To properly manage an online activity, it is essential that the website or app complies with current privacy policy and cookie regulations.
Iubenda is the ideal service to keep your website or app up-to-date with changes in regulations regarding user data management and the tools that make it possible.
Among these tools, cookies are the most familiar to the majority of users.
Cookies are small text files necessary for the server of the website that installed them to obtain information about the specific activity a user performs on the pages of that website. Each time the same device reconnects to the site, it sends back the cookie, allowing the server to recognize and track user activity over time.
Cookies are classified into two main categories: technical cookies and profiling cookies.
If a website uses cookies or other tracking tools, a cookie banner is a valid mechanism to obtain user consent.
The banner must include the following information:
-
A brief notice on the use of technical cookies and any profiling cookies or other tracking tools, including their purposes;
-
A link to the cookie policy;
-
A clear indication that by continuing to browse, the user gives consent to profiling;
-
A link to a dedicated area where the user can select which functionalities, third parties, and categories of cookies to enable;
-
A command to accept all cookies or other tracking tools;
-
A command to continue browsing without accepting cookies and to close the banner.
If a website installs only technical cookies, the banner is not required.
Iubenda allows automatic configuration through the Privacy Controls and Cookie Solution.
It is possible to use either the automatic configuration or manual configuration.
When using the automatic setup of Privacy Controls and Cookie Solution, scrolling and page interaction consent are disabled by default. If you prefer manual setup, simply deselect the option “Consent by continuing browsing” in the manual GDPR settings.
The standard validity for consent preferences in Iubenda’s Privacy Controls and Cookie Solution is 12 months, with the possibility to adjust this period, not less than 180 days.
Under current policy, a website owner must be able to demonstrate that valid GDPR-compliant consent has been obtained.
Unlike a technical cookie, the Cookie and Consent Preferences Registry allows storing and documenting proof of consent and linking it to a specific user for future audits.
The Cookie and Consent Preferences Registry is available in the dashboard (under Privacy Controls and Cookie Solution).
According to current regulations, cookies and other tracking tools cannot be installed without user consent. The only cookies that can be activated without user authorization are those that meet the “strictly necessary” exception, e.g., cookies used solely to enable communication or provide a service requested by the user.
If TCF (Transparency and Consent Framework) support is enabled, it is important to ensure that purposes rely solely on consent and not on legitimate interest. To do this, scroll to “Advanced Options” in the Privacy Controls and Cookie Solution configurator, then go to “IAB Transparency and Consent Framework.” Under “Limit Purposes,” select “Consent only” for the active purposes.
