In normal life, giving consent is a fairly simple concept. It would just be answering a question with a yes or no. However, consent within the meaning of the GDPR is more complicated. Obtaining valid consent could present certain challenges for situations that would be normal in daily life. A normal situation that gets complicated when it comes to the General Data Protection Regulation is using a website. Most websites have all kinds of third-party tracking, profiling or retargeting scripts installed. If that is the case, the GDPR requires the consent of the user.
In order to obtain and document the express consent of the website users, which can easily be revoked or adapted, a technical solution is required. Such a system can be developed in-house, but the system would be very maintenance-intensive and would have to be updated technically and legally. Therefore, it can be much cheaper to use a specialized consent management platform (CMP) like CookieFirst.
Characteristics of CookieFirst as a Iubenda Alternative for your Consent Management Platform (CMP)
Consent management platforms for website technology haven’t been around that long. In this article, we discuss some legal and technical features that should be considered when choosing a consent management platform or CMP for cookies.
CookieFirst is a Iubenda alternative for consent management.
Server location and documented consent
Current legislation requires documentation of the consent and the possibility of providing evidence of consent. It is therefore important not to save consent on the client side, but on the server side. And the data in which consents are stored should also be on servers that are physically located on EU soil. The CMP for cookies should also offer the option of saving consent data on site. CookieFirst, as a Iubenda alternative, saves consent in European data centers.
Granting and revoking consent | Iubenda alternative
The online user should be able to give his consent clearly and freely. Both options, accept and reject, should be clearly offered. Cookie walls that prevent the user from interacting with the website before consent has been given are also not compliant. CookieFirst as a Iubenda alternative aims to make this process as smooth and transparent as possible.
Loading scripts and cookies | Iubenda alternative
Only after a valid opt-in should scripts be loaded that require approval. These scripts should no longer be loaded after the opt-out. It would not be really convenient to send the user to a third-party website to revoke their consent. Revocation should be a simple and smooth process in order to keep the user experience at the highest possible level.
UX / UI design | Iubenda alternative
A good cmp offers opportunities to adapt the design of the front end. If the design of the front end matches the website or platform it’s used on, the user is likely to be less annoyed with the settings panels and banners. At least one can make it look nice and adapt to the platform it’s used on.
Not just cookies
In addition to for example Tags, consent should also be required for embedded content and plug-ins. (Such as YouTube embeds) Whether these integrations require consent depends on factors such as the transfer of data to non-EU countries, e.g. the USA. In this case, you are obliged to obtain consent for the use of this data.
Privacy by design | Iubenda alternative
During processing, the consent data must be stored separately so that the consent management platform does not itself become another data-hungry third party. A CMP should not be able to match the consents of a single user with consents on other websites. Such profiling activities themselves require consent.
As a Iubenda alternative, Cookiefirst is designed to be compatible with any website platform or CMS. Cookiefirst can be used on any website that has the option of placing a code snippet right after the body tag.
Agile and flexible
The landscape of data protection laws is constantly changing. So whenever there is a ruling by the data protection authority that affects the rules for loading tags and scripts, the CMP should be able to quickly redesign the functionality of the platform. The Iubenda alternative CookieFirst has proven to be very agile and flexible in terms of adapting to new regulations and judgments by authorities.
CMP’s only purpose: Get consent
The CMP provider should only have 1 business purpose: to obtain consent. If a CMP provider pursues other purposes, the consent data may be used to pursue these purposes. As a Iubenda alternative, CookieFirst’s only business purpose is to obtain consent.
Current regulations require that consent to the use of third-party scripts must be granular. In order to adhere to the principles of minimalism, consent should only be obtained for third-party technologies used on the website in question. How can you get approval for a whole list of over 300 providers in the sense of minimalism, as the IAB solution implies?
In short, all organizations that use tracking technologies and cookies on websites that serve European users must comply with European GDPR, ePrivacy, California’s CCPA, and other extraterritorial data protection laws. In reality, this would mean that almost all organizations in the world that use profiling or tracking need a consent management platform in order to be compliant.
CookieFirst as a Iubenda alternative offers the appropriate options to be compliant and makes consent management easy and affordable. With the upcoming ePrivacy Regulation, CookieFirst is constantly looking for ways to make consent management acceptable to marketers and to stay compliant with current regulations.