Cookie Consent Checklist for Recent EU DPO Guidance

Website cookies and tracking technologies continue to be a trending topic in the EU due to local disparities with privacy and cookies regulations, and the long-awaited approval of an EU regulation national rules. With CookiePro’s cookie compliance tool, you can adapt to guidance from the European Union’s data protection authorities and collect valid consent. In this blog post, learn about cookie guidance throughout the EU and best practices for cookie compliance with our EU Cookie Consent Checklist.

UK’s ICO Guidance Summary Checklist

The UK ICO encourages organizations not to use “nudging” techniques – when design features encourage or lead the user towards a preferred decision. Consent “accept” and “reject” buttons must be equal in size and visibility.

• Does your cookie consent banner show “accept” and “reject” options equally?
• Third-party cookies must clearly and specifically name the third party and also explain the purpose of the collected data by the third-party cookie.
• Do you show a list of cookies?
• And does that list show third-party details?

Ireland’s DPC Guidance Summary Checklist

According to Ireland’s recent DPC Guidance, consent for third-party cookies cannot be covered by Legitimate Interest, and consent cannot be collected more than once in a 6-month period.

• Is your consent management platform set up for these requirements?
• A cookie used for more than one purpose requires a record of consent for each purpose. Do you collect separate consent for each cookie purpose present on your website(s)?

France’s CNIL Guidance Checklist

The CNIL has declared that page scrolling cannot be considered a form of implied consent. Additionally, a consumers’ decision not to interact with a cookie consent banner cannot be considered a form of implied consent.

• Does your organization collect consent based on either of these actions?
• The CNIL’s guidelines support freedom of choice by the user, including a reject all button, transparency, and ease of managing the users’ consent. Do you provide a reject all button in your cookie consent banner?

CJEU’s Planet49Ruling Checklist

The CJEU has ruled in the Planet49 case that all tracking technologies require consent before being deployed.

• That means website users must be provided with information on the lifespan of cookies and if third parties will have access to the data collected by cookies, among other requirements.
• Do you list cookie lifespans in a cookie list?
• Are third parties included in a cookie list on your website?

Germany’s DSK Guidance Checklist

According to Germany’s DSK Guidance, access to a privacy policy and “Impressum” cannot be blocked by a cookie banner.

• Does your cookie banner block access to a privacy policy?
• Pre-ticked boxes for capturing consent are not compliant. Do your website visitors have the ability to opt-in to cookies?
• The DSK recently published its opinion on Google Analytics cookies, stating that these cookies are invasive and require user consent. Are you collecting consent for Google Analytics technologies

How CookiePro Helps

CookiePro is constantly monitoring new global guides and best practices, and will continue to keep you updated on the latest news.

• Scan your website to identify and categorize cookies and tracking technologies on your website
• Display a location-based cookie consent banner that auto-blocks cookies until the visitor opts-in or out of your cookie policy
• Automatically generate a detailed list of cookies, categories, and descriptions in dynamic Cookie List based on your latest website scan
• Tailor your consent banner to match your company’s brand including display, color, content, and language
• Customize your consent approach from notice only, opt-out, implied, opt-in or customize your own
• Build a centrally located, historical consent database to demonstrate compliance to regulators and auditors
• Once the disclosure is embedded on your website, you can easily update the content from the CookiePro interface at any time.