We contact you to inform you of the latest developments in relation to the management of “cookies” on the website to ensure compliance with data protection regulations, as well as the Law on Services of the Information Society and Electronic Commerce. Below, we summarize those most important aspects to consider along with the main novelties:
- For the installation of those “cookies” that are not necessary for the operation of the website, such as analytical and / or advertising cookies, it will be necessary to obtain the user’s consent in advance. Currently on your website, cookies are implanted simply by accessing the website.
- In the cookie alert message or banner, clear and precise information must be provided about the purposes of the cookies that are installed on the user’s device, not being valid messages or generic information.
- Obtaining consent must comply with the requirements established by the General Data Protection Regulation so that it can be considered valid. From PRODAT we recommend the incorporation of a mechanism that requires a clearly affirmative action by the user (for example, button “ACCEPT”).
However, obtaining consent using the “continue browsing” format is still considered valid by the Spanish Data Protection Agency (AEPD) with the observation of some requirements. Similarly, you should be aware that many European supervisory authorities have directly questioned or inadmissible this format. We do not recommend its adoption at all, if your website is directed directly and clearly also to other EU member states.
- Finally, it is very important to establish a configuration mechanism that must be accessible at all times and that allows the user to disable cookies for analytical and advertising purposes at all times. This requirement is based on the fact that the user must be able to revoke the consent as easily as giving it.
Here are some links where you can see examples of these mechanisms:
https://www.ikea.com/es/es/# (You can see the system that Ikea has adopted after being recently sanctioned by the AEPD for not having it)
In order to comply with the above requirements, we attach a document (“(2) Cookie Alert Template”) with the cookie message or banner template where two different options are included. OPTION 1 includes the “ACCEPT” button to obtain consent (otherwise, cookies cannot be installed), while OPTION 2 uses the “continue browsing” format. IMPORTANT! In case of opting for OPTION 2, the instructions included in the attached document must be followed and taken into account.