The EU’s General Data Protection Regulation requires companies to protect the privacy of their EU customers. This means there is a requirement to notify visitors to your website if you are collecting any information that could identify them and give them a clear option to give consent or otherwise.
Personally identifiable information (PII) is any data that can be used to identify a specific individual. While your website may not seem like it collecting enough information to identify a real person, the collation of information by third parties, could include your information to complete the PII profile. Therefore you must let them know of any data you are collecting about them.
Before the new regulations, it was enough just to inform visitors to your website that cookies are in use on the website, however, it’s no longer the case..
Article 7(3): “The data subject shall have the right to withdraw his or her consent at any time. (…) It shall be as easy to withdraw as to give consent.”
The data subject being referred to here is the person behind the PII.
‘affirmative action’ step used on this website
Cookies can be personal data. The GDPR explicitly states that online identifiers, even if they are pseudonymous, even if they do not directly identify an individual, will be personal data if there is potential for an individual to be identified or singled out. Any persistent cookie that is unique to the device by virtue of its attributes or stored values fits the criteria for personal data. That means most cookies, and certainly the most useful ones for site owners. This is the basis for cookie consent being about GDPR compliance now, as well as the existing cookie laws.
Implied consent will no longer constitute compliance. The GDPR requires the user to make an ‘affirmative action’ to show that their consent has been given. This means that from the beginning of their visit to your website they must be informed that cookies are in use and be given the option to proceed to view the website with, or without cookies.
It also won’t be ok to say ‘By using this site, you accept cookies’. If there is no valid choice, then there is no valid consent.
The ability to opt out of consent that has already been given is also a requirement. So, just as there will be an “I Accept” button to click, in order to give consent, there must also be one that allows the user to reset their consent, if they have given it earlier. The image below is of the Cookie Reset Button in the footer of this website.
Get Your WordPress Site GDPR Compliance before 25th of May
Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.
Essential Website Cookies
These cookies are strictly necessary to provide you with services available through our website and to use some of its features.
Because these cookies are strictly necessary to deliver the website, you cannot refuse them without impacting how our site functions. You can block or delete them by changing your browser settings and force blocking all cookies on this website.
Google Analytics Cookies
These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.
If you do not want that we track your visist to our site you can disable tracking in your browser here:
Other external services
We also use different external services like Google Webfonts, Google Maps and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.
Google Webfont Settings:
Google Map Settings:
Vimeo and Youtube video embeds: