New cookie bar rules for 2024. You won't be left empty-handed with us

12 minutes

Article content

The legislation introduces changes to the use of cookies that will affect every website provider under the threat of sanctions. Two years ago, there was a switch from opt-out to opt-in data collection, and from 6 March 2024 the rules will be tightened and the cookie bar must comply with a clearly defined form. Again, the change entails a significant limitation on the amount of data collected about website visitors, but solidpixels users are left with the extended option of collecting anonymised data.

About cookies

If you're already familiar with the cookie bar and just want to know how ours works, scroll down a bit further. If you want to know the whole story from the beginning, let's get started:

Let's start by taking a closer look at cookies. They are small text files that are stored on a user's device when they load a web page and tell us about their behaviour on the website. Without them, it would be impossible to know, for example, that a returning user has visited the site before. This would lead to complications in certain situations, such as emptying the shopping cart that the user has already filled but then left the site for a while or closed the page by mistake.

We classify the above-mentioned cookies as so-called functional cookies. Cookies are also used for statistical and analytical purposes, for example, to measure traffic, to track movement on the site - clicking through individual pages, cursor movement, time spent on individual pages of the site, etc. An often unpopular use of cookies by users is for marketing purposes. This is because cookies can also be used to associate data about a user's purchase history and preferences. This data is then used in remarketing - allowing personalised advertisements to be targeted to a specific user for those products they are most likely to want to purchase.

What is changing

You're probably thinking to yourself that the cookie bar, where the user had to agree to the collection of cookies, existed before, so what exactly is changing? The first major change is in the default setting for the use of cookies when a user opens a website - there was a bar on the website where the user could opt-out of the collection of data, but before they did so, all data could still be collected. Some users mistakenly believed that if they ignored the cookie bar, they would not be affected by the collection and the operators could access the data without active consent. Indeed, the mere act of a user continuing to move around the site was considered consent. With the new regulation, the use of cookies will no longer be possible by default when a page is opened unless the user explicitly consents (so-called opt-in). The second change is the addition of the possibility to consent to the collection of only certain types of data. If a web provider fails to comply with the new rules, they face a fine under the GDPR of up to four percent of its annual turnover.

Exception

An exception to the need for user consent for the use of cookies is where the collection of data is necessary for the technical storage or provision of a service in which the user is interested. This exception cannot be applied to any secondary service that the user does not request based on their behaviour on the website, therefore analytical and marketing cookies are automatically excluded. The use of functional cookies is also limited by regulation to the provision of the service in question. When it is necessary to collect data for functional purposes and when it is no longer necessary will depend on the type of service provided.

What rules must your website comply with

According to the established GDPR requirements, the user should be sufficiently informed about what data the provider wants to collect and what it intends to use it for. A mere "I agree to the use of cookies" will now no longer be sufficient. What to look out for when editing the cookie bar?

  • Provide enough information. Write a document (cookie processing information) that specifies who you are, what types of cookies you intend to use and for what, which data collection tools you use, what the rights of users are and how to withdraw consent to data collection.

  • Do not condition access to your website on consent or non-consent to data collection. Users should be able to ignore the cookie bar as before, only you must not use non-functional cookies until they actively consent. Do not obscure the content of your site with the cookie bar or irritate users by repeatedly popping it up. You can close the cookie bar by granting or denying cookies.

  • Do not leave checkboxes pre-selected for the types of data collected. If you give a site visitor the option to select each type of data collected, it must not be pre-selected according to the rules. This does not apply to so-called functional cookies, which are immediately necessary to provide the basic functions of the website. Functional cookies enable, for example, the function of e-shop carts or the tracking of website traffic. Due to their nature and purpose, these types of cookies are permitted without further ado and the data subject's consent is not required here. Functional cookies are always used.

  • Make it easy to withdraw consent. It is true that giving consent to data collection should be as simple as withdrawing it. The ideal way to do this is, for example, by inserting a link to a cookie bar in the footer where the site visitor can easily find it, click on it, and reconfigure it according to their current preferences.

  • Ensure the same look and feel for consent and non-consent buttons. Unfortunately, it will not be possible to distinguish between consent and non-consent to data collection even graphically. The website visitor must be able to accept or reject cookies under exactly the same (and even visual) conditions.

