As we rapidly approach the May 25th deadline for enacting the EU’s GDPR law we wanted to provide some guidance and solutions to Affiliates regarding GDPR cookie consent compliance.
I’m sure that many of you have seen similar notices from other networks that you work with and are finding these communications to be complicated, confusing and sometimes contradictory. Our goal in this post is to keep it as simple as possible and to provide some solutions that we’ve tested ourselves.
In a nutshell, the GDPR is a regulation adopted by the EU regarding data protection and privacy of all individuals within the European Union. In this article we will just be focusing on the cookie consent component of the GDPR regulation.
The bottom line is that Affiliates need to comply with this new regulation and we have added verbiage to our network level Affiliate terms and conditions to reflect this. In order to do that, Affiliates will need to notify website visitors and get consent before setting cookies.
If you are not already using a cookie consent tool, here are a couple of third party tools that we’ve done some initial testing on and seem to be good solutions that offer both free and paid versions. If you need help setting up or configuring these tools, please reach out directly to the tool provider.
https://www.civicuk.com/cookie-control/index
https://onetrust.com/pricing/#cookie-compliance (scroll down to the Cookie Consent & Website Scanning section).
Regardless of the cookie consent tool you use, it needs to contain verbiage that notifies visitors that if they continue to navigate your website and click on any external links that they are giving consent for third party cookies to be set unless they change their browser settings to block cookies.
Please note that this blog post should not be taken as legal advice. The intent of this article is to raise awareness of the issue and provide some possible solutions to Affiliates in our network. Please seek the advice of your own legal council before making any final decisions on how to properly comply with the GDPR.