Data insights
18. august 2023
Cookie consent: “Just say yes, please, to that cookie”
You cannot say “online marketing” without also saying “cookie consent”. It is a topic driven largely by ignorance and fear. Therefore, in this article I will dive into “what is actually relevant”, while also helping you understand what it is and how it affects your data.
What is Cookie Consent?
Cookie Consent is a term that covers the fact that, in connection with GDPR regulations, it has become a requirement to obtain active consent if you want to place cookies (small fragments of tracking code) in people’s browsers and/or other marketing tracking on your website in people’s browsers.
There are several providers that can help you ensure your cookies are placed correctly and legally, e.g. Cookiebot and Cookieinformation.
This consent must be stored for a certain number of years, which you can find out with a quick Google search.
In other words, “Cookie Consent” is the legal part of setting up tracking for your users, where you ensure that your tracking is compliant with directives and national and international law.
The recipe for GDPR-compliant cookies
To get a baking tray of the most delightful GDPR-compliant cookies, you need:
- 150 grams of ensuring that all functional, statistics, and marketing cookies are blocked in the code until they are actively accepted.
- 2 tbsp. Of an up-to-date declaration of all cookies containing: the type of cookie, what information it collects, who the data is shared with, and how long the data is stored.
- A pinch of a banner that makes it possible to opt in or out of cookies, without unduly nudging the user into a choice (e.g., by making the “no thanks” button very small).
Note: However, it is important to note that this does not only apply to cookies. The consent requirement also applies to the collection of personal data and “Local Storage” if local storage is used for data storage, in the same way one would normally use a cookie.
What does cookie consent do to my data?
We have analysed multiple websites across industries, and the conclusion is that when you implement GDPR-compliant cookie consent, the amount of data is reduced by approx. 30–40% because users either reject cookies or do not respond to the banner.
If cookie consent is set up correctly, the quality will be the same for the remaining users.
Bonus info: You can get 8–10% more people to accept cookies by placing the banner at the bottom of your website, we have found.
Before you panic – Google Consent Mode
If you lose data due to the implementation of cookie consent, you can still collect more data for your Google products legally, even if people do not accept cookies.
If you do not know what that is, read my article about Google Consent Mode.
Common mistakes
There are some common mistakes that people often make when it comes to cookie consent:
- YouTube videos are placed behind a button click and can therefore set cookies or local storage without consent.
- Marketing scripts are only activated on the next page view after consent has been confirmed.
- Cookiebot is set up, but only some cookies are blocked—not those set via Tag Manager; you must block those yourself within Tag Manager.
- You work with the US, but you are not aware that the US does not actually require active consent—passive consent alone (that the banner is shown) is sufficient.
Who should adopt Cookie Consent?
In principle, it is important for everyone, but where we see the greatest focus is:
- Lawyers, accountants, etc., because customers expect them to have legal matters under control.
- The public sector, schools, etc., because you can get internal backlash for not having it under control.
- Large international organisations, because the group as a whole can face fines of up to 4% of annual turnover if just one website gets it wrong.
- Media companies and similar organisations, where users can create a shitstorm.
As a small business, you generally do not need to be afraid—so far, there have been few rulings in Europe—but you should be aware of your risk and consider whether it is best to follow the rules overall.
Final thoughts
Navigating the world of cookie consent can be challenging, but it is a necessary part of running an online business today.
By understanding what it is, how it affects your data, and how to avoid common mistakes, you can ensure that your business is GDPR-compliant and ready to welcome your customers in the most effective and lawful way.
By following these guidelines, you can create a better user experience for your customers while complying with the law. It is a win-win situation for everyone!
It is important to base your tracking setup on something that is GDPR-compliant, so you do not build a data hub that you are later instructed to shut down.
P.S. There has not been that much development in this area.