Tip: Did you know that your website should comply with all GDPR rules? Find out what you should pay attention to if you want to get everything right in this article.

Google Consent mode 2.0

Here we go again. Starting in March 2024, the reigns are starting to tighten again on the giants that collect and concentrate the data of large numbers of internet users. And that's why there's Google Consent mode 2.0, which requires anyone using Google's analytics and advertising tools to give sufficient notice to their site visitors about what data they want to collect from them and what they intend to do with it. So saying "I agree to the use of cookies" will no longer be enough. If you do not implement Google Consent Mode 2.0 rules and your website visitors do not agree to them, Google will not link your datasets from 6 March 2024. Let's go through a checklist to help prevent this from happening.

Here's what the cookie bar should do after Google Consent Mode 2.0:

  • Unfortunately, the cookie bar needs to be the first thing that appears on the site. The very first layer.

  • It has to be functional.

  • It needs to explicitly state what data you collect (if it's contact data like email and phone number, even more so), how you collect it (here it's specifically Google's analytics tools), and what you use it for.

  • It will have separate checkboxes for each category of cookies collected (functional, analytical, marketing).

  • Analytical and marketing cookies will only be collected after consent has been given.

  • Consent will be retaken after 12 months.

  • The cookie bar has a refuse button which is in the same form as the accept button.

  • A button is left on the website to withdraw consent.

  • All cookies are listed (i.e. add them to your cookie table overview - ad_user_data, ad_personalization).

How our cookie bar works

On a site built on solidpixels, you can enable the cookie bar in the site settings. By default, both analytical and marketing cookies are offered for approval. The actual wording of its sections must be adapted to the needs of your site. The individual sections are optional and can be removed, while you have the option to decide whether the use of cookies is enabled or disabled by default via the "Automatically enable by default" setting. However, according to the new regulations, it is your responsibility not to have data collection enabled before giving the user's consent.

If you don't have the code for Google Analytics or Google Tag Manager filled out in your administration, no tracking script will load and run regardless of the cookie bar settings, so no data can be collected even if the user consents to its collection.

Tip: Not measuring yet? Then fix it fast, you're missing out on key data for your business. Just follow our guide to connect them.

We won't leave you empty handed

I'm sure you're thinking that the new rules could be a major complication to your business plans and the effectiveness of your marketing and remarketing campaigns will plummet. However, as a solidpixels user, you don't need to panic, because you certainly won't lose everything when visitors disagree with your data collection. We are preparing a solution for this situation in the form of enabling the collection of so-called anonymised data. You will be able to collect this data in case the visitor of your website refuses the data collection or ignores the cookie bar. This option will be enabled in the website settings, the condition will be the use of Universal Analytics measurement by Google.

Read the article about setting up a cookie bar on your site on solidpixels.

It should be borne in mind that the new rules contribute to greater transparency of data processes towards internet users and, consequently, consumers, who can decide more freely how their data will be handled. This may have an impact on online businesses in the short term, but if they invest energy in building a long-term relationship with the customer through service, good communication, loyalty programmes, benefits, etc., the change may not have any significant consequences. A relationship that the customer establishes with the retailer freely and under clearly defined conditions contributes to better mutual trust and the longevity of the relationship.

More inspiration for the best websites

Bank CREDITAS runs on solidpixels

Bank CREDITAS runs on solidpixels

Case studies

Safety, autonomy and design. Three keywords that capture the main themes we addressed when designing the CREDITAS website. It meets even the most specific requirements that a bank may have. Take a look behind the scenes of how such a website is made.

10 tips for faster work in solidpixels

10 tips for faster work in solidpixels

Inspiration

You know that feeling when you discover a great gadget that saves you a lot of work and that you can't imagine your life without a month later? Well, today we're going to show you exactly ten of them. What are you going to do with all that free time?

12 trending Google fonts combinations that will make your website stand out from the crowd

12 trending Google fonts combinations that will make your website stand out from the crowd

Inspiration

Creative play with typography is one of the most significant trends in the world of contemporary web design. Would you like to dive into this game and could you use some inspiration? Check out our selection of Google fonts combinations, which we've chosen based on their aesthetic qualities as well as their functionality, of course.