Secure Privacy's checklist
- #1. Check if the script is installed correctly
- #2. Set up v2 blocking configuration
- #3. Review the target audience setup
- #4. Examine your overall rating and recommended actions
- #5. Review and categorize cookies
- #6. Analyze and update the text on the cookie banner
- #7. [GDPR] Check both Accept and Decline buttons are present
- #8. Inspect cookies being placed before giving consent
- #9. Enable privacy policy and cookie declaration
- #10. [OPTIONAL][ENTERPRISE] Configure the Scan Behind Login feature
- Have more questions? - ask at support@secureprivacy.ai !
#1. Check if the script is installed correctly
To add the automated blocking script to your website, go to the “installation” page and copy the script line.
Open your website/CMS code view and paste the code in the top most of the <head> tag.
#2. Set up your blocking configuration
In case you have script/iframe/pixel sources from your implementation team -
please add these sources using the “Tag Blocking” tab to enable blocking on them -
#3. Review the target audience setup
Review and select appropriate target audience for the cookie banner within each compliance module ("GDPR", "CCPA", "LGPD", "PIPEDA" and others). We recommend targeting appropriate geographic locations according to the affecting cookie law -
— for GDPR - set to “Active for visitors from Europe”;
— for CCPA - set to “Active for visitors from California”;
— for LGPD - set to “Active for visitors from Brazil”.
#4. Examine your overall rating and recommended actions
Make sure the scan report reflects the latest changes to the services/cookies you are using on the website.
The overall rating should aim for 100% and the recommended actions are the steps to execute to increase the score.
#5. Review and categorize cookies
The “Classification” tab allows you to review and change default categories assigned to the detected services/cookies on your domain. More on cookie categories can be found in the support article here.
#6. Analyze and update the text on the cookie banner
The purpose of each cookie/service category has to be explicitly communicated on the cookie banner
For example,
— for the essential cookies -
“We place essential cookies to enable our website to function correctly.”
— if you have analytic services running -
“We place analytical cookies to gather aggregated statistical information about our visitors.”
— the purpose for placing advertising cookies may look like this -
“We place advertisement cookies to optimize our marketing campaigns towards our visitors.”
#7. [GDPR] Check both Accept and Decline buttons are present
According to GDPR, both buttons for accepting and declining cookies should be placed on the cookie banner.
The behavior can be set up via the "GDPR" -> "Cookie banner" -> "Settings" tab by switching the "Reject button type" to "Show as button" to comply with the requirement.
#8. Inspect cookies being placed before giving consent
(1) Start an Incognito window of your browser (Chrome preferred), please also have the developer tools tab/window open as well.
(2) Open your website, make sure the cookie banner is still open (do not click the banner's buttons yet). Check the “Application” tab and see how many cookies are being placed while having the cookie banner open.
(3) Confirm these all are strictly “essential” to the website functioning (again, cookie categories are described here)
Repeat steps #2, #3, #4 above to improve your overall compliance rating
#9. Enable privacy policy and cookie declaration
In order to promote trust and openness to the services/cookies being used on your website—please enable the following additional compliance tools/features—Privacy Policy (1) and Cooke Declaration (2)
We have extended guides on this topic here -
— How to set up a Privacy policy on your website
— How to set up a Cookie Declaration on your website
#10. [OPTIONAL][ENTERPRISE] Configure the Scan Behind Login feature
Optionally, you can set up the "Scan Behind Login" feature of Secure Privacy that enables website administrators to scan and monitor the content and elements present within the restricted areas of their websites. These areas typically require user authentication, such as login credentials, to access sensitive information or perform specific actions. More information on the feature and setup can be found here - Authenticated scans via "Scan Behind Login" feature