confirm using cookies in frontend
Closed this issue · 1 comments
expected behavior: a snackbar with cookie confirmation
The Cookie Law requires users’ informed consent before storing cookies on a user’s device and/or tracking them.
This means that if your site/app (or any third-party service used by your site/app) uses cookies, you must inform users about your data collection activities and give them the option to choose whether it’s allowed or not; you must obtain informed consent prior to the installation of those cookies.
In practice, you’ll need to show a cookie banner at the user’s first visit, implement a cookie policy and allow the user to provide consent – unless your website uses solely exempt cookies, which is highly unlikely. Prior to consent, no cookies — except for exempt cookies — can be installed.
You’ll need to show a cookie banner at the user’s first visit, implement a cookie policy and allow the user to provide consent. Prior to consent, no cookies — except for exempt cookies — can be installed
Showing a cookie banner at the user’s first visit
The cookie notice must:
briefly explain the purpose of the installation of cookies that the site uses;
clearly state which action will signify consent;
be sufficiently conspicuous so as to make it noticeable;
link to (a cookie policy) or make available details of cookie purpose, usage, and related third-party activity.
Cookie Solution banner example
Implementing a cookie policy
The cookie policy must:
indicate the type of the cookies installed (e.g. statistical, advertising etc.);
describe in detail the purpose of installation of cookies;
indicate all third-parties that install or that could install cookies, with a link to their respective policies, and any opt-out forms (where available);
be available in all languages in which the service is provided.
Blocking cookies before consent
In compliance with the general principles of privacy legislation, which prevent the processing before consent, the cookie law does not allow the installation of cookies before obtaining user consent. In practice, this means that you may have to employ a form of script blocking prior to user consent.
Consent to cookies
Consent to cookies must be informed and explicit, and can be provided by a clear affirmative (opt-in) action. Therefore, if you use mechanisms such as checkboxes, they must not be pre-checked.
The Working Party document on the Cookie Law states:
To ensure that a consent mechanism for cookies satisfies the conditions in each Member State such consent mechanism should include each of the main elements specific information, prior consent, indication of wishes expressed by user’s active behaviour and an ability to choose freely.
Subject to the local authority, these active behaviors may include continued browsing, clicking, scrolling the page or some method that requires the user to actively proceed; this is somewhat left up to your discretion. Some website/app owners may favor a click-to-consent method over scrolling/continued-browsing methods as the former is less likely to be performed by user error.
Active behaviors may include continued browsing, clicking, scrolling the page or some method that requires the user to actively proceed
It’s worth noting here that the Italian Data Protection Authority (the Garante Privacy) specifically recognizes “performing a scrolling action” and “clicking on one of the internal links of the page” as valid indications of affirmative consent. Because the ePrivacy is, in fact, a Directive, the specifics of how requirements should be met are heavily dependent on individual Member State law. It should be noted however, that the Italian DPA does explicitly state that the recommendations were created before the GDPR came into force and that this fact should also be considered when making a decision in this regard. Since it is impossible for us to know which specific circumstance applies to your particular case, we do give you the option to easily enable or disable the Cookie Solution’s “scroll to consent” feature as needed.