Norwegian cookie guidelines explained

What are the rules for using cookies in Norway? 

And how do you collect valid consent to cookies? 

Here’s everything you need to know about the Norwegian cookie guidelines.

Norwegian cookie guidelines - what are the rules?

There has been a lot of confusion around the rules for using cookies in Norway the recent years.

The question has been: To collect consent or not to collect consent to cookies. And how?

The confusion comes from the interpretation of the national Electronic Communications law (EKOM) and whether the GDPR applies to Norwegian websites.

But after the European Court of Justice in 2019 ruled in the case against German lottery website Planet49 and their cookie banner practices, the Norwegian Communications Authority (Nasjonal kommunikasjonsmyndighet – NKOM) has declared:

  • If you use cookies that collect your website visitors’ personal information, you must collect a GDPR consent

Here’s how it works.

There are two laws central to the use of cookies in Norway:

  • Electronic Communications Law (EKOM)
  • General Data Protection Regulation (GDPR)

Which one you shall use depends on whether the cookies you use collect your users’ personal information or not.

The 7 key rules for using cookies in Norway

  • Inform your users of the cookies you use
  • Allow users easily to accept or reject cookies
  • Collect consent by purpose (marketing, statistics, functional cookies)
  • Don’t use pre-ticked checkboxes (for cookie purposes)
  • Make it easy to change or withdraw consent
  • Obtain consent before cookies are set/used
  • Store all user consents for 5 years

FAQ on cookies and consent in Norway

Q:

Do we use cookies on our website?

A:

Most websites use cookies. These are either technically necessary cookies used for making the website work (e.g., remember language preferences, login settings, shopping cart cookies), or cookies set through your website by some of the services you use like for example Google Analytics, Facebook, Instagram, LinkedIn, Hotjar etc.

Q:

Can we use Google Analytics without consent?

A:

No. Google Analytics is using multiple cookies that collect your visitors’ personal information which is used to provide you with insights into audience, acquisition and behaviour. That’s made possible with persistent cookies that track the user across your website. If you use Google Analytics, you should definitely collect valid GDPR consent to cookies.

Q:

How do I know if my website is GDPR cookie compliant?

A:

You have it checked. By a Consent Management Platform provider – like Cookie Information – which can easily and quickly assess whether your website uses cookies that are not collected consent for. Get a free compliance check here with Cookie Information. No strings attached.

Add Your Heading Text Here

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Benefit 1
Benefit 2
Benefit 3