Avoid Playing Hookie – Understand the Role of Cookie in Opt-In Consent Banner for GDPR Compliance

Avoid Playing Hookie – Understand the Role of Cookie in Opt-In Consent Banner for GDPR Compliance

Last Updated on February 10, 2022 by Rakesh Gupta

Cookies – Yay!! Sorry to disappoint! But, here, we are not referring to a Chocolate Chip cookie!! A Cookie, in this article, refers to a piece of information, stored as text strings, on the visitor’s web browser while they browse your website. 

Examples of Cookies

  1. Cookies are most commonly used to track website activity to gather information about which web pages are used the most. Or, which pages are collecting the most repeat hits.
  2. Cookies are also used for online shopping stores. They often use cookies that record any personal information you enter, as well as any items in your electronic shopping cart, so that, you do not need to re-enter this information each time you visit the site.
  3. Service providers can use cookies to provide personalized web pages by storing selected preferences at a website in a cookie. 

What is GDPR?

With the onset of General Data Protection Regulation (GDPR) you, as a website owner, must obtain, and store, ‘cookie consents’ from your visitors from the European Union (EU), Ireland, Lichtenstein, Norway, and Switzerland – if you are using some tracking software to track their activities. GDPR gives website visitors more rights and control over how their data is processed.

Who Does GDPR Apply to?

GDPR applies to businesses that target the European Union (EU) data subjects. This means that the new privacy law – GDPR – applies, not only to organizations operating within the European Union (EU) but, it also applies to all the businesses worldwide that target individuals in the European Union (EU).

What are the Consequences of Violating the GDPR Regulation?

Businesses that violate the European Union (EU) GDPR face a maximum penalty of €20 million ($23 million) or 4% of their annual global turnover (whichever is higher).

The largest penalty, so far, was issued on January 2019, when Google received a GDPR fine of €50 million for not fully informing users how their data would be used when they set up its Android operating system. 

What is GDPR Compliance?

Complying with the European Union (EU) GDPR means that, businesses have to ensure that data is collected legally. That is, the businesses must inform users (1) how their data is collected; (2) how will it be treated; and, (3) last but not least, how it will be secured (i.e., protected from breaches).

What is a cookie consent banner?

As mentioned, under the regulations of GDPR, companies must ask users’ permission to track their activities and process their data.

Pardot 20.1

Cookie Consent Banner is a warning that pops up on websites when a user first visits the site. The website banner declares presence, and use, of cookies on the website. The banner provides users a choice of, agreeing or refusing to consent, before their data is collected.

Consent can be withdrawn at any time— and it should be as easy to withdraw it as it was to give it.

GDPR Privacy Laws Worldwide

So far 107 countries have implemented new data protection laws to control the flow of personal data. More enactments are on the way!

One of the first enactments will be the California Consumer Privacy Act (CCPA), which comes into effect on January 1, 2020.

How does Pardot track website visitors’ activities?

Pardot uses first-party cookies for tracking purposes and sets third-party cookies for redundancy (Customer choose not to set up a Tracker Domain or allows cookies on https pages). You can learn more about how cookies and tracking work in Pardot in the following articles:

  1. Getting Started with Pardot – Part 2 (The difference between visitors and prospects)
  2. Getting Started with Pardot – Part 3 (Association of a visitor cookie to a prospect record)

Set up your cookie policy

Let us start with a business use case. David Haditsch is working as a Content Marketing Manager at GurukulOnCloud. GoC is currently using Pardot to nurture prospects. He received the following requirement – incorporate cookie Opt-In consent banner on the website for visitors from the European Union (EU) to comply with GDPR.

Solution for the above business requirement

To display the Pardot tracking cookie message, perform the following steps:

  1. Navigate to Admin | Overview
  2. Then click on the Edit Tracking Opt-in Preferences button, as shown in the following screenshot: Pardot 20.2
  3. The next step is to enter a few details, as mentioned below:
    1.  Message – The text that you will enter here will appear on cookie consent banner to new visitors on your website. Feel free to use HTML tag, as shown in the following screenshot: Pardot 20.3
    2. Styles – This is the place where you can apply branding to the cookie consent banner. For example, I changed the Position of the form (to Bottom) and Font-family (to Verdana), as shown in the following screenshot:Pardot 20.4
    3. Link Styles – This is the place where you can apply branding to the Yes No clickable options. For example, I changed the Color of the Text (to Blue), Font-weight (to Bold), and Text-transform (to Uppercase) as shown in the following screenshot:Pardot 20.5
    4. Request Opt-in from all/specific visitors – When it comes to requesting opt-in, Pardot provides the following two options: 
      1. Request opt-in from all visitors before tracking visitors – Use this option when you want to get the cookie opt-in consent confirmation from all visitors irrespective of their geographical location. This is the best practice and should be followed by a marketer to provide transparency.
      2. Request opt-in if the visitor comes from specific countries – Use this option when you want to get the cookie opt-in consent confirmation from specific countries. For the above business scenarios, make sure to select European Union, check out the following video for more detail: 
    5. Once you are done with all the changes, the final step is to click on the Save Preferences button to save the Tracking opt-in preferences.

It’s time to test this

  1. To test the Cookie Opt-In Consent Banner, open Gurukul On Cloud website from the European Union (EU) IP (or Location). 
  2. Navigate to the bottom of the page and you will see Cookie Opt-In Consent Banner, as shown in the following screenshot:  Pardot 20.7

Things to Remember 

If a visitor opts out of tracking then, they will not be asked again unless s/he deletes cookies or visits the website from another browser. If the visitor opts out of tracking, Pardot treats it in exactly the same manner as though the browser had sent a Do Not Track header.

What is not tracked?

Once a visitor opts out of tracking, the following activities will not be tracked: 

  • Page views
  • Form and landing page views
  • File downloads
  • Custom redirect clicks

What is still tracked? 

Even if a visitor opts out of tracking, the following activities are still tracked: 

  • Form and landing page submissions
  • Email sends, opens, and clicks

I hope you learnt something valuable today and understood what GDPR is and, how to comply with it. 

In the next article, we will go to the next level and discuss how to consent with GDPR when someone fills the form (1); and, how to provide visitors the ability to opt-out from tracking mechanism and wipe-out their data (2). 

–>Please feel free to add constructive comments and insights to the blogs.

Proofreader: - Munira Majmundar
Have feedback, suggestions for posts, or need more information about Salesforce online training offered by me? Say hello, and leave a message!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.