On July 10, 2021, new cookie regulations were released, bringing order to the data collection and profiling of online users. The loose knots concern three main aspects: banner cookies, statistical cookies, and consent collection.
Read on to find out all the news and how Isola di Comunicazione promptly updated the websites of all its clients!
What changes with July’s new cookie regulation
In early July, the Garante della Privacy updated the regulations regarding theuse of cookies and the obligations inherent in user consent for all those who own a digital space in Italy. The goal is still the same: to assure those who surf the Internet that their data-especially the most private and sensitive ones-are protected and used fairly.
The official text containing the new rules is available on the official website of the Guarantor. However, to those unfamiliar with the online world, the contents of the page may seem almost incomprehensible. So let us try to clarify to understand concretely what has changed.
The changes cover 3 main aspects:
- cookies banner
- statistical cookies
- the collection of consent
New cookie banner regulation July 2021
The banner is nothing more than the tool that allows the web portal that uses cookies to acquire consent for visitor profiling and tracking. In the new text it is stated that this medium must have within it certain mandatory information:
- A brief information notice, to inform the user about the use of data collection systems and the purposes for which this information will be used
- the link to the cookie policy, i.e., the page explaining whether data is also disclosed to other parties, how long it will be kept, and any rights you may have
- An unambiguous indication that, through acceptance, the user is giving consent to profiling
- The link to the section where the visitor can choose the purposes for which his or her data may be stored
- The button to accept both cookies and tracking
- the button to reject both
Still on the subject of banners, the new regulations emphasize that after the first visit, its presence is no longer required when the website loads. At any time, however, the user must always be able to access the platform’s privacy policy and cookie policy to change his or her preferences.
Statistical cookies in the new regulation 2021
The statistical cookies covered by the new 2021 regulations are of 2 types:
- the technical ones
- those of profiling
For both – and, if you don’t know the differences, we suggest you read our guide in which we explain in detail what cookies are on the Internet – first-party statistical cookies can be installed without the user’s consent. Conversely, third-party statistical cookies always requireexpress acceptance, except where:
- Are not likely to identify a precise user, but only generic characteristics
- their use is restricted to a single site or a single app
- the data collected are not disclosed to third parties
The collection of consent: what the new cookie regulations require
About the collection of consent, we can summarize the new cookie regulation in two basic points:
- The fact that a user scrolls through the pages of your digital space cannot be seen as having received consent to retain his or her information, unless this action is unequivocal testimony to his or her willingness to give permission
- Cookie walls (i.e., a mode often used in the past to prevent the visitor from browsing the portal in case of non-acceptance to data collection) are to be considered illegal. There are only a few exceptions that must be evaluated on a case-by-case basis with an expert
Two other aspects touched on in the new text include:
- cookie consent preferences
- proof of consent
Cookie consent preferences
Once a user has expressed his or her consent preferences, these should be requested again only if:
- the conditions of acceptance are changed
- the platform does not have ways of storing consent that has already been obtained
- the last acquisition was more than six months ago
Last post: proof of consent for the site owner
The last crucial point concerns proof of consent. In fact, the Privacy Guarantor has ruled that every web domain owner must always be able to prove that they have received user consent to profiling in a manner that is consonant and compliant with the imposed GDPR standards.
Isola di Comunicazione: all of our clients are already in compliance
All these changes can be frightening. Nevertheless, the clients of thecommunication agency Isola can sleep soundly. Our web agency has already taken steps to updated all managed portals according to the new regulations without any additional maintenance costs. On the other hand, theupdating a website is extremely important and we want to ensure that all our clients have one of unparalleled quality.
If you are thinking of making a website, developing a landing page or creating an e-commerce for your business reality, take advantage of thehigh expertise of our team of professionals and their continuous updating on the subject.
Instead, if you already own your online space and want to make sure you are in compliance, contact us for a consultation and let’s figure out together how to move forward!
