If you have a website, you are obliged by law to prevent tracking cookies from being stored in your users’ browser until they have given their explicit consent. Here we present three simple ways to retain cookies until you get a cookie consent.
#GDPR #cookie #consent
Read more about cookies: What is a cookie?
However, all websites must ensure they do not store cookies that process personal data (tracking cookies) until the user has given their explicit consent.
What does the law say?
Many people think that all cookies fall under the rules in the ePrivacy Directive of 2002 (revised 2011). It states, that if websites want to store information (cookies) on a user’s terminal equipment (computers, smartphones, tablets), the user must be properly informed of the storage. In this case, it is enough just to inform your users that cookies are being stored.
Link: European Parliament and councils’ ePrivacy Directive
In essence this means, that silence, pre-ticked fields or inactivity do not constitute consent to the GDPR!
Thus, consent must be a voluntary, specific, informed and unambiguous statement by the user that personal data concerning the user can be processed by third parties.
Please note that consent is not required for strictly necessary/technical cookies. These can be user validation cookies, authentication cookies or electronic shopping carts.
Are you in doubt which cookies collect and process your visitors’ personal information? Be on the safe side. Here we present three simple solutions to prevent all cookies being set until you have obtained a valid cookie consent.
The easy way: Don't have any cookies on your site! – Tracking free zone
Just avoid having tracking cookies on your site – entirely. Create a tracking free zone where personal information about your visitors is not collected by third parties, and where your website only uses technically necessary cookies. Then you do not have to figure out which cookies process personal information and therefore require explicit consent. As such, you also avoid cookies being set before you obtain a valid consent.
However, this is difficult because you are cut off from functions that you may want to use commercially. Most website owners like to have cool widgets on their site like newsletter sign-up forms, Google Maps integration, or being able to analyze visitor behavior with Google Analytics. This is completely understandable. These add-ons make the website more dynamic and may help your company get a better overview of your customers promoting sales.
The hard way: Code it all yourself!
Are you a qualified backend developer and do you have loads of time, you can, in principal, code it all yourself. Identify all scripts on your site that set cookies, write a script that blocks cookies from being set until your user has given an explicit consent and implement it in your website’s source code – voilà. Far from all developers have the necessary time to build these kinds of in-house solutions. One thing is to develop the scripts necessary; another thing is to keep track of the millions of cookies that exist. A company's web developer has many tasks, and this should not be one of them. But what then?
The right way: Cookie Information’s SDK
The right solution for your business is already here. Cookie Information has developed a Software Development Kit (SDK) for its Consent Solution customers. The SDK is applicable on any CMS system and will ensure that your website does not store cookies in the user’s browser until the user has given his or her explicit consent. When doing so, your website can reach the ultimate goal of GDPR compliance regarding cookies.
Cookies Information’s SDK works like this: it creates a “ring” around each script in the source code that sets cookies. The SDK scans the cookie banner to find whether the visitor has given consent to cookies – or only to some categories of cookies (functional, statistical or marketing). With this knowledge the SDK can retain cookies and ensure that they are not stored in the user’s browser unless the user has given an explicit consent to it.
In addition to the legal aspects of the GDPR recital 32 and part 66 of the ePrivacy Directive, retaining cookies also concerns your visitors’ right to online privacy.
Respecting online privacy creates trust among your visitors. If you are not in control of which third parties track your visitors, it may create distrust among your customers. Third-party collection of your customers data may also result in their later exposure to advertising from competing products and services.
The SDK solution from Cookie Information is free to use when you are a Consent Solution customer. And best of all: you can implement it yourself. Read our guide and get started.
Link: How to implement SDK? A complete Introduction to SDK (English)
However, if you would like to avoid entering your website’s engine room, we can take care of everything for you.
Contact us today to get started with Cookie Information’s SDK. With our solution you will comply completely with GDPR rules for privacy and cookies.
Moreover, your customers will also get the impression that you respect their right to online privacy and that will be a competitive advantage for your business.