GDPR or General Data Protection Regulation is the European ruling for personal data protection, which was effective from the 25th of may 2018
The 9th of July 2021, GDPR was updated and new guidelines on cookies (Cookie Law) were published. This update was considered necessary because of several factors, among which:
- growing usage of particularly invasive trackers.
- Multiplication of user’s digital identities.
The owners of the sites will have time until the 10th of January 2022 to conform to the updated Cookie Law
- Profiling: they are used to trace users (identified and identifiable) to particular actions of behavior patterns during the website usage; in order to profile a specific user (for example, by identifying its shopping habits, interests, and its orientations to then send personalized promotional messages)
- Third-party: they are installed on our website by using outsider Systems and for purposes and methods of treatments over which we have no direct control (for instance, by using Google Analytics we are installing cookies in our visitors computers by using a different domain, in this case “google-analytics.com”)
- Technical cookies: they provide the user with some features that facilitate navigation (for example, selecting the language in which they want to browse the site without having to set it). If you use technical cookies it is not necessary to have an explicit consent from the user, as it is sufficient to only provide the information.
Il banner deve essere mostrato da un sito web al primo accesso dell’utente e deve includere informazioni riguardo:
- Un’informativa breve sull’uso da parte del sito dei cookie utilizzati e le loro finalità.
- Una chiara indicazione che proseguendo nel sito l’utente presta consenso alla profilazione.
- Un link ad un’area dove l’utente può selezionare le funzionalità e le categorie di cookie da installare.
- Un comando per rifiutare o accettare i cookie.
- Consent through scrolling is no longer valid.
- Cookie wall will be illegal (unless the website offers the user the possibility of accessing an equivalent content or service without having to give your consent).
- At least 6 months must pass, to ask for consent again.
- The website owner must be able to demonstrate the proof of the user’s consent according to GDPR standards.