We all know them by now: the cookie banners and cookie popups on many websites. With this we indicate whether we agree that our surfing behavior is tracked or rather not. Few people lose sleep over it and permission is usually given to get rid of it quickly. Yet today they are a necessary evil.
GDPR: what is it and why is it important for Belgian companies?
The GDPR (General Data Protection Regulation) is a European law that regulates the protection of personal data of EU citizens. It has been in force since May 2018 and imposes strict rules on companies and organizations that process EU citizens’ data. GDPR is critical to ensuring consumer privacy and holding companies accountable for how they handle personal data. Belgian companies that do not comply with the GDPR regulations can face high GDPR fines and reputational damage. The sanctions for companies that are too lax with your data are considerable. The fines can amount to twenty million euros or four percent of the global annual turnover.
You may think that the chance is small that your company or SME will come into the crosshairs of the Data Protection Authority. On this website, however, we found many statements, especially regarding the implementation of cookies and the accompanying cookie banner, where Belgian companies have burned themselves with the legislation. Fines of € 5,000 to € 50,000 have been imposed here.
Consumer rights under the GDPR
The GDPR provides a series of rights for consumers with regard to their personal data:
- Right of access: Consumers have the right to know what data a company holds about them.
- Right to rectification: Consumers have the right to have incorrect data corrected.
- Right to be forgotten: Consumers have the right to request that their data be deleted.
- Right to restriction of processing: Consumers have the right to restrict the processing of their data in certain situations.
- Right to data portability: Consumers have the right to receive their data in a structured, commonly used and machine-readable format.
- Right to object: Consumers have the right to object to the processing of their data for direct marketing or other purposes.
Cookies and their role on websites
What are Cookies?
Cookies are small text files that websites store on a visitor’s device. They help remember preferences, track user behavior, and improve the overall user experience.
Types of cookies
There are different types of cookies, including:
- Functional cookies: These cookies are essential for the basic functionality of a website.
- Analytical cookies: These cookies collect information about how visitors use a website, such as pages visited and length of visit.
- Advertising cookies: These cookies are used to display advertisements that are relevant to the visitor.
- Social media cookies: These cookies enable users to share content from the website on social media platforms.
Purposes of cookies
Cookies have various purposes, such as improving the user experience, collecting statistics about website use and offering personalized advertisements.
Cookie banners: necessary and informative
What is a cookie banner?
Best practices voor cookiebanners
Some cookie banner best practices include:
- Offer visitors the opportunity to adjust their cookie preferences.
- Make sure that the cookie banner is not intrusive and does not interfere with the use of the website.
- Only collect consent for non-essential cookies.
- Respect visitors’ choices and save their preferences for future visits.
- And most importantly: Make sure the cookie banner also works. We see a lot of websites where when the cookies are refused, they simply remain. It is also prohibited to place cookies before the user has made his choice.
Common mistakes when using a cookie banner
Here are some common mistakes when using a cookie banner:
- Do not have a cookie banner, but (non-essential) cookies are indeed used.
- A cookie banner does not work properly or is unclear, so that visitors are not properly informed.
- Not offering an option to decline non-essential cookies.
- Automatically assume consent without explicit consent from the visitor.
The two most common cases we encounter in Belgian SMEs are:
- Many sites already have a cookie banner, via a free plugin everything seems to be fine. But if you dig a little deeper, not all cookies appear to be included in the preferences, or your preferences (in case of refusal) do not work. This is more common than you think, because the average visitor does not dig into the technical side of the website to check whether his / her choices are being respected.