CookiePro Featured in GDPR Now! Podcast
We’re excited to share that CookiePro was recently featured in a podcast with GDPR Now!. To provide the hosts with more information about our cookie consent solution, we answered the following questionnaire:
GDPR Now!: Can the software be used to search for cookies?
CookiePro: Yes, we have website scanning built into the platform. Users can scan their website against the largest database of cookies –Cookiepedia by OneTrust to receive an auto-categorized list of the cookies and online tracking technologies on their website.
GDPR Now!: How does the software cope with new cookies? Does it have an auto-detect function, or does the search function need to run periodically?
CookiePro: When new cookies are added to the website, the user will need to re-scan their website, or schedule an automated scan on a monthly or weekly basis. Newly identified cookies will be flagged in the scan report emailed to the customer.
GDPR Now!: Does the cookie notice prevent all cookies (even necessary cookies) load before Accept is clicked?
CookiePro: Our cookie notice is customizable to be as strict as the customer chooses. Most of our customers choose to block all cookies (except strictly necessary) until a user accepts the consent banner.
GDPR Now!: How does it achieve that?
CookiePro: Depending on the implementation, it achieves cookie blocking through script modification or tag manager triggers that block and prevent the cookies from loading until the user provides consent.
Cookie Banner Styling/Text
GDPR Now!: Does the software provide two or three clickable boxes?
CookiePro: Yes – the consent notice is completely customizable and offers the ability to show/hide various boxes.
GDPR Now!: Are the words in the boxes adjustable?
CookiePro: Yes – all text is customizable and can be displayed in multiple languages. We also offer language auto-detection that will display the consent notice in the default language of the end-user.
GDPR Now!: Are the size of the boxes adjustable?
CookiePro: Yes – we offer various layout and display options, and we also offer the ability to customize the consent notice via custom CSS.
GDPR Now!: Can the Cookie Settings box be set to look the same as the Accept box (ie. so as not to favour Accept)?
CookiePro: Yes – all button styling can be customized according to the administrator’s preferences.
Granularity of Accept/Reject
GDPR Now!: Does the software provide both Yes/No options per category and cookie?
CookiePro: Yes – the administrator can change preference centre behaviour to provide the end-user the ability to opt-out of categories, sub-groups, or both.
Storage of Consent Logging
GDPR Now!: How does the software record the settings for future recognition? Does it set a cookie for that purpose?
CookiePro: Our software sets a strictly necessary cookie that is updated once the website visitor accepts / declines consent. This cookie remembers the visitor’s preference for the entirety of it’s lifespan (1 year).
GDPR Now!: From a technical / unique identifier perspective how does the system handle this function?
CookiePro: If the option is enabled to capture records of consent, a unique identifier is randomly generated for the website visitor when they make their consent preferences. We store that consent record in our system for reporting purposes.
GDPR Now!: What consent info is stored? How is it accessible by the controller?
CookiePro: We also offer the ability to request reconsent when publishing a change to the cookie notice that will prompt all existing users to reconsent to the cookie notice.
Consent Per Device
GDPR Now!: Presumably, cookie consent is per device, and the software does not allow recognition of same user across different devices.
CookiePro: Yes – cookie consent is per device and we do not identify users directly – it is completely anonymous.
GDPR Now!: Is device fingerprinting used in the stored of consent preferences?
CookiePro: Fingerprinting is not used. We only use a cookie for storing consent, so it is on a per device basis.
Exiting the Cookie Notice
GDPR Now!: Can the visitor/user exit the cookie notice without accepting/rejecting? Can the visitor/user exit the cookie notice without accepting/rejecting?
CookiePro: The cookie notice behaviour is completely customizable from the administrative portal. The administrator can choose to set the close button to accept all cookies, show/hide the close button, set scroll to accept all cookies, require interaction, and many more configuration options.
We provide recommendations for best practices, but it is up to the administrator to decide how they want their cookie notice to behave.
However, the user decides for their banner to operate, the consent record is stored in the system and expires 1 year after the consent record is created.
