Written by Sherlock SEO Agency
I recently posted a post on LinkedIn regarding how to handle cookie setting to comply with the new GDPR regulations going into effect May 25, 2018.
You’ve probably already heard about the GDPR and Cookie regulation that the European Commission that goes into effect on May 25, 2018. If not, you can find more information at the following sites:
So GDPR is not only for large companies, but also for all companies and organizations regardless of their size that fall under the criteria of GDPR:
However, what does this mean for you and your website now? After all, you are required to inform visitors on your website about:
Here, many companies establish an approach with a roadmap (10 to 13 steps) for collecting, storing and using personal data. For this, clear permission must be given by the visitor or user of the website on their first visit to the website. Personal data are divided into three categories:
Since your website uses tracking scripts for Google Analytics, the data, collected via these tracking IDs, therefore falls under the GDPR because the person can be traced by additional information and is individualizable (especially regarding personal data and pseudo-anonymous data). So officially, you are not allowed to use tracking scripts by default. But if you state on the website what data is collected and for what purposes it is used, it is allowed. In the past, you could mostly accommodate this with a cookie wall or an implicit opt-in, where you indicated to the visitor that he automatically agrees to the use of these tracking scripts upon further use of the site. As of May 25, however, this will no longer be the case.
So action must be taken. And this is where the story actually begins. In addition to GDPR, there will be additional legislation. In fact, the cookie law is also being completely replaced by an ePrivacy law. But the GDPR is already having an earlier impact on what you are allowed to collect and in what ways. Thus, it is important to review tracking scripts and cookies and hold them against the new guidelines, and incorporate them into the cookie notification where appropriate. Indeed, there are several forms applicable here. Following is an explanation:
To make using a website as easy as possible, technical and functional cookies are used to keep track of certain choices and/or selections made and/or made during a previous visit to the website. These ensure that certain choices and/or selections do not have to be set over and over again.
In addition, analytical cookies are also used that track how visitors use the website, which pages they visit, … These help to improve the website, create new content, … These analytical cookies do not store any personal information.
The collection of data a the storage of these cookies cannot be refused since otherwise one cannot visit the website. And since Google Analytics is installed on your website, action must be taken here. Now Google Tag Manager is also installed on your site. That makes it even easier in this case. Thus, the following should be provided:
Some sites are set up to track past site visits and visitor behavior in a “customer profile.” This way, one can personalize the site by visitor or type of visitor to show more relevant information.This way, one can personalize the site by visitor or type of visitor to show more relevant information. Here I am thinking, among other things, of specific banners on the homepage, promotions that may be of interest to the visitor, custom site structure, …
Since this is more specific and does not apply to most sites we will not go into detail here. More info? Contact us.
Some websites use functionalities such as plug-ins offered by third parties or third-party tracking scripts. Some examples include:
So here it gets a little more difficult. If one or more pages of the site have a video player (Youtube, Vimeo, …) or Social share buttons then your website also falls into the category of level 3. And then if this option is refused by the website visitor, they should either no longer be shown or be discontinued.
Another possibility is that your website uses functional tools or marketing tools such as: Facebook pixel, Hotjar, Google Remarketing, … In this case, if this option is refused by the website visitor, they must be stopped.
As you can notice, the intent of this is not always general and not always obviously possible. With Google Tag Manager, however, we can configure this so that this requirement can also be met.
Specifically, this means that actions are needed to get your website in order because there are also penalties involved. For the level 1 consensus, an adjustment should be made anyway. And for the level 3 consensus, the functionalities used should be looked at to then make an approach from there.
More info? Contact us or book an appointment at www.calendly.com/jefvangool