Home
How to choose a Cookie Banner for your website

How to choose a Cookie Banner for your website

9 months ago
João Bruno Soares
7 minutes

If you've reached this article, you're certainly searching and wondering: What is the best cookie banner for your website, and how do you choose among the many options on the market? What are the criteria for this choice, and what are the strengths and weaknesses of each option? Well, we're here to help you because this decision needs to be well thought out!

Therefore, below we have listed the answers into key points that should be carefully analyzed.

  1. Why do I need this banner, really?
  2. But cookies are anonymous, so why all this?
  3. Legislation and Language.
  4. LGPD and the cookie banner, technical aspects of the Law.
  5. Design.
  6. Truth.
  7. Detailed Purposes.
  8. Freedom of choice.
  9. Blocking third-party cookies.
  10. Price
  11. Integrations.

Why do I need this banner, really?

First of all, does your website REALLY need an LGPD Cookie banner?

What do you mean? I'm already in this article to choose a cookie software, and you still want to tell me who actually needs the LGPD Cookie banner?

Exactly! Because there are many people who come to us to install the cookie banner on a website that simply does not use cookies. Seriously! Sometimes it seems like our banner is synonymous with website quality (okay, I confess, I agree), but there are limits.

It's like buying sunscreen for a nighttime stroll or mosquito repellent for diving.

The key point is confusing for many!

  1. Just because many websites are using it doesn't mean you need to as well!
  2. Pay attention to other legal bases that can support your business, in addition to consent.
  3. The key question: If you don't use cookies on your website, why have a cookie banner? In times of such complex legislation, less is more!

Here, we have highlighted some points from the LGPD to support our reasoning:

Article 8 addresses how the controller should request the data subject's consent. The first and most important rule is that the consent clauses must be separate from others, allowing the data subject to have a clear understanding of what they are consenting to.

Article 8 - § 2: The burden of proving that consent has been obtained in accordance with this Law lies with the controller.

_What does this mean? _ As the controller (your website), you must keep a record of all consents obtained, and these must be stored and documented.

Because at any time, data subjects have the right to request such records and any data you may have about them.

Refer to Article 19:

Article 19: Confirmation of the existence of personal data or access to personal data shall be provided upon request by the data subject: _ I - in a simplified format, immediately;_ or

II - through a clear and complete statement indicating the origin of the data, the absence of a record, the criteria used, and the purpose of the processing, subject to trade and industrial secrets, provided within a period of up to 15 (fifteen) days from the date of the data subject's request.

  1. Personal data shall be stored in a format that facilitates the exercise of the right of access.

  2. Information and data may be provided, at the data subject's discretion. § 3. The processing of personal data based on defective consent is prohibited. § 4. Consent must relate to specific purposes, and generic authorizations for the processing of personal data shall be void. § 5. Consent may be revoked at any time by the data subject's express manifestation, by means of a free and facilitated procedure, without prejudice to the processing carried out under the previously given consent until the request for elimination, as provided for in item VI of the main section of Article 18 of this Law.

But, aren't Cookies anonymous? Why all this?

If you're not familiar with the digital world, let me explain to you with the most popular phrase from privacy policies ("Cookies are small pieces of text that are stored in your browser when you access a website on the internet.")

With this information from cookies, companies can do a lot, and I mean a lot! They can accurately profile your psychology and cross-reference this information with extremely personal data, known in the market as data enrichment or "data farming."

The logic is always very similar: Browser -> cookie -> personal data (email, phone) -> person/registration -> CPF (Brazilian individual taxpayer registry) -> income, IRPF (Brazilian income tax return), marital status

Several companies do this, and virtually all of those that have tags installed on their websites can somehow convert this information and target any individual specifically. Whether it's directly through their own database (Google), or by cross-referencing with third-party databases (such as Serasa).

In other words:

Cookies are not anonymous but rather anonymized.

Legislation and Language.

This is an excellent variable to consider when looking for a cookie banner! Questions like: Does it support multiple languages, can that be an advantage? But, before that, does it accept multiple legislations?

For example, if your website is Brazilian and someone accesses it from Italy, it wouldn't be enough for the banner to be in Italian. The visitor is actually under the jurisdiction of the GDPR, unless the LGPD has more "private" provisions in those specific areas (as required by the visitor's country's law).

In other words, just because your site has multiple languages and versions doesn't mean that all the legislations are correctly implemented and complied with regarding the cookie banner. Is it clearer now?

Pay attention to compliance with the applicable legislations, especially for your target audience! Language and accessibility are crucial, but not the only factors when it comes to foreign accesses.

LGPD and the Cookie Banner, Technical Aspects of the Law.

Now that we understand the context of the law, the complexities of cookies, and the parallel legislations that may influence the use of the Cookie Banner on your website, let's discuss some key points that will help you make this choice.

