Cookies are not only tasty, but also useful for online marketing
We will tell you more about what the GDPR is and how you should properly implement cookies consent. In the last few weeks this has been an important topic, because there are cookies that can only be set if there is active user consent – an aspect that not everyone has done correctly so far.
What is the GDPR really about and who is affected by it?
The data that are considered in the General Data Protection Regulation (GDPR) are personal data:
• E-mail address
• Telephone number
• Account details
• License plate
• Location data
• IP addresses
Are these data actually allowed to be used?
The collection, processing and use of personal data is generally prohibited, unless one of two exceptions applies: the data subject’s consent is obtained or there is a law that permits the use of this data.
Now that it is clearer what GDPR is, let’s move on to the tasty and useful cookies:
First of all, it is important to distinguish between the various cookies at a technical level:
• Technically necessary cookies: These are cookies that are essential for the functioning of a website. The following aspects are to be taken into account: Login data, language selection, shopping cart data, content tools, and cookies that are deleted when the browser is closed.
• Cookies that are not technically necessary: These cookies are not necessary for the functioning of the website, therefore we are talking about the marketing and tracking cookies. Among these are: tracking cookies, segmentation cookies, analysis cookies, and social media cookies.
The “technically necessary cookies” do not require explicit consent, but the “not technically necessary” do.
Until recently, “opt out” was still used as a common cookie consent option. This should change now.
But, what does “opt in” and “opt out” actually mean?
• Opt out: Cookies are installed from the beginning, consent is therefore pre-selected and users can only object to the storage of data at a later date.
• Opt in: Cookies are only installed after the user’s active consent, and thus the associated storage of data.
Which is the correct way to obtain users consent?
Consent must be based on the following aspects:
• Explicit: An explicit consent must be given.
• Transparent: Users must be informed which cookies are installed. The vocabulary used should therefore be colloquial. People’s trust is one of the most important aspects of the GDPR. This is achieved by giving high importance on transparency.
• Active: Consent must be given actively, e.g. checking the box must be done actively.
• Voluntary: The user is free to decide whether or not to consent to the cookies. This must not be a limitation for him, he must not be prevented from surfing because he has not accepted the cookies.
It is also important that there is a processing directory in the companies (e-commerce), which takes the following details into account:
• Name and contact details of the company
• the purposes of data processing
• the categories of data subjects
• the categories of personal data
• the categories of recipients of the data
• transfers of personal data to a third-parties
• Deadlines for deleting the various categories of data
This directory with the above details should be written in a precise, transparent, simple and understandable way. Access for customers should be easy and legal bases should be specified.
We hope that this article has brought you more clarity about the current situation and about how cookie consent is correctly implemented. We would like to remind you that we are not lawyers, therefore we recommend that you contact a lawyer of your choice to ensure that you act fairly in the specific case of your business.
We are more than happy to answer any kind of questions regarding Affiliate Marketing!
Email address: email@example.com
Affiliate hotline: 0800 6224220