BayLDA analysis reveals disillusioning results: None of the websites investigated tracks in compliance with GDPR

On the occasion of Safer Internet Day, the Bavarian State Office for Data Protection Supervision (BayLDA) audited websites with a large reach with regard to obtaining and documenting user consents GDPR-compliantly. The results are distressing: tracking tools are not used in compliance with data protection regulations on any of the 40 Bavarian company websites investigated.

Three of the seven criteria that a user's consent must meet according to the GDPR were specifically examined:

1. Consent must be given in advance: Data should therefore only be collected once consent has been obtained. Thus, website operators must ensure that the cookie banner is technically linked to the integrated tracking technologies.
Result: Only 8 of the 40 reviewed websites meet this requirement.

2 The consent must be informed. This means: At the time of giving consent, the user must be aware of all circumstances in connection with data processing and knowingly approve them.
Result: Only 4 of the 40 reviewed websites meet this requirement.

3. Consent must be given voluntarily, besides an "Accept" button, a "Reject" button on the cookie banner is therefore essential.
Result: Only 8 of the 40 tested websites satisfy this requirement.

BayLDA Analyse - keine einzige Website trackt DSGVO-konform

The BayLDA evaluates the result as follows: "None of the consents obtained are valid. As a result it is thus illegal to process data through tracking tools requiring consent."

The president of the BayLDA, Thomas Kranig, confirms:

“All the reviewed websites infringe data protection laws when deploying these tracking tools. For the responsible companies, our audit will have consequences. We have decided to put an end to these infringements and to assess initiating summary proceedings.”

How can you ensure that your tracking complies with data protection regulations and that you can still run personalised advertising? This is where a Consent Layer or a Consent Management Platform (CMP) comes into the equation, with which you programmatically obtain, manage and document the consents of your website visitors.

Obtain DSGVO-compliant consent

How can you ensure that you can use your tracking in compliance with data protection and continue to play personalized advertising? At this point, a Consent Layer or a Consent Management Platform (CMP) such as Usercentrics comes into play, with which you programmatically obtain, manage and document the consent of your website visitors. Arrange a free and non-binding demo today!

Knowledge ›
Usercentrics Knowledge Hub: Here we share our knowledge and give you in-depth insights.
Press ›
Usercentrics in the press: Here you will find an overview of our press releases and a history of our articles.
Whitepaper ›
Concentrated knowledge: Our whitepapers give you strategic and operational insights.
Webinars ›
You missed one of our live webinars? We provide the records for you here.
Legal Update
Always up-to-date: With our legal update, we keep you up to date with the latest trends around data protection.
New Whitepaper
Checklists and practical tips for the correct handling of cookies and user identifiers according to GDPR.