Cookie Consent Code Issues

The tracking code is normally placed on every page in the <head> of every page you want tracked. The HTML would typically be placed on your privacy policy page.

Why not use your browser tools to examine exactly how these pages are working. If you use Chrome for example, you can inspect the Application tab and select Cookies t see what is being left on your machine.

1 Like

The situation is getting more confusing.

I used the code produced by: https://cookieconsent.insites.com/ as shown at the beginning of this chain.

After testing, if a browser has no tracking set the cookie notice doesn’t show, so what I thought was a simple solution for my limited knowledge proves not a fool-safe solution. There is just a small box with the text 'Tracking" crossed out.

Approaching this from a slightly different angle, it seems to me that your requirements are as follows:

  • When the user hits the site for the first time, show them a banner that says “We use cookies”. This banner should have three actions: More Info, Accept and Decline.
  • If the user hits More Info they are taken to a page which explains what your site uses cookies for. This could also contain information on how to deactivate cookies in your browser.
  • If the user hits Accept, then the banner disappears and the site uses cookies as it normally would.
  • If the user hits Decline, then the site doesn’t create any cookies for that user, ever. Of course, without the use of cookies, the site may not function correctly, but hey…

Did I get that right?

And, without a cookie you don’t know which users to never create a cookie for :upside_down:

Nah man, once users accept cookies, I would set a value in local storage (useful, as it doesn’t expire) stating the user accepts cookies, then any time I want to set a cookie, read that value and act accordingly.

1 Like

So my understanding of the new GDPR rules is that you cannot send personally identifiable data elsewhere without consent. I.e. Using google analytics with demographics and remarketing is not allowed without explicit concent as you are allowing google to track users with enough data to be able to identify them.

If you disable demographics/remarketing either at account level or in the code then you do not need to ask for consent. Combined with the ip anonymisation that GA provides no personally identifiable data is shared.

So what i would do is always have the basic tracking enabled and if the user clicks ok then enable the demographics part of the code.

check out this blog post https://brianclifton.com/blog/2018/04/16/google-analytics-gdpr-and-consent/ which says

Summary of Google’s Advice:
If you use these Advertising features in GA, you must request explicit consent. If you do not, then you don’t.

If you don’t want to know demographic data and just want to track normal user stats etc just turn off demographics and don’t worry about it.

hth

Thank you for your further insight Pullo. Yes, basically the requirement is for an Accept and Decline button and and Learn more link - the learn more directed to a cookie policy. I saw a lot of big company site also have a preferences link that subsequently shows a list of cookies that are split to functional, third party and marketing, with tick boxed or sliders to chose to accept yes or not (https://www.cookielaw.org/blog/2016/5/13/the-gdpr,-cookie-consent-and-customer-centric-privacy). This would cover any chance of hitting a non-compliance wall.

I put the basic cookie accept banner on the site as per the code as shown in my initial post, but found it doesn’t show up if tacking is turned off due a manual setting or a browser add-on.

While originally my site didn’t have any type of cookies, it now has them for the cookie notice, the e-mail form necessary for contact under the law and the reCAPTCHA module.

I couldn’t figure out the use of the decline code I posted initially above, where to place it and how to apply the "Disabling cookies should be done with the callback hook ", mainly due to a lack of step by step instructions and my lack of experience with code.

I did try some other free cookie notices that show they have a decline, one was (https://privacypolicies.com/cookie-consent) I put the code into the page as described but that didn’t work for some reason.

I have spent days searching for a suitable cookie consent dialogue box, the ones that seem to work are around $49 per site per year which is out of the question.

I am currently going round in circles.

I read somewhere the google fonts also picks up data on users if they visit a site uses a link to a font set.

I have also found that YouTube have a new embedding option "Enable Enhanced-Privacy Mode’ (situated at the bottom of the options list for an embedded video) I assume this option stops the cookie that sends user data to the Netherlands, the cookie states: Cookie purpose description: Registers a unique ID to keep statistics of what videos from YouTube the user has seen. Yikes!

The next thing to drop on our laps is the Article 13 that the European Parliament will vote on the Copyright Directive on June 20 and 21. Details at https://saveyourinternet.eu/ another bundle of fun titled by web-uses as “Don’t let the EU break out internet”. Once the new law is enacted I wouldn’t be able to make that quote legally.

All this and I still haven’t got a fully compliant cookie notice yet.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.