Cookie banners, cookie notices, GDPR notices or Privacy Notices… call them what you want. (We’ve even heard them called “that boring legal notice,” but more on that later.)
In fact, all the world’s largest and most serious companies have already added a cookie banner to their website, and this is for a good reason: GDPR, LGPD, CCPA and many others are live!
Completely inspired by the GDPR ,the LGPD in Brazil, as it’s commonly known, is a regulation that was created in 2018 specifically to address the way that personal data, such as a user’s name, e-mail, telephone number, address, etc., is collected and utilized by companies.
Why does the GDPR require cookie banners? Does every website now need a banner?
The LGPD, as said, was inspired by the European Union’s General Data Protection Regulation (GDPR), and similar laws are already being enacted all over the world. Even North Korea now has its own privacy regulation! That is to say, this is not a passing trend and must be taken seriously.
This shift does not necessarily mean more bureaucracy, but it does mean real empowerment. Thanks to these new privacy laws, ordinary citizens now have the right to authorize, deny, or even revoke companies’ ability to use their data!
Don’t worry, we can explain!
The answer is not that simple, as this law needs to function in parallel with innumerable others that also govern individual rights, including consumer, health, and internet law, among others. Keep going, it will be worth it! Soon you’ll be able to speak like an expert on this subject.
With the advancement of advertising technologies that are linked to digital marketing and the exponential growth of social media, everyone now has a machine that generates and stores valuable data in the palm of their hands: cellphones. Every time an individual accesses a website, e-commerce account, Instagram, Facebook, or any similar platform, the visit generates data that is collected and stored by cookies.
Cookies are simply text files that are capable of storing information generated by websites.
I'm sure you know when you enter a website through your browser and it recognizes that you’ve already accessed the page before, allowing you to re-enter the site without signing in again? This happens because your browser has already stored a cookie from that site which can authorize your access.
In the same way, cookies can also store data like which photos you’ve liked on Instagram or if you “forgot” a product in your shopping cart. All of this information is saved for later use.
Did you know that a person needs, on average, at least six interactions with a product or service before making the decision to purchase?
It’s no wonder that when you “forget something in your shopping cart,” the product seems to follow you all over the internet with ads. Only then do you end up making the purchase. Is this a coincidence, or magic? Neither, these are the processes and technologies that utilize cookies for advertising.
If you’ve been through this, welcome! You’re in good company.
Simply put, cookies are a piece of the wheel that moves the internet. It’s the use of data for advertising that allows us to consume the content that we love for free. After all, who do you think pays for that cool, free YouTube video? Advertisers! And now you know they use cookies to find you on your favorite channel.
The use of cookies is not necessarily positive or negative, but it reached a point where individuals like you or I were not fully in control of what the internet giants were doing with our data. This is why privacy laws like the GDPR, LGPD and CCPA were created: to rebalance the relationship between companies and people.
Ok, but weren’t you going to talk about data, privacy, and the rights I have?
Yes! When the LGPD was enacted by Brazil in August of 2020 it forced companies to examine the way that they handled the plethora of consumer data generated by their business, and to make changes to their processes and databases. One of these changes was the obligation to inform visitors of the reason for their data collection, as well as the legal basis for it.
Thus, in accordance with the LGPD, GDPR, CCPA and several others, every business must present a clear and objective communication that informs visitors of their purposes for collecting personal data. Whether on or offline, it is essential that every citizen is notified of the collection of their personal data as well as the many ways it might be used.
As for us data “subjects,” as some law refers to us, we are now able to make a “free, informed, and unequivocal declaration,” as to whether or not we permit its use. That is to say, if we consent to the terms outlined by the business, we authorize them to use our data. In Brazil, for example if businesses violate this flow by collecting data without consent, they could face serious consequences including being fined up to 2% of their annual revenue, with a ceiling of 50 million real. Has your business ever considered the threat of being fined simply for not having a cookie banner on its website?
Want to understand exactly how the GDPR, LGPD and CCPA impact your business? Here are some articles on the subject.
Who among us has actually read the privacy policy or terms of use of a website we use? Not many, but it’s precisely in these official documents that these answers are found.
According to the Privacy Laws, businesses must comply with certain official documentation requirements and legal basis to inform users of their entire data collection process and its purposes. Well-known by lawyers, the “Privacy document kit” fulfills the standard that every company must meet, including a privacy policy, terms of use, data mapping, and contact information of the DPO, among others.
These documents don’t need to be written in “legalese,” nor should they be, as LGPD, GDPR and CCPA requires that the information presented be “clear and accessible.” A user cannot consent to the collection of their data if they cannot understand the banner.
What’s the use of a company acting cool in its marketing and communications, or speaking beautifully in advertisements, if when addressing privacy and transparency it starts speaking in code? It doesn’t make sense, right?
Anyway, this article aims to inform you that, along with the laws like GDPR, LGPD and CCPA, we also have new rights and duties, both as citizens and, especially, as companies. In this matter, the cookie banners actually serve a noble purpose! Businesses that use these banners correctly are able to show customers that they care about their individual rights, freedom of choice, and privacy.
