What are the latest cookie guidelines?
In November 2019, the Norwegian Nasjonale Kommunikasjonsmyndighet (NKOM) explicitly stated the demand for explicit consent before setting cookies on websites. When the cookies handle personal data, it should be done by GDPRs definition of consent. This statement is aligned with the Norwegian Datatilsynet (Data Protection Authority), which confirms that the consent should follow GDPR. In other words, this means that the consent collected on a website that collects personal data must be:
These guidelines mean that you need to
How do we become cookie compliant in Norway using Cookie Information to collect valid consent?
Before starting your compliance journey, you need an account in our platform and a user for that account. If you already have an account but do not have a user, please contact our support through the chat in the bottom right corner. If you do not have an account or a user, click here to start a free 30-day trial.
Offer an easy way for your users to decline cookies.
When you are in the Cookie Information platform, you should either click the Consent Solution tab and go to the consent solution, which holds domains for the Swedish market or create a new consent solution. Then follow this guide on how to change the template and be sure to pick either the Overlay v2 or Overlay v3 template, which are the ones built for GDPR (beware that this change will also affect all the other domains in that Consent Solution).
When informing the user, you have to consider two things; categorisation and explanation.
Cookie Information administers a database of the most common cookies in the world. Thereby all known cookies in the scan result have been categorised and given a purpose. The cookies we find but do not recognise in our database will be registered as unclassified cookies and need to be classified.
The main text of the pop-up needs to correctly explain what happens when the user clicks which button on the pop-up. The default text provided by Cookie Information accurately describes the functionality of the default templates and will therefore comply. Read more about the text and how to use it here.
Provide your users with a granulated option for consent
Your visitors should be allowed to make a granulated consent. The granulated consent means that just saying yes or no is not enough. Your user should also be able to consent to individual purposes of cookies. In Cookie Information, we have specified the four purposes for data collection and processing via cookies.
Our templates Overlay v2 and Overlay v3 have Privacy Controls that allow the user to opt-in to each category.
The privacy controls also exist as a separate widget, allowing you to implement it directly on a landing page which you can read about here.
Respect your users' privacy choices
You should not set any cookies (except for necessary. You can set those) before your visitor has given valid consent. Also, this means that you should respect the choices made by the visitor. E.g. if the visitor only consents to functional cookies, you are only allowed to set cookies classified as necessary and functional - statistical and marketing cookies should stay blocked.
In Cookie Information, this is resolved in different ways.
Our feature cookie autoblocking is on by default on all solutions created after May 6th, 2021. This feature automatically blocks all first-party cookies before consent. The feature also blocks the cookies based on the visitor's choices. The blocking of cookies based on choice depends on the categorisation of the cookies in the platform. The categorisation of cookies is located in Cookie Settings and under Compliance Dashboard.
Third-party cookies are blocked by implementing our cookie control SDK on each cookie setting.
Provide an easy way for your users to change or withdraw consent
Once a visitor has given consent, it should be easy to change it or withdraw it again afterwards. All Cookie Information templates have the re-open consent pop-up icon enabled.
Store documentation of consent for five years
On this last note, you don't have to worry. It is part of our service to you, and you have to ask our support team if you need access to a specific consent. You can read more about it here.
Implement the solution