What is required?
According to GDPR Article 7.3 and Article 29 Data Protection Working Party (WP29)'s updated Guidelines on transparency under Regulation 2016/679 (wp260rev.01) it has to be as easy for the website user to withdraw a consent as it was to give it in the first place. It should be clear to the website user - at the time when the user is asked for consent regarding the use of his personal data - that the consent can be withdrawn at any time.
How can I implement it?
1. The Cookiebot CMP Privacy trigger
The Cookiebot CMP Privacy trigger functions as a shortcut to the users' consent state information on your website. Showing a mini version of the cookie banner, it enables users to easily check or update their consent. This is in line with demands for more transparency and providing users control of their own data, as is required by various privacy legislations such as GDPR.
Find out more about the Privacy trigger and how you can easily implement this function: The Cookiebot CMP Privacy trigger.
2. The Cookie Declaration
If you have correctly followed the last part of step 3 in our 3-step installation guide and implemented the Cookie Declaration, then the user will be able to see his current consent (what categories of cookies consent has been given for), change his consent or completely withdraw his consent.
An example of this from our own website is shown below:
3. Using the Cookiebot CMP SDK
If you do not wish to make use of the Cookie Declaration, then you must provide alternative ways for the user to easily – as easily as it was given – withdraw their consent.
If you are implementing a withdrawal option for CCPA/CPRA, it should specifically state the text “Do not share or sell my information":
<a onclick="window.Cookiebot.show()" href="#">Do not sell or share my personal information</a>
4. Deleting cookies from the browser
As an alternative, the user can always change or withdraw a cookie consent simply by deleting all cookies for your domain or by deleting the two specific cookies that remember the consent state: "CookieConsent" and "CookieConsentBulkSetting".
Read our blog post: Cookie consent | How do I comply with the GDPR?
Please sign in to leave a comment.