Autor
Valerie Aumage

Valérie Aumage

Partner

Read More
Autor
Valerie Aumage

Valérie Aumage

Partner

Read More

19. November 2020

Cookies and trackers: it is not too late to comply

  • Quick read

From 31 March 2020, companies using cookies and other trackers must ensure that they comply with the CNIL new guidance on cookies published in September 2020 and completed by practical recommendations on how to obtain user consent.

The CNIL notably specifies that mere continuation of navigation on a website can no longer be regarded as a valid expression of consent. Users must be able to accept or refuse trackers purpose by purpose and must be provided with a list of all operators using the trackers deposited on their device. It must as easy to refuse trackers or to accept them.

Companies using trackers must update their information notices and review their processes for obtaining user consent, or demonstrate that the tracker is one for which the limited consent exemption exception applies.

Failing this, companies face sanctions provided by the GDPR, both for the use of cookies and trackers and their related processing activities.


The reality check

  • Has an exhaustive mapping of all cookies and trackers (first party and third party) been carried out?
  • Is the information provided to users complete?
  • Are cookies and trackers only deposited when the user has expressly consented (silence means refusal)?
  • Are users able to refuse cookies and trackers as easily as accept them?
  • Is there a system in place for retaining proof of consent (or refusal)?
  • Are the roles and responsibilities between the various operators using the trackers clearly assigned?
  • Can some trackers be exempt from consent?

Taylor Wessing can provide support

  • Audit your specific situation and implement a pragmatic action plan;
  • Draft and update user information notices and consent wordings (cookie banner and policy, privacy policy…);
  • Suggest practical solutions for obtaining consent;
  • Conduct risk assessments (cookie walls, consent exemptions, joint liability of the different operators…);
  • Ensure compliance of the processing activities resulting from the use of cookies and trackers;
  • And so much more…

 

Call To Action Arrow Image

Newsletter-Anmeldung

Wählen Sie aus unserem Angebot Ihre Interessen aus!

Jetzt abonnieren
Jetzt abonnieren

Related Insights

Informationstechnologie

Remote work: how to comply from a data privacy standpoint?

7. Dezember 2020
Quick read

von Valérie Aumage

Klicken Sie hier für Details
Informationstechnologie

Newsletter IT - Data Privacy n° 2

23. November 2020
In-depth analysis

von Valérie Aumage

Klicken Sie hier für Details
Datenschutz & Cyber-Sicherheit

Data transfers: new tools and new requirements

19. November 2020
Quick read

von Valérie Aumage

Klicken Sie hier für Details