The Impact of Cookie Banners on Your E-commerce - LGPD

The Impact of Cookie Banners on Your E-commerce - LGPD

9 months ago
João Bruno Soares
7 minutes

Having a cookie banner on your brand's website has become essential for many. For e-commerce, it has practically become an obligation. This type of website has a technological composition in which cookies are a structural part. Login flow, items in the cart, recommendation showcase, remarketing... Most of them rely on cookies.

As a result, the use of cookies is essential for the survival of online commerce. Therefore, cookie banners are also necessary to avoid fines and other penalties that may be imposed after the enactment of the General Data Protection Law (LGPD).

However, beyond the simple legal obligation, cookie banners maintain a transparent and open relationship with the public.

Our experience allows us to anticipate some "consequences" of the cookie banner on your online store. It is important for you to understand each of them so that you are not caught off guard and can adjust to this new reality.

Cookie Banner: What Is It?

As the name suggests, a cookie banner is simply an alert about the use of this type of data by your website. Through it, visitors become aware that the page uses these files, which are essential for its operation and to enhance the user experience.

However, it's not just that. With the enactment of LGPD in 2020, data subjects gained the power to authorize or refuse the use of these tools during their browsing. In other words, they can accept or reject cookies at any time.

Therefore, the cookie banner informs visitors about their website's use of cookies and, at the same time, requests the user's authorization to use them. The user has the power to choose which types of cookies to allow.

Thus, all the management of these variables is contained in a platform called CMP - Consent Management Platform.

To learn more about what a CMP is, we've prepared this article for you.

## Some Tips for Configuring the Cookie Banner

According to the LGPD text, consent is defined as a free, informed, and unequivocal expression by which the data subject agrees to the processing of their personal data for a specific purpose. Here are some points to consider when setting up consent collection for your e-commerce:

  • FREE: Collecting consent in exchange for some benefit is prohibited. This can constitute what's called "consent bias." Visitors cannot be forced or coerced into accepting.

  • INFORMED: Citizens must be informed about the details of consent. Only with free access to this information can consent be "celebrated" between the parties.

  • UNEQUIVOCAL: Consent must be provided in writing or by another means that demonstrates the data subject's will, which can be evidenced by a record, date, and time.

  • SPECIFIC PURPOSE: Consent must be given for a specific and not a generic or general use.

Only with the four points listed above can various interpretations be drawn for the consent collection flow. In this article, we've provided a specific analysis of each of the flow, design, and legal arguments to help you choose your cookie banner.

The Most Overlooked and Feared Configuration in the Market

The most complex and overlooked configuration in the market is the blocking of third-party cookies, releasing them only after consent. In other words, tags like Google Analytics, Conversion Pixel, Remarketing, etc., can only be fired after visitor consent, with the exception of essential tags, of course.

This is one of the most important points that ensure the rights and privacy of data subjects, which many companies struggle to understand, adopt, and implement. After all, this would completely impact the site's performance, conversion KPIs, and numerous tracking metrics.

However, it's worth noting that this configuration is also one of the first things auditors and authorities look at when assessing whether a website is compliant or not. Firing cookies before consent leaves a poor impression and is certainly a red flag for audits and authorities.

Unfortunately, many SEO, performance, and analytics tools do not prioritize privacy. Google itself favors sites that use its services and share data with it. So, the entire market will have to adapt. An interesting alternative for those looking for privacy-respecting analytics services is Fathom.

How Does a Cookie Banner Impact Your E-commerce?

Delving a bit deeper into the direct and indirect impacts of the cookie banner on e-commerce, we've listed some of the main influences below.

1. Bounce Rate: Be Cautious About Size and Design Harmony Any popup, banner, or notice that appears on the screen tends to prompt an immediate reaction, often rejection (especially on mobile). To prevent this, it's important for the Cookie Banner to have a minimalist design that harmonizes with your site's style. Otherwise, the chances of rejection or a bounce increase significantly. Look for opportunities to customize colors, formats, fonts, text, and images to make the banner's communication as unobtrusive as possible.

2. Cookie Blocking and Metric Impact: Balloon Banners Are More Accepted Than Bottom Bars As explained in the previous item, once third-party cookie blocking is implemented, the metrics associated with this firing are directly impacted. From our experience, we've observed that about 25% of site visitors give consent. Sites that use balloon-style cookie banner have an 80% higher acceptance rate than the bottom bar format.

