A cookie banner is a pop-up that appears when a visitor comes to a website. Websites use cookies to collect data from visitors. Cookie banners serve two purposes: to let visitors know that their data is being collected and will be used for certain purposes, and to get their consent to use the data. Below are two examples of how cookie banners can be designed and set up on Secure Privacy.
How does a cookie banner work?
When a visitor lands on a website, a pop-up appears somewhere on the screen. This pop-up is the actual cookie banner. The cookie banner tells the visitor that the website uses cookies and asks for consent from them.
However, most sites set cookies before getting consent. They don’t wait for permission to collect user data, hence they risk huge fines and losing credibility as a company. Their cookie banners serve little to no purpose.
Do I need a cookie banner?
You need a cookie banner if you collect data from European Union visitors. In general, only EU laws require cookies banners, which means you have a duty to show them only to your EU visitors. However, since you can’t control who visits your website and you most likely use tracking technologies (Google Analytics, Facebook Pixel, HubSpot, plugins, social media buttons), it is wise to have a cookie banner to protect yourself.
The EU first regulated this matter with the ePrivacy Directive in 2002, requiring website owners to get consent from their visitors. This is when cookie banners started appearing all over the internet. The GDPR (General Data Privacy Regulation), which came into effect in May 2018, also requires cookie banners but imposes heavier fines for those who do not comply.
You can scan your website for GDPR and ePrivacy compliance with Secure Privacy (after creating an account with us).
Prior to GDPR, you could add a cookie banner saying, “By using this website, you accept cookies”, but not anymore. Now you have to ask for consent for using your visitors’ personal data. Moreover, they have to actively opt-in to give you permission to use their data. Put in simple language, GDPR requires you to:
Have a cookie banner informing website visitors from the EU that you use cookies, why, how and where their data is used in an easy-to-understand way.
- Give them an opportunity to opt-in and opt-out of any type of cookie
- Get their consent (usually in the form of a cookie banner) before collecting the data
- Keep the records of all the collected consents
- Allow visitors to withdraw their data that they have given consent to be collected
- Delete visitors’ data upon their request
Again, the obligation to ask for consent applies only when a visitor from an EU country comes to your website.
Can the cookie banners appear only to EU visitors?
Yes, they can. Secure Privacy allows you to target only EU visitors with certain cookie banners. You can adjust it by changing the settings.
Yes, you can easily adjust our cookie banners to the GDPR requirements. You can use our Prior Consent solution for blocking cookies and tracking technologies. It will prevent you from collecting data before getting valid consent, keeping you compliant with the laws.
Yes, you can. You have absolute control over the cookie banner designs. We have some nice pre-made design templates available to you, but you can easily make changes using CSS.
When a cookie banner shows on a website and the visitor agrees to accept cookies, you must document their consent and store it in a safe place. The process of documenting and keeping users’ consent is called cookie consent management.
Below is the illustration on how consents are documented (both accepts and declines) per transaction.
Yes, every time you are required to get a cookie consent from a visitor, you are also required to record it and store it. A cookie banner is a quickest and most informative way to get cookie consent.
The GDPR sets particularly high standards for recording consents. You are required to receive a positive opt-in for each purpose you collect data for. You can’t rely on pre-ticked boxes and inactivity of the visitor. Instead, you have to offer empty boxes for each data collection purpose and ask visitors to tick them. From the moment they do, you are allowed to inject cookies in their computers and are obliged to document and store their consent.
If a user asks to withdraw their consent, you have to make it as easy as giving it. Upon request, you have to remove their consent from the records. A good cookie consent management will make this process effortless.
How can I record and store all the cookies consents I get?
With Secure Privacy, this process is fully automated. As soon as the cookie banner shows up and the visitor gives their consent, it is being recorded and stored in compliance with the laws. As soon as they withdraw it, the consent will be removed from the records. There is no action required by you
How do I get started?
You can get started by selecting the plan that is most fit for your needs. You can see our plans here. Feel free to contact us by submitting a request here if you have any questions.