Opt-in and Opt-out Models
GDPR Now!: Does software allow the administrator to create opt-in and opt-out banner models?
CookiePro: Yes – we provide 4 built in consent models: Notice Only, Opt-Out, Opt-In, and Implied Consent. The administrator can choose to use one of these 4 built-in models, or can start with a consent model, and customize it according to their needs.
We also offer the ability to create different consent models for different geolocations. For example, a website owner can have 1 consent model for website visitors in the United States, and a different model for visitors in the UK.
GDPR Now!: Does the software allow, for example, strictly necessary cookies to be changed to non-essential category cookies such as Preference or Analytical?
CookiePro: Yes, by default our system auto-categorizes cookies based on our database of over 9 million cookies. However, the categorization is completely customizable, and the administrator can move cookies to different categories or groups depending on how they want to set up their website.
The user interface is simple and easy to use – the administrator can recategorize using drag & drop to reorganize their cookie list.
Users/visitors Changing Minds About Consent
GDPR Now!: Does the notice allow visitors to change their minds and come back and alter the cookie settings? How does it do this? Is part of the software permanently visible?
CookiePro: Yes – we provide a script for an embedded cookie preference center so an end-user can navigate back at any time to modify their preferences.
GDPR Now!: Where plugins are embedded into websites, does the software scan and report on these as well as cookies?
CookiePro: Yes, all plugins that are dropping cookies or tags on the website will be scanned. Those cookies will show up in the cookie list and can be categorized from there.
GDPR Now!: What is the software’s role in relation to the persistence of a cookie? Is persistence set via the software?
CookiePro: CookiePro does not set the persistence of third-party cookies, and the persistence of the CookiePro cookie is non-configurable – by default it is set to 1 year. However, the administrator can choose to display the lifespan of cookies within the preference centre for the website visitor to view.
GDPR Now!: Once the cookie’s life has expired, how does the software know to re-request on a subsequent visit?
CookiePro: Re-consent can happen in three ways. Otherwise the user’s initial consent is respected.
- The cookie storing the user’s consent preferences has expired or has been deleted.
- The user decides to alter or change their settings in the CookiePro preference centre.
- The website administrator pushes a re-consent to all users because of policy change.
GDPR Now!: Does the software provide for Yes/No for each third-party cookie?
CookiePro: Yes – the administrator can configure their preference centre behaviour to allow for category opt-out or sub-group opt-out.
GDPR Now!: Does the software allow for a link to the privacy/cookie notice to be displayed alongside each third-party cookie?
CookiePro: Yes – the administrator can modify the description for each cookie sub-group and include individual links to a privacy / cookie notice.
GDPR Now!: Does the software automatically populate the link to privacy/cookie notice?
GDPR Now!: Does the software store the consents to each third-party cookie? How is that consent held, and is it shown separately to all other consents?
CookiePro: Yes – Consent records are stored by cookie group configured by the administrator. The administrator can choose to categorize cookies as broad or granular as they want in order to capture the metrics they need. If the option is enabled to capture records of consent, a unique identifier is randomly generated for the website visitor when they make their consent preferences. We store that consent record in our system for reporting purposes. When viewing consent records within the system, the administrator can view the groups or subgroups the user opted-in or out of and on what date.
GDPR Now!: Is the consent for third party cookies available to the third-party cookie provider without involvement of the website operator?
CookiePro: The consent is managed through our blocking technology. If the user opts-out of third-party cookies, we will make sure those third-party cookies are not set on the browser – which means they won’t be sent to the third-party. We also integrate with the IAB to provide the administrator with options to configure their vendor list based on the most recent IAB Global Vendor List.
Social Media Plugins and Other Tracking Software
GDPR Now!: As per question above, how does the software assess any social media plugins and other types of tracking devices?
CookiePro: The software will drop or block cookies based on the administrator’s consent model. If the administrator decides to categorize social media cookies as strictly necessary, they will always be dropped.