What the GDPR is, and how you can comply with it
Do you comply with the GDPR? In this article, I will look at what the GDPR consists of and what this means for website owners like you and me.
Are you tired of constantly seeing cookie banners pop up on every website you visit? Are you wondering if you need to put them on your website? Well, let’s find out why cookie banners are important. In this article, I will explain what you need to take into account when dealing with the Cookie Law, the GDPR, and cookies on your website. .
A browser cookie is a small piece of data that is stored in your web browser. Technically a cookie is an unencrypted string for max 4kb which can be set with an expiration date. It is actually quite old technology, about 20 years old. When you visit a website, the website may send a cookie to your browser, which is then stored on your computer. The next time you visit the same website, your browser will send the cookie back to the website, allowing the website to remember your previous activity.
Cookies are commonly used to personalize your browsing experience, track your activity on a website, and save your login credentials so you don’t have to enter them every time you visit a website. However, they can also be used for more nefarious purposes, such as tracking your online activity and collecting personal information without your knowledge or consent. Because of this, many browsers offer the ability to block or delete cookies.
As you can see cookies have many different functions. Because of this, there are also different types of cookies. Cookies can be categorized by how long they last, who places them, and their function.
These cookies are temporary cookies that are stored in the user’s browser while they are visiting a website. They are deleted when the user closes their browser or after a certain period of time has elapsed. Session cookies are used to store information that is needed while the user is using the website, such as items in a shopping cart.
These are stored on the user’s device for a set period of time, even after the user has closed their browser. Persistent cookies are often used to store user preferences or to track a user’s activity across multiple visits to a website.
These cookies are set by the website that the user is visiting and are only accessible by that website. First-party cookies are typically used to store user preferences or to track the user’s activity on the website. These are frequently used as a replacement for third-party cookies..
These notorious cookies are set by a domain other than the website that the user is visiting. Third-party cookies are often used for tracking and advertising purposes. Now, the use of these cookies has been banned. Even Google Chrome will deprecate them in the near future.
These are transmitted over an encrypted connection and are used to secure the transmission of sensitive information, such as login credentials or financial data.
I hope that cleared up some of the confusion around the different cookie types. Now, you might be wondering; but if these cookies have been around for a while, why do we need to use cookie banners now all of the sudden? You guessed it, privacy laws.
Cookie compliance issues do not originate from the GDPR, as many people believe. To protect electronic privacy, including the use of email marketing and cookies, a directive called ePrivacy Directive 2002/58/EC (also called “the cookie law”) was created before that. Rather than repealing the GDPR, the ePrivacy Directive complements it in a sense.
A Cookie Banner Law protects the privacy rights of consumers, allowing them to consent to companies collecting, storing, and using their personal information. As you probably know, website users must explicitly consent to cookies being used on their websites. If you do not comply with this you might get into trouble.
There are no specific penalties set in the EU Cookie Legislation because it is not a law. Laws and penalties must be established by local governments instead. As a result, the penalties you may receive if you do not comply may vary from state to state.
Typically, local regulators will take one of the following actions if you aren’t in compliance:
Plenty of reasons to consult your lawyer. But don’t worry. Just make sure you comply with the guidelines of the Cookie Law and you will be fine.
Then of course the next question is, how do I do that? Again, I want to state that you should always consult legal counsel but in general the Cookie Consent Law and GDPR require websites to comply with the following requirements:
Websites display cookie banners informing users that cookies are being used. There is usually information about what types of cookies are used on the website and how they are used.
It is important to remember that the requirements listed above are the minimum requirements. There may be differences in cookie banner content requirements from country to country, depending on the views of the respective DPA.
Well, that was a lot of information. If you made it this far, great! The most important takeaway from this article is that you need to be careful with the use of cookie banners on your website. If not, you might be violating regulations and ignoring your users’ wishes. You probably came to this article because you want to avoid those situations.
Hopefully, you learned something, and see you at the next one!