The General Data Protection Regulation (GDPR) entered force in the EU a few weeks ago. Because the regulation is broad, businesses will often find it difficult (particularly in the marketing industry) to figure out whether they need to adjust the way they store and use data. As a marketing technology provider, we see it as our job to support and advise you – not from a legal point of view, but from a technical one.

To start off, it’s important to realize two things when facing GDPR:

  • Not all marketing data you collect is personal data.
    This depends on the ease and sensitivity of identifying a person with such data.
  • Consent is not the only legal basis for storage and usage of personal data.
    Having a contract with the people involved can be a legal basis as well. For example, you cannot transfer people money without having their bank account details.

Getting explicit consent

If you do need explicit consent, you might be looking for technical solutions to do so. A common solution is a banner or a window via which you ask consumers whether they agree with storage with storage of personal data and cookies. There are some wonderful solutions in the market for ready-made consent banners.

For instance, one of the best ones we found is called Cookie Consent. It allows you to generate a JavaScript for the consent banner, directly on their website. You can adjust the layout and palette, as well as integrate a ‘learn more’ link to direct users to your privacy policy. You can also choose whether you want to inform customers about the fact that you use cookies, or also allow them to opt in or opt out.

Enabling tracking opt-out

For those businesses who collect and process data on the basis of consent, Ingenious Technologies offers you a handy cookie-based solution to honour your customers’ request to opt out of tracking. Whenever this opt-out cookie is installed on a device, no data from the user will be stored. The cookie is valid for one year, provided it remains on the device of the customer.

To enable it, you need to create a link containing a special path added to your first-party tracking domain. We also have a link which removes the opt-out cookie and allows customers to opt in for tracking again. To find out how to create these links, follow the instructions in our documentation in the link below.

After you have created the links, you can integrate them into your JavaScript and ensure that your consumer’s opt-out, or opt-in again, is honoured. Here is an example:

<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css" />
    <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js"></script>
    <script>
      window.addEventListener("load", function(){
        
        // optOut call
        // insert your opt-out url here
        var optOutUrl = "https://marketing.net.advertiser.com/ts/i1234567/tsv?settrackingoptout";

        function responseCallback(res) {
          console.log(JSON.stringify(res));
          return res;
        }

        function httpGetAsync(optOutUrl, callback) {
          var xmlHttp = new XMLHttpRequest();
          // use this to make use of response and/or extend with error handling
          // xmlHttp.onreadystatechange = function() { 
          //     if (xmlHttp.readyState == 4 && xmlHttp.status == 200)
          //         callback(xmlHttp.responseText);
          // }
          xmlHttp.open("GET", optOutUrl, true); // true for asynchronous 
          xmlHttp.send(null);
        }

        // cookie and disable cookie
        window.cookieconsent.initialise({
          "palette": {
            "popup": {
              "background": "#000"
            },
            "button": {
              "background": "#f1d600"
            }
          },
          "type": "opt-out",
          "content": {
            "dismiss": "Got it!",
            "deny": "Disable Cookies",
            "href": "https://www.ingenioustechnologies.com/"
          },

          onInitialise: function (status) {
            var type = this.options.type;
            var didConsent = this.hasConsented();
            if (type == 'opt-in' && didConsent) {
              // enable cookies
            }
            if (type == 'opt-out' && !didConsent) {
              // disable cookies
              httpGetAsync(optOutUrl, responseCallback);
            }
          },
        
          onStatusChange: function(status, chosenBefore) {
            var type = this.options.type;
            var didConsent = this.hasConsented();
            if (type == 'opt-in' && didConsent) {
              // enable cookies
            }
            if (type == 'opt-out' && !didConsent) {
              // disable cookies
              httpGetAsync(optOutUrl, responseCallback);
            }
          },
        
          onRevokeChoice: function() {
            var type = this.options.type;
            if (type == 'opt-in') {
              // enable cookies
            }
            if (type == 'opt-out') {
              // disable cookies
              httpGetAsync(optOutUrl, responseCallback);
            }
          }

        })
      });
    </script>

It’s important to keep in mind that with customers who do not consent to the tracking and thus have opted out, you may have a different picture of your marketing analysis since their data is not legally allowed and processed.

And there you have your ready to go consent banner. Let us know if you need any help!

 

Other related articles from our support documentation: