implication mechanisms (such as: "By entering, using, registering, browsing, ... you accept") will be deemed as suitable for achieving valid consent only in very few cases, i. e. when accompanied by – detailed, clear and easily accessible - purpose information and by additional systems allowing to show user's conscious, meaningful and positive choice in favor of a certain data or cookie use and purpose. Here lies the technical challenge to the industry and its capacity of developing consent achievement mechanisms viable in the day-by-day reality of an on-line environment.


Felix Hofer is a named and founding partner of the Italian law firm Studio Legale Hofer Lösch Torricelli, in Firenze (50132), via Giambologna 2/rosso; he may be reached through the following contact details: Phone +39.055.5535166 , Fax +39.055.578230 – e-mail: (personal) or (firm e-mail).

2 Directive no. 95/46/EC of 24 October 1995 may be found at:

3 Directive no. 2002/58/EC of 12 July 2002 may be found at:

4 Directive no. 2009/136/EC of 25 November 2009 may be found at:

5 The Working Party was set up under Article 29 of Directive 95/46/EC. It acts as an advisory body to the EU Commission and has the specific task of: (a) offering expert opinion from member state level on questions of data protection, (b) promoting harmonized application of the general principles of the Directives in all Member States through co-operation between data protection supervisory authorities, (c) advising on any Community measures affecting the rights and freedoms of natural persons with regard to the processing of personal data and privacy. Its tasks are detailed in Article 30 of Directive 95/46/EC. All EU Member States have a representative is this body and the national DPAs will always conform their activities to the indications issued by this Advisory Board.

6 According to the Directive cookie placement goes exempt from the requirement of informed consent only if the cookie: (a) is used for "the sole purpose of carrying out the transmission of a communication over an electronic communications network", (b) "is strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide the service".

7 According to the Working Party "granular consent means that individuals can finely (specifically) control which personal data processing functions offered by the app they want to activate", so Opinion no. 2/2013, page 15.

(Reference date of this paper: November 2013)

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

Felix Hofer
Some comments from our readers…
“The articles are extremely timely and highly applicable”
“I often find critical information not available elsewhere”
“As in-house counsel, Mondaq’s service is of great value”

Mondaq Advice Centre (MACs)
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.


Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.


Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.


A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.


This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at and we will use commercially reasonable efforts to determine and correct the problem promptly.