What does the GDPR and cookie law mean exactly? Why do you need cookie consent? And does your current cookie consent comply with the GDPR law? We will answer these and many other questions in the article.
What is the GDPR law mean?
The GDPR, or General Data Protection Regulation, is the strictest privacy and security law in the world. It imposes obligations on all organizations who target or collect data from people in the European Union. GDPR is the replacement of the Personal Data Protection Act, which no longer applies.
What has changed since this law?
Since the GDPR law took effect on May 25, 2018 it has brought many changes to companies. A few things that changed:
- Strengthening and extending privacy rights:
People have the opportunity to choose if they want their data to be processed. Organizations must get valid permission from website visitors to process their personal data and they must be able to prove that they received it. Next to that, website visitors can withdraw their consent as easily as they can give it. - More responsibilities for organizations:
Nowadays, organizations have more obligations when it comes to processing personal data. The GDPR law has placed more emphasis on the responsibility of organizations. They need to demonstrate that they comply with the law.
Why do organizations need cookie consent?
The new law states that every website that uses cookies is required to have a cookie consent on its website. Organizations must describe exactly which type of cookies are placed on the website. They also need to explain what those cookies mean.
Different types of cookies
It is often stated that there are four different types of cookies, namely: essential, preferred, analytical, and advertising cookies. All these different types of cookies are only making it more difficult for organizations than is necessary. We will make it easier for you. Basically, there are only two types of cookies:
- Consent-free cookies; and
- Consent cookies.
Consent-free cookies
Consent-free cookies are cookies that do not require consent from website visitors. They do not infringe on their privacy. Examples of consent-free cookies are:
- Analytical cookies:
Analytical cookies give organizations insight into visitor statistics. Based on this data, organizations can see how their website is performing and where they can improve. - Functional cookies
Functional cookies are required for a website to function properly. Without these cookies, a website will not work correctly. An example is adding an item to a shopping cart or accessing a secure environment on a website. - Preferred cookies.
Preferred cookies ensure that a website can remember important information, like a preferred language.
Consent cookies
Consent cookies infringe on a visitor’s privacy. Organizations need consent from them to be able to place these cookies. A visitor needs to be given a choice whether or not they agree to these types of cookies. Examples are:
- Marketing cookies:
Marketing cookies collect information about keywords, how a visitor came to a website, and the use of a website. With this data, organizations are able to make their website even better. It allows organizations to make better and more relevant offers on their website as well as on partner websites. - Third-party cookies:
These cookies are placed by third-party companies. For example, if an organization wants to retarget its visitors it needs to allow an advertisement platform to place cookies on its website. It requires consent from a website visitor.