When GDPR stepped into force in May 2018, the Internet turned into a permanent display of cookie consent banners and pop-ups. While the primary goal of cookie alerts remains to get users’ consent for gathering their website behavior data, applications may vary.
In fact, there are still ‘implementations’ that don’t respect people’s decision to customize how and which cookies website owners can use, assuming that the consent is given anyway.
As Divi product developers, we always strive to find the best way to achieve an ideal and adjustable cookie consent experience. Getting users’ consent can be a challenge, but we aspire to analyze and improve every privacy and data security aspect to ensure that we have users’ trust.
With that in mind, in this article, we will explain what cookies do, how they can be used for your Divi website, and what are the best practices to achieve a better Divi cookie consent experience.
Disclaimer: The following advice comes strictly from our experience and educated work. From a legal perspective, to implement GDPR to a full extent, please consult with a legal solicitor first.
Table of Contents
- FAQs About Cookie Consent
- Understanding Cookies and Consent
- Allow Users to Adjust Cookie Settings
- Never Mislead the Users
- Cookie Consent Banner Examples
- Tips for Handling Cookie Consent on Divi Websites
- 1. Utilize Divi-Compatible Cookie Consent Plugins:
- 2. Customize the Banner to Match Your Divi Design:
- 3. Simplify Cookie Settings Management:
- 4. Responsive Design:
- 5. Educate Users About Cookie Usage:
- 6. Regularly Update Your Cookie Consent Notices:
- 7. Test for User Experience:
- 8. Integrate with Divi’s Popups and Overlays:
- 9. Regularly Review Third-Party Cookies:
- 10. Keep Documentation and Records:
- INTRODUCING: GDPR Cache Scripts & Styles
- Wrapping Up
FAQs About Cookie Consent
Why is cookie consent important?
Cookie consent is important for several reasons:
- Privacy Protection: It ensures that users have control over their personal data and how it is collected and used by websites.
- Legal Compliance: Many countries have data protection regulations that require websites to obtain user consent before using cookies, such as the EU’s General Data Protection Regulation (GDPR) and ePrivacy Directive.
- Transparency: Cookie consent promotes transparency by informing users about the types of cookies used, their purposes, and any third parties involved.
- User Trust: Respecting user privacy and providing transparent consent mechanisms can help build trust between websites and their users.
How can websites obtain cookie consent?
Websites can obtain cookie consent through various methods:
- Cookie Banners: Websites display a banner or pop-up message that informs users about cookie usage and provides options to accept or manage cookie preferences.
- Consent Checkboxes: Websites may include a checkbox that users must actively select to indicate their consent to the use of cookies.
- Consent Settings: Websites offer a dedicated page or section where users can customize their cookie preferences and grant or revoke consent.
- Implied Consent: In some cases, where cookies are strictly necessary for the functioning of the website, implied consent may be assumed. However, this approach is not suitable for all types of cookies and may not comply with certain data protection regulations.
What information should be included in cookie consent notices?
Cookie consent notices should include the following information:
- Clear and concise explanation of the types of cookies used and their purposes.
- Identification of any third parties that may have access to the cookies or collect user data through cookies.
- Information on how long the cookies will be stored on the user’s device.
- Explanation of the user’s rights regarding cookies, such as the right to withdraw consent and how to manage cookie preferences.
- Link to the website’s privacy policy, which provides more detailed information on data processing practices.
Are there any exceptions where cookie consent is not required?
Yes, there are exceptions where cookie consent may not be required, depending on the applicable data protection laws. For example:
- Strictly Necessary Cookies: Cookies that are essential for the proper functioning of a website, such as session cookies or those related to user authentication, may be exempt from requiring consent.
- Analytics Cookies: Some jurisdictions consider analytics cookies that do not track personally identifiable information (PII) as exempt. However, providing clear information about these cookies is still recommended.
- First-Party Cookies for Personalization: In certain cases, cookies used solely for personalizing user experiences may not require consent if they do not involve the processing of sensitive personal data.
How can websites ensure compliance with cookie consent requirements?
To ensure compliance with cookie consent requirements, websites should consider the following:
- Understand Applicable Regulations: Familiarize yourself with the specific data protection regulations and guidelines that apply to your jurisdiction, such as the GDPR in the European Union.
- Implement Consent Management Tools: Utilize cookie consent management tools or plugins that help obtain and manage user consent effectively.
- Provide Clear and Transparent Notices: Ensure that cookie consent notices are easily visible, understandable, and provide comprehensive information about the use of cookies.
- Offer Granular Consent Options: Provide users with granular options to customize their cookie preferences and choose which types of cookies they consent to.
- Regularly Review and Update Cookie Practices: Regularly assess and update your cookie usage and consent mechanisms to align with changes in regulations and best practices.
