Cookie consent is the cornerstone of compliance for those visiting your website.

Issues of privacy are extremely important. As a business owner with a website, it's vital that you comply with the Privacy and Electronic Communications Regulations (PECR), which sit alongside the Data Protection Act and the UK GDPR.

If your website visitors are visiting your website from the EU, GDPR EU legislation governs the collection and processing of website data from web or mobile app users.

As a website owner it’s your responsibility to ensure your visitors’ personal data is collected and processed within privacy legislation. It’s also important to note, that the GDPR’s principles around privacy extend to websites beyond the EU.

What are cookies?

Google’s definition is: "Cookies are small pieces of text sent to your browser by a website you visit. They help that website remember information about your visit, which can both make it easier to visit the site again and make the site more useful to you."

GDPR and PECR set out specific rules on cookies. Website visitors must give explicit consent to how cookies are managed.

This is achieved through cookie banners. They give website visitors the opportunity to Accept, Deny or Manage cookies for activation.

Your website must comply with the following:

  1. Consent must be obtained before cookies are set (except from whitelisted, necessary cookies)  
  2. Website visitors must be able to Accept/Deny some cookies rather than others. They must not be forced to consent to either all or none. Visitor consent must be granular
  3. Consent must not be forced
  4. Consent can be easily withdrawn
  5. Consent must be securely saved as a legal document
  6. Consent must be renewed at least once per year
Enjoying this article? Sign up to our newsletter

What is a Consent Management Platform

Data collection through cookies can be facilitated by Consent Management Platforms (CMP). They're also referred to as Privacy Management tools. CMPs automate the process of obtaining user consent and help your website to stay compliant with evolving data privacy regulations.

A compliant CMP can provide your visitors with information about the types of data that will be collected. For example, how will it be used? How does it store visitor consent data? How does it deal with requests from visitors to access and erase data?

Google consent settings
Image source: Google

Some examples of Consent Management Platforms

  • OneTrust:  Offers technology and services covering three different aspects of data protection and privacy management. It helps companies stay compliant with privacy and security laws like ePrivacy (the Cookie Law), GDPR, CCPA, and others by providing a centralised platform to track data and automate privacy processes
  • Cookiebot: Hosted CMP, offers cookie consent banners in 46 languages
  • TrustArc: A service that automatically adapts to the location and browser settings of the site visitor
  • Piwik Pro Consent Manager:  A consumer tracking and market analysis service that includes checks for compliance with GDPR, CCPA, and LGPD plus cookie consent for the tracking libraries that the service deploys
  • Osano Consent Manager:  This cloud-based system includes a cookie scanner and a consent popup for GDPR, CCPA, and LGPD
  • CookieYes:  A straightforward tool that can be integrated into all of the major content management systems

CMPs and tag management solutions

It’s essential you implement a CMP. But you also need to consider the integration of your chosen tool with your existing marketing platform.

We’ve worked with our customers to implement Onetrust and Cookiebot via GTM. The benefit of this integration is that all your tags/cookies are managed in one place.

Overall, you have more control with tag configuration, as opposed to implementing it directly in your website code. You’ll need expert developers to do the latter. With a tag manger, it's easier to configure the CMP tag code and versions.

Consent Management Platforms such as Onetrust and Cookiebot also provide tag templates ensuring that the implementation is pain free. The screenshot below shows a Cookiebot tag template in GTM.

Screenshot of tab template in GTM 
Image source:  GTM

Working with Codehouse

At Codehouse, we work with a variety of CMPs. We use our knowledge and experience to help many customers implement consent management platforms like Onetrust and Cookiebot.

Our team is ready to guide you, so whenever you’re ready get in touch.