3. Data Subject Requests Create a New Workflow/Process in Your Company One of the obligations brought by privacy laws (LGPD, GDPR, CCPA, PIPEDA, etc.) is the free access of citizens to their data and direct queries to companies. In other words, a citizen can at any time inquire if your company holds any data related to them and request more information, portability, or even deletion of it.

That's why, at AdOpt, we place such importance on data subject request workflows. Each AdOpt banner also generates an Opt-out page where people can make their requests at any time. This generates an email sent to the Data Protection Officer (DPO) of the company, which, by law, must be responded to within 15 days.

So, your company needs a structured process to ensure that requests and their responses are fully met within the deadline. Someone must be trained and responsible for this workflow.

Would you like more tips on how to organize your operations to better handle these requests? I've selected two articles for you:

4. Tag Changes, Tool Testing Will Have a Larger Workflow Some companies tend to test many tools and technologies on their websites, which is not a problem in itself. However, since many of these tools fire cookies, it's essential that the entire communication flow, now established by LGPD, be reviewed and, if necessary, updated with the introduction of a new technology that fires cookies or collects data.

Especially if your official documents, such as the Privacy Policy and, possibly, the Terms of Use, have already listed the cookies you use, their purposes, deadlines, etc.

Therefore, if there is any change in the listing of official documents, it is important that communication is also completely revised and updated. It's worth noting that whenever a new privacy policy or cookie policy is updated, all consents collected up to that point should be updated/replaced. This is because consent is an agreement between the company and the citizen, the terms of which are precisely in the policy. Therefore, if the policy changes, the agreement of the parties must also be collected.

Is a Cookie Banner the Same as a CMP?

No, a CMP (Consent Management Platform) is a tool where a cookie notice or banner is just one integrated feature among many.

This differentiation is important because some people think that a cookie banner is just a pop-up with a button for the website. However, the technology involved goes far beyond that.

The banner can identify whether the visitor is accessing for the first time or not. By collecting the visitor's consent, it triggers this record to the database and to other tools that also await consent to react to access. All of this happens in milliseconds.

This is just one of several functionalities. Others include:

  • Blocking third-party cookies.

  • Hiding after acceptance.

  • Recognizing the browser's language so that the banner is translated into the visitor's preferred language.

  • Recognizing the visitor's IP country to ensure compliance with the visitor's country's legislation.

  • Redirecting to the Opt-out/rights of data subjects page.

  • Alerting the DPO when a request is made, consolidating visitor information.

  • Integration with systems via API, callbacks to feed other databases.

  • And more...

  • Want to know more about a CMP and how to choose one for your company? This link can help.

Why Have a Cookie Banner?

In summary, based on what we've seen so far, this is important for two main reasons. First, because LGPD requires it. According to the law, all use of data from data subjects must have their knowledge and consent. If you can manage this information offline or in some specific way, great! If you need to scale and automate workflows, the cookie banner (CMP) is essential for you.

But it's not just that. The cookie banner is also important to demonstrate to your audience how you care about both their experience on your site and the transparency in the relationship between the page and them.

Therefore, it improves the reliability of the relationship and shows the site's responsibility to its audience, as well as its pursuit of the best possible experience without compromising privacy.

So, it's extremely important to have a good cookie banner. It should be intuitive, grab the audience's attention, and integrate naturally with your website. Below, you can see how to get a good information banner and consent management.

How to Get a Good Cookie Banner that Helps with Data and Consent Management?

For this, you can rely on AdOpt! Our cookie platform not only includes the banner but also a management tool, i.e., a CMP.

The platform is adaptable to your website's design, seamlessly integrating with it. Thus, when the site opens, it's available and provides information about the cookies used, as well as offering personalized configuration options for which ones the data subject will authorize.

Similarly, AdOpt includes essential documents for LGPD compliance on the page: Terms of Use and Privacy Policy. Therefore, all this data is organized in one place.

To top it off, AdOpt combines all of this with a real-time update and tracking tool for all entries, exits, and changes in consent. By doing so, it ensures that data will only be used in accordance with the data subject's wishes.

