Mainpage What should you pay attention to when writing the cookie policy GDPR?

VexFox Blog

What should you pay attention to when writing the cookie policy GDPR?

Table of Contents

According to the GDPR, websites must clearly and comprehensibly inform users about the use of cookies and ask for express consent to the use of non-necessary cookies.

What is a cookie?

Cookies are small data files that websites store in the browser. These are generally used to identify users, store their preferences and track user activities on the website.
Cookies are a means of communication between websites and browsers. When a user visits a website, the website sends cookies to the browser, which the browser stores. These cookies may contain various information, such as unique identifiers, user preferences, login data or traces of the user's activities.

What does the GDPR define regarding cookies?

The legislation regarding cookie management is defined by the GDPR (General Data Protection Regulation) and the e-Privacy Directive, which are valid in the European Union and the European Economic Area. These laws require websites to make the cookies they use transparent and to give the user the choice to accept or reject them, as well as to withdraw previously accepted cookies. The service must be provided even if users reject certain cookies.

Cookie manager

The best practice is to use a cookie management tool that displays a notification or banner on the first visit to your website that informs users about data management and gives them the option to accept or reject cookies and data management. The cookie management tool must allow users to choose which cookies and data management they accept and to change their settings at any time.

Some examples of cookie management tools are:

• Cookie bot
A tool that automatically maps the cookies and data management used on your website and displays a customizable banner that allows users to accept or reject them. Cookiebot helps you comply with GDPR and e-Privacy directives and is available in more than 40 languages.
• OneTrust

A tool that helps you manage cookies and data management on your website and displays a customizable notification that allows users to accept or reject them. OneTrust helps you comply with GDPR and e-Privacy directives and is available in more than 100 languages.

• Osano
A tool that helps you manage cookies and data management on your website and displays a customizable banner that allows users to accept or reject them. Osano helps you comply with GDPR and e-Privacy directives and is available in more than 30 languages.

How is the cookie manager structured?

Description of cookies
What are cookies? What are they for?

Information
For what purposes does the website use cookies?

Option
Let's assure users that you only accept the cookies you want.

Consent
Express consent is required for essential cookies.

Subsequent withdrawal
It must be possible to subsequently withdraw previously accepted cookies.

Custom cookie manager?

To create your own cookie manager, you need appropriate programming skills, knowledge of laws and guidelines, and accurate mapping of your website's cookies and data management. This can take a lot of time, energy and money, and the end result may not meet legal requirements and user expectations. If you are not sure how your own cookie manager works, you can also risk sanctions, such as a fine, a data protection incident, or the shutdown of your website

In practice

There are more than 1.09 billion websites in the world, of which 18% are currently active. Around 30% of operational websites appeared to comply with EU/UK data protection laws. These data show that some websites still do not fully comply with the GDPR's cookie information requirements.