Make the EU Cookie Law and GDPR compliance easier!

dmsCookie helps you manage cookies correctly and track online consents.

try one month for free *

* Recording visitor consents not enabled for one month free version

 

GDPR

What does the GDPR govern?

Regulation (EU) 2016/679, the European Union's new General Data Protection Regulation ("GDPR"), regulates the processing by an individual, a company or an organisation of personal data relating to individuals in the EU. It doesn't apply to the processing of personal data of deceased persons or of legal entities. The rules don't apply to data processed by an individual for purely personal reasons or for activities carried out in one's home, provided there is no connection to a professional or commercial activity. When an individual uses personal data outside the personal sphere, for socio-cultural or financial activities, for example, then the data protection law has to be respected.

What are personal data?

It is any information that relates to an identified or identifiable living individual. For example: name, surname, home address, e-mail address, location data.

When the regulation applies

A company with an establishment in the EU provides travel services to customers based in the Baltic countries and in that context processes personal data of natural persons.

When the regulation doesn't apply

An individual uses their own private address book to invite friends via email to a party that they are organising (household exception).

What non-compliant organizations risk

Non-compliant organizations risk fines of up to €20 million, or 4% of the organization's global yearly turnover!

 

COOKIES

How the GDPR affects cookie policies

Cookies are mentioned only once in the GDPR, but the repercussions are significant for any organisation that uses them to track users' browsing activity.

Recital 30 of the GDPR states

Natural persons may be associated with online identifiers […] such as internet protocol addresses, cookie identifiers or other identifiers […]. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.

In short: when cookies can identify an individual via their device, it is considered personal data. This supports Recital 26, which states that any data that can be used to identify an individual either directly or indirectly is personal data.

What it means

Not all cookies are used in a way that could identify users, but the majority are subject to the GDPR. This includes cookies for analytics, advertising and functional services, such as survey and chat tools.

To become compliant, organisations need to either stop collecting the offending cookies or find a lawful ground to collect and process that data. Most organisations rely on consent (either implied or opt-out), but the GDPR's strengthened requirements mean it is much harder to obtain legal consent. The consequences are the following ones:

  • Implied consent is no longer sufficient. Consent must be given through a clear affirmative action, such as clicking an opt-in box or choosing settings or preferences on a settings menu. Simply visiting a site doesn't count as consent.
  • "By using this site, you accept cookies messages" are also not sufficient for the same reasons. If there is no genuine and free choice, then there is no valid consent. You must make it possible to both accept or reject cookies. This means: It must be as easy to withdraw consent as it is to give it. If organisations want to tell people to block cookies if they don't give their consent, they must make them accept cookies first.
  • Sites will need to provide an opt-out option. Even after getting valid consent, sites must give people the option to change their mind. If you ask for consent through opt-in boxes in a settings menu, users must always be able to return to that menu to adjust their preferences.
 

FEATURES

COMPLY WITH GDPR AND EU COOKIE LAW

dmsCookie helps to comply with EU e-Privacy Directive and GDPR.

ALLOW STRICTLY NECESSARY COOKIES

Choose what cookies are strictly necessary.

CONSENT WITHDRAWAL

Your visitors can withdraw their consent at any time.

WORKS ON ANY WEBSITE

Use this solution on any platform.

CUSTOMIZABLE

A list of options gives you flexibility never seen before.

CROSS BROWSER

Designed to work on all most popular browsers and mobile devices.

SHORTCODED

You only need to copy & paste code snippet on your website.

SECURE

dmsCookie allows you to block first-party and third-party cookies.

PREMIUM FEATURES

dmsCookie Premium allows you to collect and record visitor consents as required by GDPR. For each "I agree" click dmsCookie stores the following data:

  1. Unique key that is saved in visitor's cookies; this key can be used to check if user actually gave consent
  2. User action accept / reject.
  3. Masked IP address of a visitor last digits are set to X, so it is not considered as private data.
  4. Date and time when user clicked the button date and time currently is taken from user browser, so you have to adjust for possible timezone differences.
  5. Web page where consent was given.
  6. User browser agent

All the data mentioned abowe can be viewed online and downloaded in Excel or CSV format.

None of the data above can be considered private data, so you do not need any extra consent from user to use dmsCookie.

 

PRICING

Max domains
Max consent registrations (1 Year)
/Month
try one month for free *

* Recording visitor consents not enabled for one month free version

 

CONTACT US

If you have further questions, desire more information or want to speak with one of our advisors, fill out the form below. We will get back to you as soon as possible.