As an important part of being compliant under both the GDPR and the ePrivacy Directive, "prior consent" has to be implemented on your website. "Prior consent" is directly related to how cookies and online trackers are used on your website and whether your users' consent is respected or not.
If the compliance test result states that your website is not compliant on 'prior consent' then it is most likely because you have not implemented 'prior consent' at all, only implemented it partially or implemented it in the wrong way.
Note that if you have just recently signed up for Cookiebot, and have setup your account to use Automatic Cookie Blocking mode, then it may take up to 24 hours for your website to be scanned and for your cookies to automatically be blocked until consent is given.
Please see What does ‘prior consent’ mean and how do I implement it? for further information and for directions on how to implement it on your website.
If you see the following in your scan report email:
- domain.com (01/01/0001) - Prior consent fully enabled: No
Most common reasons for this are:
1. Other scripts that may be setting cookies are loaded before the Cookiebot script
Make sure that the Cookiebot script is the very first script to load on your website. This is essential for our script’s ability to hold back cookies until consent has been obtained.
2. Some scripts on your website may not be marked up properly
Check the attached report to find out which scripts are loaded before consent and see our guide on how to mark these up manually.
Consider switching to autoblocking mode, if you haven’t already done so, to let the Cookiebot script handle all the technical stuff automatically.
3. Some scripts may be loaded through Google Tag Manager before consent has been submitted
Make sure your GTM is set up to use Cookiebot consent values before loading tags that may set cookies. See our GTM installation guide here.
In your Cookie Report you may have cookies that are set by your webserver, also known as “server-side cookies”, these are marked like this:
These you will have to block through server-side code, holding back the cookies until consent has been given. You may have to contact your webhost or web solution vendor to find out more about these cookies. See the last part of our developer documentation for server-side usage of Cookiebot.
5. Unclassified cookies
Your report shows one or more unclassified cookies. You must log into your account and categorize these appropriately and add a description to ensure transparency to your website users. See more about unclassified cookies and how to work with them.
6. Still having problems with missing prior consent?
In cases where none of the points above apply, we would be very happy to take a closer look at the problem and have our technicians investigate the issue. Please contact Cookiebot Technical Support and tell us about the issue – just reply to this email and we will get back to you as soon as possible.