My Data Protection Diary (6 TH !)
What a thrill to be here again for the sixth 'My Data Protection Diary', the last for this 2020... now there are very few days left until the end of this year and I am so grateful to have shared with you this series about my profession and my business sector!
In fact, I’m going to take this opportunity to express some of my thoughts on these blank pages, which I am ready to fill with new and interesting topics on data protection.
I selected one of the most engaging and insightful lessons with Kellie, ending the year with sparkling reflections and bombshell information! Clarifying a hot topic in our society: cookies (and I am not talking about biscuits ;))
‘Cookies are small files that are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website and are accessible from the web server or client computer. This allows the server to provide a page tailored to a particular user, or the page itself may contain a script that is aware of the data in the cookie and therefore is able to carry information from a visit to the website (or related site). to the next.’
Starting from this definition, the thought in my mind arose spontaneously. Cookies are excellent tools to understand customer needs as well as being ‘data containers’.
Here, exactly, from my reflection our lesson was born! Are you ready for a new dive into data protection?
G.P.: Cookies are containers of information that range in functionality, from security and performance of the website through to advertising. We can see the effect when we visit a website with adverts, often related to our browsing history. Sometimes the ‘cookie banner’ asking for our consent to place cookies is not on a website or the wording is wrong. Yet consent is the lawful basis for non-essential cookies (e.g. advertising) and companies should be transparent about their use, as outlined by the first principle of the General Data Protection Regulation. So, Kellie when is consent needed to install cookies on a user’s device and who defines the guidelines?
K.P.: I love this topic Giulia. Good question!
Consent for non-essential cookies must be informed and based on an explicit and positive action; non-compliant actions include continuing navigation, such as clicking a link or scrolling the page. There are cookie consent management tools which can help organisations provide choice and transparency to their web visitors.
For essential cookies, consent is not required, because they are active only for the period necessary for the transmission or provision of the requested service. Indeed, they are not used for purposes other than the request.
For non-essential cookies (such as Google Analytics, Facebook pixel, other marketing or targeting cookies etc.) consent is required, before the cookie is placed on the user’s device.
In your opinion, what are the key suggestions to make sure organisations are correct in their processing of personal data of their website visitors?
Choice is essential! People should be able to choose whether or not they accept the cookies you are using. Tell them what type of cookies they are and the purpose for which their data is collected by your software. Furthermore, the choice should include the possibility for those who do not accept cookies to have the same visibility of the website as those who give their consent. There are many websites that "force" you to accept cookies in order to read their content, not giving you the option not to accept them.
My first suggestion Giulia is to give all visitors the freedom to choose and respect their choices! If you do not want to accept our cookies, you can still use all the information contained on our website!
Also, as a second piece of advice, I recommend that all companies invest in consent, because you cannot rely on passive or implied consent. Be transparent in explaining your company's terms and conditions, provide a clear list of whether a customer wants to receive updates after purchasing a product and how they want to receive them (by email, text message... or I do not wish to receive information or your updates...). Consent and transparency in handling customer data are a fundamental ingredient for the reputation of any company. This includes cookies, and there are some excellent cookie consent tools that can help organisations with this issue.
You can find more details about the training via the following links and, if you’re curious, do not hesitate to talk to me about the ways these courses could impact on your profession.
Thank you so much for following my monthly diary entry and... I look forward to seeing you in January with a new blog page full of news ready for 2021!
See you in next year…