Have your received the following Compliance test message for GDPR
Your website is: Not compliant
The following requirements in the General Data Protection Regulation (GDPR) and the ePrivacy Directive 2009/136/EC (ePR) have been tested:
Prior consent on other than strictly necessary cookies (ePR)
Prior consent on personal data (GDPR)
Personal data is transmitted to ‘adequate countries’ only (GDPR)
The requirements to make your website GDPR/ePR compliant
In addition to fulfilling the tested requirements, Cookiebot can also help you:
Inform your visitors in plain language about the purpose of your cookies and trackers before setting other than strictly necessary cookies (ePR)
- Inform your visitors in plain language about the purpose of your cookies and trackers before setting other than strictly necessary cookies (ePR)
- Provide options for the visitor to change or withdraw a consent (GDPR/ePR)
- Have a mechanism in place to log and prove consents (GDPR)
- Map and document data streams performed by third parties (GDPR)
- Configure your consent method to use explicit consent when processing sensitive personal data on your website (GDPR)
- Inform about the occurrence of automatic decisions, including profiling (GDPR)
- Provide the identity and contact details of the data controller in your company (GDPR)
- Disclose that the visitor is entitled to access, correct, delete and limit processing of personal data (GDPR)
- Disclose that the visitor is entitled to receive personal data so that they can be used by another processor (GDPR)
- Disclose that the visitor has the right to lodge a complaint with a supervisory authority (GDPR)
Please also check that log files in your web servers do not contain personal data such as the IP address.
Please consult the GDPR legal text or a trusted source e.g. the Data Protection Authority in your country for a full overview of additional GDPR requirements and to help ensure your website meets those requirements not covered by the Cookiebot solution.
South Africa’s Protection of Personal Information Act (POPIA) and Cookie Consent
On July 1, 2021, South Africa’s Protection of Personal Information Act, or POPIA, will become fully effective. The 12-month grace period is ending, so enforcement will begin immediately – that means it is essential for your organization to remain compliant!
This guide will review everything you need to know about POPIA, including how it relates to cookie consent management.