black android smartphone on top of white book

What is a correct Cookie banner and GDPR?

We all know them by now: the cookie banners and cookie popups on many websites. With this we indicate whether we agree that our surfing behavior is tracked or rather not. Few people lose sleep over it and permission is usually given to get rid of it quickly. Yet today they are a necessary evil. In the digital age, data protection and privacy are more important than ever. Belgian companies must be aware of the need to comply with the General Data Protection Regulation (GDPR) and to implement a correct privacy and cookie policy. Unfortunately, we come across websites every day that do not comply with the rules. Unfortunately, the lack of a cookie banner, or a cookie banner that simply doesn’t work and blocks cookies when refused, is commonplace. In this article we discuss the importance of GDPR, privacy and cookie policy and give you an overview of the common mistakes and how to avoid them. The aim is to raise awareness among Belgian entrepreneurs and to offer assistance in complying with the legislation, thus avoiding fines and reputational damage. GDPR: what is it and why is it important for Belgian companies? The GDPR (General Data Protection Regulation) is a European law that regulates the protection of personal data of EU citizens. It has been in force since May 2018 and imposes strict rules on companies and organizations that process EU citizens’ data. GDPR is critical to ensuring consumer privacy and holding companies accountable for how they handle personal data. Belgian companies that do not comply with the GDPR regulations can face high GDPR fines and reputational damage. The sanctions for companies that are too lax with your data are considerable. The fines can amount to twenty million euros or four percent of the global annual turnover. You may think that the chance is small that your company or SME will come into the crosshairs of the Data Protection Authority. On this website, however, we found many statements, especially regarding the implementation of cookies and the accompanying cookie banner, where Belgian companies have burned themselves with the legislation. Fines of € 5,000 to € 50,000 have been imposed here. Privacy Policy: protection of personal data A privacy policy is a document in which companies explain how they collect, use, store and share personal data. It is a legal requirement under the GDPR and helps build trust between businesses and consumers. You publish this policy on your website so that visitors know how you or your company deal with their privacy and data. The most important parts of a privacy policy are the identity of the controller, the purposes of the data processing, the legal basis, the recipients of the data, the retention period and the consumer rights under the GDPR. Consumer rights under the GDPR The GDPR provides a series of rights for consumers with regard to their personal data: Right of access: Consumers have the right to know what data a company holds about them. Right to rectification: Consumers have the right to have incorrect data corrected. Right to be forgotten: Consumers have the right to request that their data be deleted. Right to restriction of processing: Consumers have the right to restrict the processing of their data in certain situations. Right to data portability: Consumers have the right to receive their data in a structured, commonly used and machine-readable format. Right to object: Consumers have the right to object to the processing of their data for direct marketing or other purposes. It is important, and mandatory, to inform visitors to your website about their rights. Every company processes personal data differently. That is why you must inform your visitors about what you do with their data and how you protect them. This information is incorporated into a privacy policy. After that, of course, it is also the intention that you do what you promise. Cookies and their role on websitesWhat are Cookies? Cookies are small text files that websites store on a visitor’s device. They help remember preferences, track user behavior, and improve the overall user experience. Types of cookies There are different types of cookies, including: Functional cookies: These cookies are essential for the basic functionality of a website. Analytical cookies: These cookies collect information about how visitors use a website, such as pages visited and length of visit. Advertising cookies: These cookies are used to display advertisements that are relevant to the visitor. Social media cookies: These cookies enable users to share content from the website on social media platforms. Purposes of cookies Cookies have various purposes, such as improving the user experience, collecting statistics about website use and offering personalized advertisements. Cookie banners: necessary and informativeWhat is a cookie banner? A cookie banner is a notice that appears on a website to inform visitors about the use of cookies and to give them the opportunity to consent to their cookie. According to the GDPR, websites must inform visitors about the use of cookies and obtain their consent before placing non-essential cookies. Best practices voor cookiebanners Some cookie banner best practices include: Be clear and transparent about the use of cookies. Offer visitors the opportunity to adjust their cookie preferences. Make sure that the cookie banner is not intrusive and does not interfere with the use of the website. Only collect consent for non-essential cookies. Respect visitors’ choices and save their preferences for future visits. And most importantly: Make sure the cookie banner also works. We see a lot of websites where when the cookies are refused, they simply remain. It is also prohibited to place cookies before the user has made his choice. Common mistakes when using a cookie banner Here are some common mistakes when using a cookie banner: Do not have a cookie banner, but (non-essential) cookies are indeed used. A cookie banner does not work properly or is unclear, so that visitors are not properly informed. Not offering an option to decline non-essential cookies. Automatically assume consent without explicit consent

What is a correct Cookie banner and GDPR? Read More »