  1. Design Why design when we're talking about technical aspects? Precisely because of that, after all, what are the main metrics of a website, an e-commerce? How do you analyze the conversion from visitors to leads and then to sales? Is Bounce Rate a concern? What are the KPIs of your site? Does usability and visitor experience matter?

Yes, they matter A LOT!

Thus, look for a cookie banner with refined and responsive design that allows you to customize colors, logos, and placement on the site in a way that harmonizes with the overall structure of the site. Don't just throw a senseless banner in the middle of the visitor's screen; respect the attention the visitor is giving you!

Be cautious with designs that occupy the entire screen! We understand that the law requires clear and assertive communication, and many are overwhelmed by the uncertainties in the market. However, you shouldn't disturb the visitor or act impulsively because of that!

We know how every second counts in capturing visitors' attention, so make it count!

Do you really want to use a banner that steals attention instead of fulfilling a simple and even basic role required by the law?

aviso barcelona.png

This Barcelona F.C. banner is like having ten players blocking the goal...

  1. Transparency I may sound sensationalistic, but I dare say:

"Most of the cookie plugins and banners we see on the internet are just fake buttons. Yes, digital components that don't record or organize anything."

In addition to the "fakeness" of these mentioned points, always use assertive and direct language. Don't try to be "cool" or trendy. Of course, using too much legal jargon can push people away.

aviso seção verdade.png

Not to mention that if I have no way to refuse, how would it block then? So, in the end, it's the same thing, don't you agree?

Detailed Reasons.

This is one of the crucial points we consider in a good cookie banner. According to LGPD, consent must be given for specific purposes. Therefore, a simple "OK" or even "Accept" without the option to explore my choices and understand their purposes and legal bases can be somewhat coercive.

Consent is not a salvation or a general acceptance. It is the formalization of acceptance for that specific purpose presented.

aviso sem finalidade.png

Freedom of Choice.

The General Data Protection Law (LGPD) lists a series of legal bases through which companies can use data with ease. If you have chosen consent for your company, use it with respect and always value the privacy of your data subjects.

There is no better or stronger legal basis. Instead, choose the one that best fits your business model and market. Similarly, a cookie banner should understand the context in which consent will be communicated and collected, and should provide visitors with the freedom to choose fully, partially, or not at all.

Always look for cookie banners that break down the listing of tags and cookies into categories and subcategories. This is essential to demonstrate that a particular purpose is presented within category "X," and visitors can freely choose whether to accept it or not.

Blocking Third-Party Cookies.

The cookie banner is not just an interactive button; it must have authority over the behavior of other tags used on the website, authorizing or blocking their firing based on the consent collected during that visitor's session.

For example, the Google Analytics tag should only be fired when the visitor accepts the statistical category of tags. Before that, the notice informs and waits for visitor interaction.

For more information on how to configure the AdOpt Cookie Banner to enable automatic blocking of third-party tags, see our tutorial.

Price

The price of a cookie banner should be:

- Affordable: Low prices that do not eat into your marketing budget. If there is a free plan, even better! The cookie banner only solves a part of the law's compliance, and it's likely that you will need other services or consultations in the future. Therefore, don't spend too much of your budget on this product.

A cookie banner does not cover all the obligations regulations like the GDPR, CCPA, LGPD... for example.

If you have other internal processes that use personal data, you will need to use other controls and even systems for that management.

The cookie banner should take care of the "digital gates" and reinforce the legal basis of consent.

How?

By recognizing and categorizing all users with their choices of total opt-in, partial opt-in, or opt-out and sending these requests directly to the Data Protection Officer (DPO), or even systems like CRM, ERP...

- Scalable Look for cookie banners that offer billing with scalability parameters. In other words, they should have little to no impact initially, and as your website grows and your audience expands, you will pay for that processing power.

Additionally, the volume and value tiers should be broad enough to accommodate any seasonality, so you don't

Tags

Cookie Banner
CMP
Cookies
LGPD

Related posts

AdOpt post

Why are cookie banners everywhere?

Want to understand why there are cookie banners on every website you visit today? This article is for you!

AdOpt post

How long can we ignore LGPD?

LGPD is in effect. Despite that, there are still many companies ignoring it, but is that possible? How long can we ignore LGPD?

AdOpt post

The Impact of Cookie Banners on Your E-commerce - LGPD

Having a cookie banner on your brand's website has become indispensable for many. However, for e-commerce websites, it has practically become an obligation to have one. This is because this type of website has a technological composition in which cookies are a structural part. Login flow, items in the shopping cart, recommendation showcases, remarketing... Most of them rely on cookies.

AdOpt post

How does a cookie banner operate?

Here is a step-by-step explanation of how consent registration works in AdOpt.

AdOpt post

We've created a cookie banner plugin.