- Keep Records of Consent: Maintain records of user consent to demonstrate compliance if required.
- Monitor and Audit Third-Party Cookies: Ensure that any third-party cookies used on your website are compliant and align with your consent framework.
What are the potential consequences of non-compliance with cookie consent regulations?
Non-compliance with cookie consent regulations can lead to various consequences, including:
- Regulatory Penalties: Authorities may impose fines and penalties for violations, which can vary depending on the jurisdiction and severity of the infringement.
- Reputational Damage: Non-compliance can result in negative publicity, loss of trust from users, and damage to the reputation of the website or organization.
- Legal Actions: Non-compliant practices may lead to legal actions brought by individuals or consumer advocacy groups.
- Limitations on Data Processing: Authorities may restrict or prohibit the processing of personal data obtained without proper consent.
- Operational Disruptions: Failure to comply with regulations may require significant changes to cookie practices, leading to operational disruptions and additional costs.
Should websites update cookie consent periodically?
Yes, it is recommended to review and update cookie consent periodically to ensure continued compliance with changing regulations and best practices.
Regularly assess your website’s cookie usage, review consent mechanisms, and update notices and preferences management as necessary.
Stay informed about legal developments and any changes to applicable data protection laws to adapt your practices accordingly.
Understanding Cookies and Consent
The usage of cookies falls under the ePrivacy Directive, or the EU cookie law. However, GDPR’s emergence in 2018 was pivotal for the vast cookie consent banners implementation.
Article 4 of GDPR provides us with four critical conditions which make cookie consent banners valid:
- Freely given
- Specific
- Informed
- Unambiguous
When users allow you to store your website cookies into their browsers for data collecting purposes, the action itself is referred to as providing cookie consent. Only a legitimate cookie consent enables you to process personal data.
According to GDPR, you need to meet the following principles to achieve a valid cookie consent implementation:
- Personal data must be processed legally and transparently.
- You can only use personal data for specific and lawful purposes.
- Personal data must be collected only for specifically and publicly described purposes.
- The information you collect must be accurate.
- You must have timely measures to amend invalid data immediately.
- Users’ data should be stored for as long as necessary for specific purposes.
- Security measures must be implemented to prevent and resolve eventual data breaches.
Allow Users to Adjust Cookie Settings
As a website owner, you do not have to ask for consent from the users if you want to use the strictly necessary cookies by law. But still, it’s a common practice to inform people on why each cookie is used on your site.
In this day and age, users are pretty aware of sharing their data, so staying empathetic and allowing them to choose the cookie settings through an overview of various cookie groups on your Divi site could keep them browsing and feel safer.
There are strictly necessary cookies for your Divi website to perform its basic operations, such as signing in, adding items to the shopping cart and e-billing.
These are the essential first-session cookies that allow users to navigate your website without losing their session actions and history.
You can group the cookies notification according to advertising, analytics, or testing sections, allowing users to choose if they’re okay with personalized ads or do not want to see them.
It’s also recommended to explain which options won’t be available once users block a certain group of cookies, showing them the impact of cookies on the website overall.
Never Mislead the Users
According to a TechCrunch article, there are still websites that consistently try to disobey cookie consent regulations and that the consent’s implementation is barely minimal.
Furthermore, there are additional ways that a cookie wall can trick users to ‘agree.’ From confusing menus to pre-ticked boxes that don’t explain what someone is tracking in the first place. Recent studies have shown that only 11% of cookie consent processes meet the minimal EU requirements.
The cookie consent banner should not be a mirage to the users. Yes, a poorly designed consent notification could ask the users to ‘accept’ the cookie usage via a tick box or a button.
Suppose you’ve already set the strictly necessary cookies, and you know that you can’t delete them or allow users to refuse them. In that case, a notification to the users can be misleading, which could lead to regulatory action.
If all the button does is closing the notification, designate it accordingly. Keep in mind that users do care about cookies and the privacy of their data. But you shouldn’t assume that people will refuse cookies and fail to recognize them if they had the choice.
It all comes down to consent, and we have the plugin that can help!
Enter Divi Areas Pro, the ultimate Divi extension that enables you to create popups, fly-ins, hovers, mega menus, conditional inline content and much more, with a gorgeous and adaptable UI!
With the latest version of our Divi Areas Pro plugin, creating cookie notices is effortless! The latest update includes GDPR-compliant usage tracking for all Areas!
Try it now, and we guarantee that Areas Pro will bring your Divi experience to the next level!
Cookie Consent Banner Examples
Each cookie and its purpose, and the additional details such as expiry date and provider, must be explained in detail within the privacy policy. In addition, the consent banner must be noticeable and transparent for web visitors.
