What are the latest cookie guidelines for Finnish companies?
The Finnish cookie saga finally has come to an end. Now you can find some precise guidelines provided by both The Ombudsman (Data Protection Authority) and The Finnish Transport and Communications agency Traficom on being cookie compliant. You can read about it here.
The Ombudsman and Traficom specified that.
Consent must be freely given, specific, informed, and unambiguous.
Rejecting cookies must be as easy for the user as it is to give consent.
Silence, scrolling, swiping, or continuous use of a website or app is not considered consent.
Pre-ticked boxes are not legal. Users must be able to opt-in to cookies, not out.
Referring to browser settings for rejecting cookies is not legal.
This specification means you need to
How do we become cookie compliant in Finland using Cookie Information to collect valid consent?
Before starting your compliance journey, you need an account in our platform and a user for that account. If you already have an account but do not have a user, please contact our support through the chat in the bottom right corner. If you do not have an account or a user, click here to start a free 30-day trial.
Offer an easy way for your users to decline cookies
When you are in the Cookie Information platform you should go to the consent solution which holds domains for the Finnish market. Then you follow this guide on how to change the template and be sure to pick either the Overlay v2 or Overlay v3 template (beware that this change will also affect all the other domains in that consent solution).
When informing the user, you have to consider two things; categorisation and explanation.
Cookie Information administers a database of the most common cookies in the world. Thereby all known cookies in the scan result have been categorised and given a purpose. The cookies we find but do not recognise in our database will be registered as unclassified cookies and need to be classified.
The main text of the pop-up needs to correctly explain what happens when the user clicks which button on the pop-up. The default text provided by Cookie Information accurately describes the functionality of the default templates and will therefore comply. Read more about the text and how to use it here.
Provide your users with a granulated option for consent
Your visitors should be allowed to make a granulated consent. The granulated consent means that just saying yes or no is not enough. Your user should also be able to consent to individual purposes of cookies. In Cookie Information, we have specified the four purposes for data collection and processing via cookies.
Our templates Overlay v2 and Overlay v3 have privacy controls that allow the user to opt-in to each category.
The privacy controls also exist as a separate widget, allowing you to implement it directly on a landing page which you can read about here.
Respect your users' privacy choices
You should not set any cookies (except for necessary. You can set those) before your visitor has given valid consent. Also, this means that you should respect the choices made by the visitor. E.g. if the visitor only consents to functional cookies, you are only allowed to set cookies classified as necessary and functional - statistical and marketing cookies should stay blocked.
In Cookie Information, this is resolved in different ways.
Our feature Auto blocking is on by default on all solutions created after May 6th, 2021. This feature automatically blocks all first-party cookies before consent. The feature also blocks the cookies based on the visitor's choices. The blocking of cookies based on choice depends on the categorisation of the cookies in the platform. The categorisation of cookies is located in Cookie Settings and under Compliance Dashboard.
Third-party cookies are blocked by implementing our cookie control SDK on each cookie setting.
Provide an easy way for your users to change or withdraw consent
Once a visitor has given consent, it should be easy to change it or withdraw it again afterwards. All Cookies Information templates have the re-open consent pop-up icon enabled.
Store documentation of consent for five years
On this last note, you don't have to worry. It is part of our service to you, and you have to ask our support team if you need access to a specific consent. You can read more about it here.
Implement the solution