With the increased digitization of different sectors, online privacy laws have become more prominent and stricter to protect consumer data privacy. GDPR and CCPA are some of the major online privacy laws around the world with heavy consequences for non-compliance.
If you have a WordPress website, getting compliant should be easier with the many GDPR Cookie consent tools available in both free and paid versions.
This article explores one such plugin called CookieYes GDPR Cookie Consent and Compliance Notice plugin. By going through the article you will learn its many features, how it helps with GDPR and CCPA Cookie compliance, etc.
GDPR and Cookie Compliance
Whether you are a website owner or an organization that deals with the personal data belonging to EU citizens it’s important to learn how cookies are connected with the law.
In the official GDPR text, Cookies are mentioned in recital 30.
“Natural persons may be associated with online identifiers provided by their devices, applications, tools, and protocols, such as internet protocol addresses, cookie identifiers or other identifiers […] when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.”
In layman’s terms, it simply means that cookies that can be used on their own or in combination with other data to identify an individual are considered personal data under the GDPR.
Although there is no explicit mention as to how your website cookies should be managed under the GDPR, Cookies are inarguably an essential component of the law.
Major Features of the CookieYes GDPR Cookie Consent and Compliance Notice Plugin
- Cookie consent banner – You can create and display a cookie consent banner that blends with your website style and goes with the requirements of the laws.
- Revoke consent button – You can add a button that will make it easy for your users to revisit and revoke their consent whenever they need it.
- Automatic cookie scan – Scan and list your website cookies as per their categories.
- Granular control for cookies – Allow your visitors to provide granular consent for cookies.
- Cookie audit table – Using a simple shortcode display your website cookie list and related data for your users’.
- Auto-script blocker – Block third-party scripts until receiving user consent.
- CCPA Compliance – Offers assistance in CCPA compliance as well.
The following section gives you a closer look at how each of the features works and to get a better understanding of the plugin’s workflow.
Cookie Consent Banner
Using the plugin you can easily display a cookie banner on your website. The banner can be customized to match your existing website’s style. If you need something different than a banner, you can go for either a popup or a widget. The plugin provides you with all three options.
The cookie banner settings are as shown below.
Here you can either add a message heading for your cookie banner or leave it empty. In the message box, you can add a custom message or go with the one provided by the plugin.
The message box is also where you put the button shortcodes for the display of buttons. Button customization is explained in the below section.
In terms of customization, you can choose its background color, text color, font, choose from banner/popup/widget, and also choose its position. Header or Footer can be chosen as position.
You can perform individual customization for Accept, Reject, Settings buttons and Read More link. It allows you to add a custom button text, choose the text color, and choose button size from the options given. There is also another option to display links instead of buttons.
Revisit Cookie Consent (Show again tab)
GDPR Cookie consent guidelines demand allowing your users with an option that will enable them to revoke their consent with the same ease as it was for them to give consent. With the plugin, you can display a widget on your website that will allow your users to easily revoke their consent.
You can give the widget a custom title, and give its exact position in pixel or percentage value from the left or right margin of your website. Whether it will appear on the website header or footer will be determined by where you choose to display the cookie bar.
Other than the widget, you can also manually insert a link to manage consent by adding the shortcode [wt_cli_manage_consent] to your website.
Automatic Cookie Scan
Automatic cookie scan is one of the very handy features of the plugin. With it, you can scan your website for cookies and list them to their respective categories. For scanning your website with the plugin you need to have a free account with the CookieYes GDPR Cookie Consent solution.
Following is a screenshot of a cookie scan result page of a website using the plugin.
It will contain data including,
- Time and date of scan
- Total URL’s scanned
- Total cookies detected by the scan
- Detected cookie names, duration, category, and description.
You can add or import these cookies to your website’s cookie list by clicking on the ‘Add to cookie list’ button.
Category Based Cookie Consent Popup
You can enable a cookie popup in addition to the cookie banner to allow your users the option to allow explicit cookie consent on a category basis. The plugin comes with default categories such as Analytics, Performance, Functional, Advertisement, Marketing, and Other.
You can either create new categories or edit existing categories and assign cookies to them. Cookies will be automatically categorized along with scanning. You can also assign cookies manually to each of the categories.
Following is a screenshot of the cookie consent popup that allows granular consent for users.
You can display the category to be in enabled or disabled mode by configuring so in the category settings. The Necessary category will always be enabled. Users will not be able to disable the category. You can add cookies essential for your site’s performance to this category.
The popup is triggered when a user clicks on the ‘Settings’ button or link on the cookie banner. Thus for enabling the granular consent option, you need to add the settings button to the cookie banner displayed on your website.
Display Cookie Audit Table
Automatic Script Blocker (Third-Party Cookies)
Third-party cookies are often a major deterrent to achieving GDPR compliance. The cookie consent plugin allows you to manage them with greater efficiency. The script blocker feature of the plugin automatically blocks cookies of some of the popular plugins until the user grants consent for them.
Currently, the plugin supports the following plugins for auto-script blocking.
- Official Facebook Pixel
- Smash Balloon Twitter feed
- Smash balloon Instagram feed
To disable scripts of third-party services and more plugins you will have to upgrade to the pro version of the CookieYes GDPR Cookie Consent and Compliance Notice plugin.
In addition to the GDPR, the plugin assists in CCPA compliance as well. You can configure the plugin to help with CCPA compliance.
On the general settings page of the plugin, you can find the three options that let you configure website settings for GDPR, CCPA, and both the laws as per your selection.
On choosing CCPA, two new options will be displayed where you can enable CCPA (California consumer privacy act) that gives consumers the right to direct a business not to sell their personal information to a third-party. As a result of enabling CCPA, all the scripts related to the categories which are configured to sell personal information will be blocked.
The ‘DO NOT SELL’ option can be enabled via the shortcode [wt_cli_ccp_optout].
With the feature, you can add custom content tailored to your requirements to the cookie notice or go with the content provided by the plugin. There is a live preview option as well to see how the changes would look on the front-end.
GDPR is a very huge regulation and cookies make it even more complex for laypersons to understand. The plugin makes cookie consent requirements far easier to meet, but seeking any legal consultation would help in closing any gaps in compliance.
Hence at first, it’s always best to first learn about your website, how it deals with personal information before moving on to choose the plugin and getting into the rest of the compliance processes.
Disclaimer: This blog post does not intend to be a substitute for legal advice. Therefore, for any legal assistance related to GDPR compliance, you should seek the services of an attorney.