The WordPress platform powers nearly 450 million websites globally, and it's estimated that 50% of Brazilian websites are on this platform. We are ready to help you, WP lovers!

AdOpt post

How to Choose a CMP (Consent Management Platform)?

Using a CMP (Consent Management Platform) is a great way to make efforts to adapt to new privacy regulations like GDPR, LGPD, DPDPA, CCPA and more...

AdOpt post

5 Signs Your Website Needs an Cookie Consent Strategy

How does your website handle LGPD? What strategies does it use to comply with the General Data Protection Law? Have you thought about using a cookie notice but don't know if your site has cookies or if it's enough? If you can't answer these questions, be cautious! Your page may be exposed to fines and other sanctions.

AdOpt post

Why Give Consent on Every Website I Visit?

Have you ever noticed that every time you sign up for a service to access information or register on a website for purchases, you need to give consent? If you're wondering why you have to give consent on every website you visit, you'll find the answer here.

AdOpt post

GDPR and Cookies all you need to know

Understanding the General Data Protection Regulation (GDPR) and its impact on cookies is essential. So, let's break it down, step by step.

AdOpt post

Best practices in tag categorization

It's time to talk about one of the most impactful tasks, both for the company and for the visitors of your websites: tag categorization. But why is it so impactful? What is the relevance of this configuration and how can it affect us? It is precisely because of these common questions we receive from our clients that we have written this article on best practices in tag categorization.

AdOpt post

What is a CMP (Consent Management Platform)?

A CMP is a tool/platform used to manage the consent of up to millions of users so that a company can use the data of these users for its previously stated purposes.

AdOpt post

Google Consent Mode: Beginner to Advanced Guide.

Google Consent Mode (GCM) is nothing more than a way for you to integrate the consent you collect from your visitors into Google technologies. In this way, upon receiving this consent information, collection can only occur with authorization, thus complying with the legislation and having direct evidence of compliance as defense for both you and Google.

AdOpt post

Google Consent Mode: Guida per Principianti ed Esperti.

Con le leggi sulla privacy che fioriscono in tutto il mondo, Google (Alphabet) si è finalmente trovata obbligata ad adattare i suoi strumenti per essere conformi alle nuove normative come GDPR, LGPD, CCPA, PIPEDA, DPDPA, ecc.

AdOpt post

Google Consent Mode: Guía de principiante a avanzado.

Con la proliferación de leyes de privacidad en todo el mundo, Google (Alphabet) finalmente se ha visto obligado a ajustar sus herramientas para cumplir con nuevas legislaciones como el GDPR, LGPD, CCPA, PIPEDA, DPDPA, entre otras.

AdOpt post

LGPD and Cookies all do you need to know?

In this article, you will have a great introduction to the topic, as well as various other variations that revolve around the subject: Cookies and LGPD.

AdOpt post

What is the difference between cookies, local storage, and session storage?

Despite cookies being more well-known, what is the main difference between cookies and session storage and local storage? Why choose one over the other? This article will help you with these doubts!

AdOpt post

LGPD: An Opportunity for Digital Marketing Agencies!

Have you ever thought that your marketing agency could find a great business opportunity in LGPD? Well, unlike what many think, it brings changes that can accelerate the demand for the services of these companies.

AdOpt post

Understand the legal bases of the LGPD

At the beginning of everything are the legal bases of the LGPD, that is, the legal grounds (legitimate reasons) why companies not only can, but must access customer data in order to do their jobs well.

AdOpt post

Understand the meaning of the LGPD for your company

Surely you've already seen the predictions of fines and sanctions, processes. But, what does it mean to your company?

AdOpt post

How to delete cookies and cache in Chrome and other browsers?

Tired of the ads from that site you visited following you around? Is your computer running slow when accessing a particular website? Want to delete all cookies from a specific service or site?

AdOpt post

Fines in LGPD - What are they, amounts, and compliance deadlines

In this article, we will answer all your questions regarding fines under the LGPD (Brazil's General Data Protection Law).

AdOpt post

10 Marketing Processes You Should Rethink under the LGPD!

In the end, our goal has never been to predict doom for companies or to be part of the LGPD's Apocalypse Cavalry. But, since we've been in the market for some time, these kinds of issues always catch our attention when we start data mapping and having conversations with colleagues.

AdOpt post

Key Differences between LGPD and GDPR and the Impact on Internet Cookies

While both regulations share the goal of safeguarding individuals' rights regarding the processing of their personal data, there are some important differences between them. It is crucial to understand these distinctions and their implications, particularly in the context of internet cookies.

Logo
Address: 7345 W Sand Lake Road, Ste 210 Office 5898 Orlando, FL 32819
EIN: 86-3965064
Phone: +1 (407) 768-3792

AdOpt

Resources

Legal Terms

© GO ADOPT, LLC since 2020 • Made by people who love

🍪