Why is cookiebot.com not GDPR compliant?



  • Hi gdpr,

    We do not set other than strictly necessary cookies before the user has consented. However, if the user continues to use the website without explicitly hitting the "OK"-button on the consent banner - for example by scrolling or navigating - an implied consent is submitted with the pre-defined setting in the banner, which per default is accept of preference and statistic cookies, but not marketing cookies. It is important to understand that preference and statistic cookies are not governed under the GDPR, as they do not process personal data, whereas the marketing category requieres explicit opt-in, as these types of cookies are governed under GDPR. When submitting an implied consent as described, the marketing category is not pre-ticked and therefor the user does not opt-in to marketing cookies when submitting implied consent. Preference and statistic cookies are governed under the ePrivacy Directive which allows implied consent as long as you inform the visitor that a continued use of the website constitutes consent.

    You can read more about how to configure Cookiebot for GDPR-compliance when using implied/active consent here: What type of cookie consent banner should I use (to be GDPR compliant)?


    Comment actions Permalink
  • Avatar

    Hi, we think Cookiebot doesn't comply with the GDPR:

    Unclassified cookies: during the process of updating cookies made by Cookiebot, the tool may not recognize the classification of certain cookies. These cookies are called "unclassified cookies" by Cookiebot. Once a month, the provider sends a report to our company with the detail of the update of the cookies of the month. It is at that time, once a month, when the corresponding department of our company can manually classify the unclassified cookies that have been detected.

    Non-compliance with the GDPR: As a priori, these cookies are not classified and the tool does not recognize them, it instalss them automatically in the devices of the users without their consent because it is not known if they may be necessary until manually classified by our company's department.

    Could anybody solve my questions?

    Thanks in advance!

    Comment actions Permalink

Please sign in to leave a comment.