So, don't hesitate to rely on AdOpt and check out our plans. You'll see how complying with LGPD is much easier and more beneficial than it seems!


Cookie Banner

Related posts

Adopt post

Why are cookie banners everywhere?

Want to understand why there are cookie banners on every website you visit today? This article is for you!

Adopt post

How to choose a Cookie Banner for your website

What are the criteria for this choice, and what are the strengths and weaknesses of each option? Well, we're here to help you because this decision needs to be well thought out!

Adopt post

How long can we ignore LGPD?

LGPD is in effect. Despite that, there are still many companies ignoring it, but is that possible? How long can we ignore LGPD?

Adopt post

How does a cookie banner operate?

Here is a step-by-step explanation of how consent registration works in AdOpt.

Adopt post

We've created a cookie banner plugin.

The WordPress platform powers nearly 450 million websites globally, and it's estimated that 50% of Brazilian websites are on this platform. We are ready to help you, WP lovers!

Adopt post

How to Choose a CMP (Consent Management Platform)?

Using a CMP (Consent Management Platform) is a great way to make efforts to adapt to new privacy regulations like GDPR, LGPD, DPDPA, CCPA and more...

Adopt post

5 Signs Your Website Needs an Cookie Consent Strategy

How does your website handle LGPD? What strategies does it use to comply with the General Data Protection Law? Have you thought about using a cookie notice but don't know if your site has cookies or if it's enough? If you can't answer these questions, be cautious! Your page may be exposed to fines and other sanctions.

Adopt post

Why Give Consent on Every Website I Visit?

Have you ever noticed that every time you sign up for a service to access information or register on a website for purchases, you need to give consent? If you're wondering why you have to give consent on every website you visit, you'll find the answer here.

Adopt post

GDPR and Cookies all you need to know

Understanding the General Data Protection Regulation (GDPR) and its impact on cookies is essential. So, let's break it down, step by step.

Adopt post

Best practices in tag categorization

It's time to talk about one of the most impactful tasks, both for the company and for the visitors of your websites: tag categorization. But why is it so impactful? What is the relevance of this configuration and how can it affect us? It is precisely because of these common questions we receive from our clients that we have written this article on best practices in tag categorization.

Adopt post

What is a CMP (Consent Management Platform)?

A CMP is a tool/platform used to manage the consent of up to millions of users so that a company can use the data of these users for its previously stated purposes.

Adopt post

Google Consent Mode: Beginner to Advanced Guide.

Google Consent Mode (GCM) is nothing more than a way for you to integrate the consent you collect from your visitors into Google technologies. In this way, upon receiving this consent information, collection can only occur with authorization, thus complying with the legislation and having direct evidence of compliance as defense for both you and Google.

Adopt post

Google Consent Mode: Guida per Principianti ed Esperti.

Con le leggi sulla privacy che fioriscono in tutto il mondo, Google (Alphabet) si è finalmente trovata obbligata ad adattare i suoi strumenti per essere conformi alle nuove normative come GDPR, LGPD, CCPA, PIPEDA, DPDPA, ecc.

Adopt post

Google Consent Mode: Guía de principiante a avanzado.

Con la proliferación de leyes de privacidad en todo el mundo, Google (Alphabet) finalmente se ha visto obligado a ajustar sus herramientas para cumplir con nuevas legislaciones como el GDPR, LGPD, CCPA, PIPEDA, DPDPA, entre otras.

Adopt post

LGPD and Cookies all do you need to know?

In this article, you will have a great introduction to the topic, as well as various other variations that revolve around the subject: Cookies and LGPD.

Adopt post

What is the difference between cookies, local storage, and session storage?

Despite cookies being more well-known, what is the main difference between cookies and session storage and local storage? Why choose one over the other? This article will help you with these doubts!

Adopt post

LGPD: An Opportunity for Digital Marketing Agencies!

Have you ever thought that your marketing agency could find a great business opportunity in LGPD? Well, unlike what many think, it brings changes that can accelerate the demand for the services of these companies.

Address: 7345 W Sand Lake Road, Ste 210 Office 5898 Orlando, FL 32819
EIN: 86-3965064
Phone: +1 (407) 768-3792



Legal Terms

© GO ADOPT, LLC since 2020 • Made by people who love