To help you get a better idea of how to display the cookie consent notification on your Divi website, let’s look at some of the best examples around the web of businesses that approach this the right way:
The Guardian offers a brief but detailed cookie consent notification in the website’s footer, informing users about their cookie policy. After reading the banner, users can either choose “Yes, I’m happy” or customize the cookie settings with the “Manage my cookies” option.
The Financial Times positions the cookie consent notification in the bottom-left corner of the website. Website visitors can either accept and continue navigating or manage the cookies that they’ll accept.
The retail giant H&M has a simple cookie consent corner banner that informs users what the cookies are used for, provides a link to the detailed cookie policy, and the option for custom cookie settings.
Tips for Handling Cookie Consent on Divi Websites
Implementing cookie consent on Divi websites can be a seamless process with the right approach. Here are some practical tips and best practices tailored to Divi website owners and developers to ensure an effective and user-friendly cookie consent experience:
1. Utilize Divi-Compatible Cookie Consent Plugins:
- Look for WordPress plugins that are compatible with the Divi theme. These plugins often provide Divi-specific customization options and pre-designed templates for cookie consent banners.
2. Customize the Banner to Match Your Divi Design:
- Ensure that your cookie consent banner aligns with your website’s overall design and branding. Divi’s customization options make it easy to match the banner’s style to your site.
3. Simplify Cookie Settings Management:
- Use Divi’s intuitive design capabilities to create a dedicated page or section where users can easily manage their cookie preferences. Provide clear options for opting in or out of specific cookie categories.
4. Responsive Design:
- Ensure that your cookie consent banner is responsive and looks good on all devices. Divi’s responsive design features can help with this.
5. Educate Users About Cookie Usage:
- Include a brief, user-friendly explanation of the types of cookies your website uses and their purposes. Divi’s visual builder can help you create informative content blocks.
6. Regularly Update Your Cookie Consent Notices:
- Stay informed about changes in data protection regulations and best practices. Use Divi’s quick editing capabilities to make necessary updates to your cookie consent notices promptly.
7. Test for User Experience:
- Use Divi’s built-in split testing and A/B testing features to experiment with different cookie consent banner designs and content to determine what works best for your audience.
8. Integrate with Divi’s Popups and Overlays:
- Divi’s Popups and Overlays functionality can be useful for creating cookie consent pop-ups that are both visually appealing and compliant with regulations.
9. Regularly Review Third-Party Cookies:
- If your Divi website utilizes third-party services or plugins, regularly review their cookie practices to ensure compliance with your consent framework.
10. Keep Documentation and Records:
- Use Divi’s built-in modules to create a dedicated page for your website’s privacy policy and terms of use. Keep detailed records of user consents for compliance purposes.
By following these tips and leveraging Divi’s user-friendly design features, you can create a cookie consent experience that not only complies with regulations but also enhances user trust and the overall user experience on your Divi website.
INTRODUCING: GDPR Cache Scripts & Styles
At Divimode, we are taking great pride in helping Divi website owners protecting their visitors’ privacy with our very own solution – GDPR Cache Scripts & Styles.
The plugin scans every URL that is enqueued via wp_enqueue_script() and wp_enqueue_style(), and when detecting an external URL, that file is saved to your uploads-folder and served from there.
It also scans the contents of CSS files for external dependencies and saves those files to your uploads-folder!
This plugin does not add any “output buffering”, but it scans the URLs which are enqueued via recommended WordPress functions.
As a result, GDPR Cache Scripts & Styles doesn’t impact your website’s response time and performance, no matter how massive your website is.
We’ve tested this plugin with the following themes and plugins:
- Block Editor (embedding Google Fonts via the Customizer’s “Additional CSS”)
- Divi (see “Configuration for Divi” in the plugin’s documentation)
- Elementor
- Jetpack (specially with Performance options like “site accelerator”)
- Fonts Plugin | Google Fonts Typography
Most other plugins and themes will work with this plugin as well.
You can download the plugin directly from the WordPress plugin directory. If you encounter any issues, please let us know, so we can improve our GDPR plugin!
BONUS: If you want to learn more about how we’ve created the plugin, read: Can I Create That Plugin in 24 Hours?
Wrapping Up
Presenting a cookie consent policy on your Divi website might seem straightforward on the outside. But, you need to be much more meticulous about it and give users the freedom of choice and transparency to how you use their data in the process. The most critical piece of the puzzle is to make sure that your website visitors know exactly what they agree to.
Do you have additional questions about Divi, GDPR, or WordPress? Drop us a comment! We’d love to respond and perhaps even write a new article about it!
Try Divi Areas Pro today
Sounds interesting? Learn more about Divi Areas Pro and download your copy now!
Many pre-designed layouts. Automated triggers. No coding.
Click here for more details