Ever since the General Data Protection Regulation (GDPR) came into effect in May 2018, so-called cookie banners on websites have become the norm. When a user visits a website for the first time, a banner or pop-up window will appear, usually at the bottom of the page informing the user about the processing of personal data.
But what is this all about? A cookie is basically nothing more than a small text file in which information is stored. This allows a web server to recognize a user. Keeping the GDPR in mind, the question now arises: setting cookies without informing the user – is that even possible? The answer is: yes and no. No consent is required for cookies that are necessary for the technical operation of a website (e.g. the shopping cart cookie).
According to recital 30 GDPR, website operators require the consent of their users for the use of certain web technologies such as cookies, tracking and retargeting pixels. It should be noted that the GDPR is not limited to cookies, but includes all technologies that process personal data in any way. The name cookie banner is therefore misleading. A simple, to implement the GDPR requirements completely privacy-compliant on a website.
Most certainly. The GDPR has extraterritorial character, meaning that it does not apply only to websites and blogs within the EU, but also to all the websites used by EU visitors- meaning every website worldwide.
7 criteria for a GDPR-compliant consent
How does a GDPR-compliant consent look like? The user’s consent must fulfill 7 criteria in accordance with the GDPR. Due to these 7 criteria the consent must be given freely and in advance as well as documented legally. Furthermore consent must be given informed, explicit and granular. Beyond that the user has the right to revoke the given consent.
How can you ensure that you automatically implement the GDPR consent requirements and have nothing to fear in case of a website audit? And how can you ensure that you can use your tracking data privacy compliant and still play personalized advertising – without fearing fines?
At this point, a Consent Layer or a Consent Management Platform (CMP) such as Usercentrics comes into play, with which you can programmatically obtain, manage and document the consent of your website visitors.
100% GDPR-compliant with Usercentrics
The Usercentrics CMP consists of three main elements: the Privacy Banner (Cookie Banner), the Privacy Center and the Privacy Information Center.
Usercentrics allows you to set up a 100% individual Privacy or Cookie Banner in terms of design, text, data protection strategy (granularity) as well as categorization of integrated technologies. The website operator can thus individualize one’s own requirements. Design your cookie banner according to your ideas and visions, so that it fits flawlessly into the overall website context.
The Privacy Center enables website visitors to define their preferences, as to which technologies their data may or may not be processed and all with just one click. The control element creates great trust in the user and shows the user: Your data is important to us.
The Infocenter informs your users in detail about all technologies integrated on the website. Therefore, you will always meet your information and storage requirements.
You want to know more about the Usercentrics CMP?
The decision to implement a data protection-compliant CMP is ultimately at the discretion of the data protection officer and/or the legal department. These statements do not constitute legal advice. They merely serve to support and inform you about the current legal situation with respect to the implementation of a CMP solution. Please consult a qualified lawyer should you have any legal questions.