Inform users clearly and objectively of all of the ways in which the company collects consumer data. Point to official documents such as the privacy policy, terms of use, etc. (referring back to the Privacy document kit mentioned above).
List the options that you as the data owner have to fully or partially accept “the rules of the game” with that company, thus allowing you to receive their content or consume their products or services.
Make it clear where, upon accepting the cookies, you could access the data that the company will gather about you, and how to opt-out if you change your mind.
Allow users to consent to the data collection in a way that is free, informed, and unambiguous.
Last but not least:
When you see the banner: “If you continue browsing, we understand that you consent…” know that the law has determined this to be insufficient, and there are several arguments why. Mainly, this banner without further detail does not give the visitor enough information to give their consent in a manner that is “free, informed, and unambiguous.”
We hope this article helped you to understand the “why” of the now popular cookie banners, which will soon be installed on all company websites. With this new regulation, there is no going back.
Again, any and all companies that collect personal data, such as name, email, or telephone number on their site, and use third-party services like the Facebook pixel, Google Analytics, etc. MUST include this banner.
We at AdOpt are experts in cookie banners and can help them today! And even better, for many it’s free! Send this article to whoever you know that could use this content. They will thank you when they avoid an unpleasant fine!
What are the criteria for this choice, and what are the strengths and weaknesses of each option? Well, we're here to help you because this decision needs to be well thought out!
LGPD is in effect. Despite that, there are still many companies ignoring it, but is that possible? How long can we ignore LGPD?
Having a cookie banner on your brand's website has become indispensable for many. However, for e-commerce websites, it has practically become an obligation to have one. This is because this type of website has a technological composition in which cookies are a structural part. Login flow, items in the shopping cart, recommendation showcases, remarketing... Most of them rely on cookies.
Here is a step-by-step explanation of how consent registration works in AdOpt.
The WordPress platform powers nearly 450 million websites globally, and it's estimated that 50% of Brazilian websites are on this platform. We are ready to help you, WP lovers!
Using a CMP (Consent Management Platform) is a great way to make efforts to adapt to new privacy regulations like GDPR, LGPD, DPDPA, CCPA and more...
How does your website handle LGPD? What strategies does it use to comply with the General Data Protection Law? Have you thought about using a cookie notice but don't know if your site has cookies or if it's enough? If you can't answer these questions, be cautious! Your page may be exposed to fines and other sanctions.
Have you ever noticed that every time you sign up for a service to access information or register on a website for purchases, you need to give consent? If you're wondering why you have to give consent on every website you visit, you'll find the answer here.
Understanding the General Data Protection Regulation (GDPR) and its impact on cookies is essential. So, let's break it down, step by step.
At the beginning of everything are the legal bases of the LGPD, that is, the legal grounds (legitimate reasons) why companies not only can, but must access customer data in order to do their jobs well.
It's time to talk about one of the most impactful tasks, both for the company and for the visitors of your websites: tag categorization. But why is it so impactful? What is the relevance of this configuration and how can it affect us? It is precisely because of these common questions we receive from our clients that we have written this article on best practices in tag categorization.
Despite cookies being more well-known, what is the main difference between cookies and session storage and local storage? Why choose one over the other? This article will help you with these doubts!
A privacy policy is a document that outlines how an organization collects, uses, discloses, and manages a customer's data. It's essential for building trust with users and complying with legal requirements. However, if you're not familiar with it, don't worry as we're here to help you.
Terms of Use are quite literally the contract established between you and the company offering that product or service in a digital manner. Therefore, not only their development but also any eventual changes require careful consideration.
Brazilian LGPD - General Data Protection Law brought with it several acronyms and specific terms. Many of them are imported from other countries and regulations. One of them is ROPA (Record Of Processing Activities), adapted in Brazil to Registros das Atividades de Tratamento. An essential document for any DPO, Data Processor.
In this article, you will have a great introduction to the topic, as well as various other variations that revolve around the subject: Cookies and LGPD.
A CMP is a tool/platform used to manage the consent of up to millions of users so that a company can use the data of these users for its previously stated purposes.
Have you ever thought that your marketing agency could find a great business opportunity in LGPD? Well, unlike what many think, it brings changes that can accelerate the demand for the services of these companies.
Surely you've already seen the predictions of fines and sanctions, processes. But, what does it mean to your company?
Tired of the ads from that site you visited following you around? Is your computer running slow when accessing a particular website? Want to delete all cookies from a specific service or site?
In this article, we will answer all your questions regarding fines under the LGPD (Brazil's General Data Protection Law).
In the end, our goal has never been to predict doom for companies or to be part of the LGPD's Apocalypse Cavalry. But, since we've been in the market for some time, these kinds of issues always catch our attention when we start data mapping and having conversations with colleagues.
While both regulations share the goal of safeguarding individuals' rights regarding the processing of their personal data, there are some important differences between them. It is crucial to understand these distinctions and their implications, particularly in the context of internet cookies.
AdOpt
Resources
Legal Terms
© GO ADOPT, LLC since 2020 • Made by people who love
🍪