When is cookie consent GDPR-compliant?
In order to be GDPR-compliant cookie consent has to follow the principles below:
- In Advance
First off, consent has to be given explicitly and freely. That means that assuming consent because a user continues surfing is not GDPR-compliant. Furthermore, the user must have the option to refuse data processing by clicking a “Reject” button and still be able to surf the site. Next, according to Art. 7 paragraph 1 GDPR all consents must be documented and data such as timestamp and URL calls logged and saved. This needs to be done so you can prove that no cookies were played out before consent was given because according to Article 83 Paragraph 5 GDPR cookie consent has to be given in advance.
So what should the user actually give consent to? It’s important that the consent is cookie specific. The user must be able to know on a granular level which data is recorded and make his or her decision to consent on an informed basis. That means that the user needs to be informed about:
- The type of data collected
- The purpose of collection
- The data recipient
- The legal basis for collection
- The duration of data storage
- The country of data collection
- Whether or not the data will be forwarded to third parties
Lastly, the consent must be easy-to-withdraw and the user must be able to easily find an option to withdraw their consent at a later time.
In sum: GDPR-compliant cookie consent can only be given via opt in.
Tips to improve cookie consent rates
The problem with new cookie consent guidelines for E-Commerce retailers, publishers or really any kind of company doing business online? If less users consent to cookies, less vital web tracking data is available for analytics. Therefore, one of the most important aspects of reviewing your cookie consent set-up is not only to make it GDPR-compliant, but also to to design it in a way that optimizes opt-in rates.
Tip 1: Split-Test
How your average website visitor or user reacts to your cookie consent banner depends – in part – on them. In order to figure out which design elements your target group reacts well to, use AB-Testing and analyze your results. Different wordings and statements lead to different consent rates. Additionally, a male target group aged 50+ will react differently then a female target group aged 18-25. Figure out which consent elements work for your website and your user base, implement, and continue testing.
Tip 2: Go into detail
When in doubt, add more information! It might sound practical to just ask for consent, get it over with and not scare away users by listing all the different ways in which the collected data will be used. However, opt-in rates actually increase once your consent requests become more granular. That’s because users expect the worst when being asked for consent: ad mail, spam, and the selling of information. However, if you show them what advantages they gain from giving consent, e.g. personalized offers and only information relevant to them, and they are given the option to choose, opt-in rates increase.
Tip 3: Individualize and increase engagement
If you are already split-testing and segmenting your users, building a consent journey is just one step away. A consent journey can be planned similarly to a customer journey and its implementation can increase loyalty and engagement. Segment users into 27 group by sorting by channel of contact (e.g. direct mail, contact form, telephone), message type (e.g. newsletters, promotions, catalog), and value (e.g. high, low, and medium order value, order frequency or order recency). Now tailor consent requests to each group.
How to win back opt-outs
If a user has opted-out, he’s not lost forever. You can definitely try to change his mind, though you should not do so not right away and make sure to stay GDPR compliant. Here are a few tips on how to get these visitors to consent to cookies if they have already opted-out.
Tip 1: Replay the cookie banner
The easiest option is to simply replay the cookie banner after a certain amount of time. This is especially useful during sales periods. At this time users are trying to use your page as fast as possible and will be more likely to simply give their consent in order to move along to your offers before they sell out.
Tip 2: Analyze page specific consent rates
Want to know where to repeat your plea for consent? Analyze your data and figure out on which pages cookie consent rates are exceptionally high. Then play out an additional cookie banner on these pages for those who have previously opted-out. While this method will most likely improve your opt-in rate, you might not reach all users that opted-out, as it is not guaranteed that they visit your best-converting pages.
Tip 3: Show the value of consent
Another option is to repeat the consent request form in places that add value for users. You can place banners on embedded content such as posts from social media or videos from youtube. While users must still be able to navigate your site without giving consent, the banners in these places can explain why providing consent will give value to the visitor and thereby increase consent rates.
Tip 4: Incentives
The last option might not be profitable for all businesses but worth it for some. E-Commerce websites can offer free shipping vouchers for this opting-in, Digital Service providers can provide free downloads. Whatever your business, you are sure to offer small tokens of appreciation that could convince users to give consent.
These tips are not GDPR-compliant
In addition to these tips, there are a number of tricks often used to get website visitors to opt-in, which are forbidden by law. These include:
- Implicit consent: If a user doesn’t give consent and instead ignores your cookie banner, this may not be interpreted as implicit consent and no data may be collected.
- No direct opt-out button: Some website owners may hide the opt-out button on a second level in the consent banner. This might force users to click through options before they can definitely opt-out. This method is not allowed.
- Hiding content behind cookie wall: Users must be able to navigate the website freely without giving consent. You may not hide any content behind a cookie wall.
- Nudging: Methods of nudging, e.g. coloring the “Accept” Button green and the “Opt-out” button red are not allowed.
- Pre-ticked Boxes: Some cookie banners will include boxes with which users can select how much consent they give. As vsitors have to give their consent freely, none of these boxes may be preselected.
Consistently work on the quality of your website and your consent strategy, and you will be able to see better opt-in rates and data soon! Need help analyzing it? Please don’t hesitate to contact us. Google products, business and marketing data and the ever-changing nature of digital marketing are at the core of our business and we always keep a close eye on any updates and how they impact our and our clients’ bottom lines.