If you have been visiting many websites recently, you have possibly seen cookie banners – including if you do not know what a cookie banner is. Cookie banners are pop-ups that appear when you visit a website. The banners serve two purposes – letting you know that the website is collecting your personal data and the website owner might use it for particular purposes and to get your consent for the data collection and use.

How a cookie banner works

Immediately a visitor lands on your website, the cookie-banner will pop-up somewhere on their computer screen. The pop-up is the cookie banner and should tell the visitor that your website uses cookies and ask for consent. Unfortunately, most websites start collecting data even before the visitor gives his/her consent. They do not require the consent from the visitors to start the data collection. Do not do that. By doing that, you will risk the loss of business credibility or huge fines. A cookie banner is unimportant if it does not serve its primary purposes.

Do you need cookie banners?

If you are planning to gather data from your website visitors in the European Union countries, you will need a cookie banner. Generally, cookie banners apply to the EU laws solely, which means that you can choose to display them to EU visitors alone. But because controlling your website visitors is hard and you are possibly using tracking technologies such as Facebook Pixel, Google Analytics, plugins, HubSpot and social media buttons, you should add a cookie banner to your website to remain on the safe side.

In the year 2002, the EU regulated the matter with their ePrivacy directive, which barred website owners from collecting data from a visitor without their consent. That is when the number of cookie banners started appearing in large numbers. The General Data Privacy Regulation (GDPR) requires the use of cookie banners. Moreover, the regulation that became effective in May 2018 imposes heavy fines for individuals who fail to comply. Start by scanning your website for ePrivacy compliance and GDPR with Secure Privacy.

Before the GDPR, people used cookie banners that said, “By using this website you accept cookies”, that should not happen anymore. Today, you will have to ask for the consent of your website visitor if you plan to collect their data. GDPR requires you to post a banner informing your visitors from the EU countries that you use cookies, how and where you use them and where you will use their data in a way that is easier to understand.

The regulation requires you to provide the visitors with an option to opt-in or opt-out and provide their consent. You will have to keep a record of the collected consent and allow the visitors to withdraw the data they have provided you with the consent to collect.