Cookies have not only been a big topic since the decision of the GDPR. Nevertheless, since the introduction of the General Data Protection Regulation in March 2018, operators of websites, blogs and online shops have to take a closer look to determine whether they are actually acting in compliance with the law. Note: This article is not a substitute for professional legal advice and I make no claim to completeness. Please check for your individual case whether further procedures are necessary to ensure that your site fully complies with the GDPR guidelines.
With your browser, you can easily check if and when a site or your site sets cookies and forwards your data to other services. Here, for example, via the Google Chrome browser.
If you have already visited the site, you can delete the data stored by this website under the menu item "Clear Storage". Then reload the page and look at the menu item "Cookies" to see which scripts are loaded. You will usually find "_ga", a cookie that is set for Google Analytics, or "_fbp", the so-called Facebook pixel. With the help of these cookies, the site operators receive more information about you. However, the automatic anonymisation of visitors' IP addresses is a legal prerequisite. This means that information such as age group or geographical origin cannot be traced.
In the best case, no entries appear in your cookie menu when you reload the page until you have clicked on "Accept cookies" in the cookie banner. Furthermore, you must have the option to accept "only necessary cookies". These are scripts that have to be loaded so that the page itself functions properly. In this case, the shopping basket of an online shop, for example, can be hidden behind this, which keeps the products you have selected for purchase in its memory for the duration of your session.
After registering with Cookiebot.com, you have the option of entering your domain in the settings menu. In the free version, as already described, it is only possible to enter a single domain for the cookie banner. The scan frequency is "monthly" by default. This means that Cookiebot scans your website monthly for new scripts and blocks them until the visitor has pressed the "Accept all" button in the cookie banner. In the "Dialogue box" tab, you have the option of specifying whether the banner is displayed at the top, bottom or as a pop-up. The cookies are categorised within the banner into "Preferences", "Marketing" and "Statistics". The user has the option to manually select which cookies should be loaded. It is absolutely necessary that none of the checkboxes are pre-selected. In the "Content" tab, you can adapt the texts of the banner as you wish. In the tab "Scripts" comes the interesting part, because then it is about the integration of the banner. First of all, the blocking of cookies should be set to "Automatic". In this way you ensure that all stored cookies are automatically retained until the cookies have been accepted.
You integrate the first of the two scripts in the HEAD tag of your website. It is important to note that this script is positioned before all other cookie scripts and is therefore loaded. Only then can the banner actually block them. The integration differs depending on which system your website or online shop is based on. In Wordpress, for example, you can integrate the script directly in the theme editor in header.php. If this is too complicated for you, use a plugin such as "Insert Headers and Footers".
In Webflow CMS, the script can be integrated in the "Project Settings" area under the "Custom Code" tab. Copy the source code into the "Head Code" field. Attention: If you have stored your Google Tracking and Facebook Pixel ID in the "Integrations" tab, these will be loaded before the cookie banner script and thus not blocked! Delete your IDs from the corresponding fields and add the integration scripts for Google and Facebook in the "Custom Code" tab under the cookie banner script.
Once you have integrated the scripts, you can reopen your page in the browser and check whether and when your cookies are loaded using the method explained above. If there are cookies that the automatic scan of Cookiebot has not detected, you can add them manually in your Cookiebot Dashboard.
Cookie banners that comply with the GDPR have never been more important and will continue to be so. Illegal cookie banners will sooner or later have consequences for the respective operators, so it is important to draw attention to this. The integration via third-party tools is kept simple and can be done relatively quickly. And as you can see in this example, there are also free ways and means.
If you are looking for a Google Analytics alternative that is fully compliant with the GDPR and can therefore be operated without cookie banners, we can recommend Fathom Analytics. The problem with cookie banners is that it is usually rejected by more than 50% of the visitors and the data is therefore not collected for your statistics. This is a huge problem for the validity of your data.
Fathom is in no way inferior to Google Analytics, additionally does not store any personal user data and runs for European customers on a pure EU infrastructure. Your data is not stored and processed outside the EU. The interface is designed to be simple and clear, without complex menus. So you have all important data directly at a glance. Click here to learn more about Fathom Analytics.