Legislation and regulations on cookies
Posted: Tue Dec 17, 2024 4:53 am
The uses associated with cookies must be presented to users at the time of their choice. A first description can be reduced to a concise presentation of the objectives pursued by the trackers. This is the first level of information. It must be followed by a more precise description (second level of information).
Internet users must agree to the deposit of cookies by a clear positive act . This takes the form of an "I agree" button on a cookie banner. Any silence on the part of visitors must be interpreted as a refusal. In this case, cookies that are not essential for the proper functioning of the website cannot be installed on your smartphone, PC or tablet.
The “Decline All” button can be integrated using a vp maintenance email lists similar level and format as the “Accept All” button. It gives website visitors a clear and simple choice.
You can also allow them to reject cookies by closing the cookie banner.
The Directive on privacy and electronic communications
Still in draft phase, the ePrivacy Regulation has several main objectives:
Ensuring the protection of citizens' rights and freedoms in the context of the provision and use of electronic communications (telephone, internet, television). In particular, the right to privacy and the protection of personal data;
Ensure the protection of the rights and freedoms of legal entities when they provide or use telephone, internet or television services;
Ensure the free flow of data within the European Union (EU);
Clarification and supplement to the General Data Protection Regulation (GDPR). The ePrivacy Regulation can be considered a lex specialis in relation to GDPR;
Harmonize the rules established by GDPR on the use of cookies.
5 best practices for managing cookies
Establish a clear confidentiality policy
If you collect personal data, GDPR requires you to draw up a privacy policy. This document sets out the various measures in place to ensure data security. By being transparent and clear, you can reassure users about how their personal information is handled.
Obtain user consent (do not force consent)
Article 7 of the GDPR prohibits the practice of " aggregation ". It consists of "forcing" users to give their consent to the processing of their personal data. For example, by conditioning it on the provision of a service for which the use of their data is not necessary.
Have an understandable cookie banner
The cookie banner must be visible, prominent and complete. When writing it, you must use simple terms that can be understood by all users.
Respect the rights of users
Right of access, right of portability, right to notification, right to be forgotten... Internet users whose data is collected have several rights. They can exercise them by contacting the data controller . The contact details of the data controller must be mentioned on the websites visited and in the contracts concluded.
Regularly ask for consent
According to the CNIL, users can "forget" their consent. They also have the right to change their mind. It is advisable to check periodically whether they still agree with the decision they made the first time.
The importance of managing cookies
Since 2017, several web browsers have restricted the use of cookies for advertising. Google will be the last to ban their use in Chrome in 2024. However, this does not mean that Internet users will no longer be tracked on the Internet. Advertisers can use alternative targeting methods . These include fingerprinting, single sign-on, unique identifiers and cohort targeting. For advertisers, it is vital to anticipate this cookie-free future , which is fast approaching.
Internet users must agree to the deposit of cookies by a clear positive act . This takes the form of an "I agree" button on a cookie banner. Any silence on the part of visitors must be interpreted as a refusal. In this case, cookies that are not essential for the proper functioning of the website cannot be installed on your smartphone, PC or tablet.
The “Decline All” button can be integrated using a vp maintenance email lists similar level and format as the “Accept All” button. It gives website visitors a clear and simple choice.
You can also allow them to reject cookies by closing the cookie banner.
The Directive on privacy and electronic communications
Still in draft phase, the ePrivacy Regulation has several main objectives:
Ensuring the protection of citizens' rights and freedoms in the context of the provision and use of electronic communications (telephone, internet, television). In particular, the right to privacy and the protection of personal data;
Ensure the protection of the rights and freedoms of legal entities when they provide or use telephone, internet or television services;
Ensure the free flow of data within the European Union (EU);
Clarification and supplement to the General Data Protection Regulation (GDPR). The ePrivacy Regulation can be considered a lex specialis in relation to GDPR;
Harmonize the rules established by GDPR on the use of cookies.
5 best practices for managing cookies
Establish a clear confidentiality policy
If you collect personal data, GDPR requires you to draw up a privacy policy. This document sets out the various measures in place to ensure data security. By being transparent and clear, you can reassure users about how their personal information is handled.
Obtain user consent (do not force consent)
Article 7 of the GDPR prohibits the practice of " aggregation ". It consists of "forcing" users to give their consent to the processing of their personal data. For example, by conditioning it on the provision of a service for which the use of their data is not necessary.
Have an understandable cookie banner
The cookie banner must be visible, prominent and complete. When writing it, you must use simple terms that can be understood by all users.
Respect the rights of users
Right of access, right of portability, right to notification, right to be forgotten... Internet users whose data is collected have several rights. They can exercise them by contacting the data controller . The contact details of the data controller must be mentioned on the websites visited and in the contracts concluded.
Regularly ask for consent
According to the CNIL, users can "forget" their consent. They also have the right to change their mind. It is advisable to check periodically whether they still agree with the decision they made the first time.
The importance of managing cookies
Since 2017, several web browsers have restricted the use of cookies for advertising. Google will be the last to ban their use in Chrome in 2024. However, this does not mean that Internet users will no longer be tracked on the Internet. Advertisers can use alternative targeting methods . These include fingerprinting, single sign-on, unique identifiers and cohort targeting. For advertisers, it is vital to anticipate this cookie-free future , which is fast approaching.