Setting up Your Cookie Banner? Here’s What You Need to Keep in Mind!
Almost a year has passed since the GDPR entered the minds of data-driven marketers and customers alike. But still, going back to basics for some general rehearsals doesn’t really hurt – especially when it comes to the basics for gathering data and consent: cookie banners.
First, let’s take it from the top! GDPR stands for General Data Protection Regulation and it regulates the privacy and data protection for all individuals within the European Union and EEA.
While GDPR regulates the processes for storing the data, there are national marketing laws that regulate the use of, for instance, cookies; why we use them, how we use them, and how we communicate it to the outside world.
Do You Need Cookie Consent?
Do you have a commercial or marketing website for your brand? Are you tracking cookies for commercial or marketing purposes? Have you not set up a cookie bar yet? If you tick one or more of these boxes, the answer is a roaring yes!
But before you collect data, you need consent. Cookie consent is the informed, explicit agreement of the owner of the cookies (visitor) for their browsing data to be stored and used for clearly stated purposes. A user must be made aware of the cookie purposes at the time consent is requested.
Cookies: The Foundation of Data-Driven Marketing
Why are cookies so valuable to data-driven marketers and the user experience? The reason is simple: Without cookies, data isn't saved on the web from one page load to the next. But with cookies and the user’s explicit consent, a visitor can, for instance, log on to a website, leave, and then come back later and be automatically logged in.
How? Because the website has already issued cookies in the background upon the visitors log-in and saved the information in the browser’s cookie file.
The mechanics behind is that, in the background, the website issue cookies upon log-in or simple browsing and save them in the browser. When that cookie is sent from the browser and back to the website, the website is able to confirm that it’s still the same visitor browsing as before.
In a nutshell:
Cookies allow websites to recognise visitors based on the data they provided with their consent during their last visit.
First-Party, Third-Party and Session: What Kind of Cookies Exist?
But before we dive deeper into the world of cookies, let’s get down to the nitty gritty and answer the following questions: what are cookies? And how are they used?
When visitors enter your website, a file is saved into their browser. That file is known as a cookie. In that cookie file, data (such as browsing behaviour and items added to cart) can be stored. This will, of course, only happen as long as the visitors have provided their cookie consent.
There are two types of cookies according to purpose...
- Session cookies expire when the browser is closed. Used by online shops, for example, to allow you to keep items in your shopping cart as you browse the website.
- Persistent cookies are commonly used for keeping users or visitors logged in or for recording their browsing activity over a long period of time. The length of this period can vary and depends on your preferred settings; ranging from days to years.
… And two types according to origin:
- First-party cookies are created by the website the visitor browsed, and only exist in the domain it was created.
- Third-party cookies are created by third parties (advertisement-related) in different domains. When the same third party has created the same cookie in two different domains and can be associated to the same visitor, the cookie merges and is effective in both domains.
How to Create a Cookie Banner: The Essential Requirements
Your cookie banner must be sincere, transparent, unambiguous, clear, up to date and comprehensive.
- What types of cookies are set
- How long they persist on your users’/visitors’ browsers
- What data they track
- For what purpose they are applied(functionality, performance, statistics, marketing, etc.)
- Where the data is sent and with whom it is shared
- How to reject cookies, and how to subsequently change and/or withdraw the cookie consent.
Make sure to update both policies periodically.
A Final – But Very Important – Note to Remember:
Make sure that you are acting in accordance to the marketing law in your respective market(s) and/or GDPR when implementing the script on your website . Even though it's an extra step, the script is there to give your visitors a better experience of your business.
+1: Examples on How to Write a Cookie Banner
Our of ideas? Here's a few inspiring examples, including APSIS’ own cookie banner:
APSIS (Business to Business, Digital marketing software):
Business to Business, technology:
Business to Consumer, media:
- Business to Consumer, retail:
Want to learn more about data processing and cookies? Download our handbook today!
Note: This blog post is for inspirational and informational purposes only and does not constitute legal advice nor shall it be construed, or relied, on as such. APSIS accepts no liability for any losses incurred as a result of any reliance made on the information contained herein. APSIS reserves all right to the content of the blog.