Cookies Year in Review: Spanish DPA (AEPD)
This week in our weekly Cookies 2019 Year-in-Review, we're focusing on the recent Spanish AEPD's recent Guide on the Use of Cookies.
In our weekly Cookies 2019 Year-in-Review blog series, we’re covering headlines that were made from regulations in 2019 in regards to website cookies and tracking technologies. This week, we’re focusing on the Spanish AEPD.
Spanish Data Protection Authority (AEPD)
On November 8, 2019, the Spanish Data Protection Agency (AEPD) released its Guide on the Use of Cookies. The Guide highlights best practices required by Article 22(2) of Law No. 34/2002, which went in effect July 11, 2002 and focuses on obtaining lawful consent from the data subject under the GDPR.
Moreover, the Guide outlines the definition of cookies and similar technologies, transparency obligations, and consent requirements.
Key Takeaways From the Update
- Users’ consent may be obtained through explicit action once provided with clear and accessible information about the use of cookie.
- Consent must be freely given, informed, unambiguous, and actively provided. A user must also always be able to withdraw consent. Inactivity by the user cannot constitute valid consent.
- A user navigating a website in order to manage their cookie preferences is not providing valid consent.
- A cookie policy shall include definitions of cookies, the type and the purpose of cookies used, the identification of the operator installing and using cookies, information on how to manage consent, information on data transfers to third countries made by the service provider, and the retention period of the data.
- When a cookie policy is presented through layers, consent can be deemed to have been given in a valid manner when the user continues browsing the website, an activity which includes:
- Using a scroll bar, when information on cookies is visible without the use of a cookie banner
- Clicking on certain content links within the website
- Swiping the screen to provide access to website content in devices such as mobile phones and tablet
CookiePro Website Scanning & Cookie Compliance Product
Using CookiePro, website owners are able to scan websites for third-party trackers and collect cookie consent with branded cookie banners. The following product features are available on-demand.
- Scan your website against the largest database of pre-categorized cookies – Cookiepedia by OneTrust, and get a report of the cookies and online tracking technologies on your website.
- Tailor your cookie banner and preference center and give users advanced control over their cookie settings.
- Customize and tailor your consent approach and generate a detailed Cookie List based on your latest website scan.
- Build an audit trail of detailed records of cookie consent and export visual reports for compliance purposes.