What exactly are cookies and how do they work on WordPress and how to integrate them in your site making it reliable to your visitors?
You’ve probably noticed that nearly every time you access a website, you are asked to accept the use of cookies. Such a condition was imposed by the European Union in 2015 and since then, legislation requires that those who visit a website receive a clear notice about the cookies in use and provide their consent for profiling.
Complying with the rules on the so-called cookie policy is essential to avoid running into large fines and avoid legal consequences. However, if you’re about to launch a digital business or you have not yet prepared the right documentation for a site that is already online, don’t panic! We are here to help.
Here’s everything you need to know to comply with the cookies regulation, plus three tools that we highly recommend to configure your cookie policy in a simple and safe way.
Let’s look at your website
Our free video audit will take a look at your website and the UX-design of your website. We will send you a short video with an analysis from one of our talented team-members.
Before we begin: what are cookies exactly?
Before we go into details of WordPress cookie configuration, let’s take a step back and try to understand what we’re talking about.
Cookies are simple text files that are saved on a visitor’s browser when they access a website. These files collect some information about the user that is later sent back to the site’s server during navigation and on subsequent visits.
The term “cookies” dates back to the early eighties and refers to the first forms of digital data exchange through servers. At the time, such files were referred to as “magic cookies,” but there is no official reason why these file packages have been named after a cookie. An IT mystery that remains unsolved, if you will.
What information does a cookie collect? All kinds. For example, it saves your language preferences when you visit web pages available in multiple languages, or the products left in your cart when you visit an e-commerce store without completing the purchase. Another typical case concerns the login credentials to enter a site – cookies save them so you don’t have to enter your username and password every time.
Let’s look at your website
Our free video audit will take a look at your website and the UX-design of your website. We will send you a short video with an analysis from one of our talented team-members.
The main categories of cookies
At a general level, we can divide cookies into three major categories:
- Technical cookies;
- Profiling or marketing cookies;
- Third-party cookies.
Technical cookies concern the user’s navigation settings and can be divided in these sub-categories:
- Analytics cookies, which contain statistical information about the browsing session;
- Functional cookies, which store user preferences to facilitate subsequent visits, such as the language settings we mentioned earlier;
- Social network cookies, which authorize sharing and interaction through social networks.
A profiling cookie collects and provides data for advertisements and formulates a hypothetical user profile to configure personalized advertising messages. Marketing cookies are undoubtedly the ones you’ll have to manage with the most care.
Technical and profiling cookies are generated directly by the site on which you are browsing, and are also called first-party cookies. Third-party cookies, on the other hand, collect navigation information on behalf of a different site or domain than the one you are visiting. This is the classic case of tracking pixels, such as those from Facebook or Google Analytics.
We should also distinguish between session cookies and persistent cookies – in other words, those that are deleted after closing the browser and those that are stored for subsequent visits.
As you can see, the cookie landscape is wide and varied and it’s easy to get confused. You should also know that the same cookie can belong to several different categories at the same time, depending on the information it catalogs.
Let’s stick to Google Analytics cookies as an example. They are both third-party and technical cookies because they transcribe some statistics about the visit. If they save the user’s IP address, then, they should also be considered as marketing tools.
How the cookie-related information should appear to visitors
Now that we know more about cookies, let’s understand how we have to warn our visitors about their use.
European law requires the user to see the profiling notice – in a banner, a pop-up or a notification bar – as soon as they connect to the site. The notice must contain the most relevant information about cookies and how they will be used.
The message that appears to the user after they connect to the site is known as “short information notice,” and should be a concise form through which visitors can give their consent by clicking on a button that usually says “I agree.”
This message must, by law, contain a link to a page with all the details on the use of cookies. This is the extended information, a document that the visitor can consult at any time during navigation. Usually, it is good practice to insert the link also in one of the fixed elements of the pages, such as the footer or the sidebar.
The extended information should include everything the user needs to know about the use of their personal data and its collection. You must also provide explanations on what cookies and on how they store statistics. The visitor, through the extended information page, must also be able to revoke their consent at any time, even if they have already provided it in the short information notice.
How to integrate the cookie policy into your site
We’ve done a quick overview of the legal requirements and the most popular types of cookies on the web. Now let’s get down to business and talk about what you can do to integrate a cookie policy in your WordPress site correctly.
Untangling rules and quibbles is not easy for those without a legal background. As of 2018, website owners have to worry not only about cookie legislation but also about the dreaded GDPR, the European Union’s General Data Protection Regulation – a directive that includes even higher penalties for those who fail to comply and has led to increasingly strict controls.
If you feel up to it, you can try to write the information on your own, perhaps with the help of the guidelines made available by the European Commission. With a little patience and preparation you can write the documentation independently, but be careful: every little mistake could cost you a fine of thousands of euros!
Our advice, in order to operate with peace of mind, is to get help from a law firm experienced in IT law. With the help of a professional, you will have a text that is tailor-made for your WordPress site. We understand, however, that such a consultation involves high costs and long production times, and is therefore not always the best solution.
Luckily there is another option. Cookies on WordPress can be managed through three plugins that help thousands of online businesses every day, and that don’t require legal preparation or financial resources for legal advice. The plugins we are talking about are:
- Iubenda;
- Cookie Notice;
- GDPR Cookie Consent.
These three tools are also available in a free version that provides policy templates suitable for any type of business. Let’s take a look at their main features.
Iubenda
Iubenda is one of the best-known and most popular tools for managing cookies, privacy policies and GDPR. It operates in more than seventy countries and its range of services is constantly expanding.
Iubenda has a legal department that draws up the legal documents to comply with the cookie policy and GDPR requirements. It also has the considerable advantage of being available in many different languages and provides you with the advice of a team of lawyers specialized in the legislation of the sector you are involved in.
Once your documentation is ready, you just need to install the appropriate WordPress plugin, and cookies will no longer be a problem for your digital enterprise.
Here are the most important advantages:
- Advice from an international group of lawyers;
- Eight different languages available;
- Regulatory focus for apps;
- Automatic adaptation to regulatory changes;
- 1,500 different clauses to choose from to customize your documents;
- A single dashboard for all your projects, which is very useful if you manage multiple WordPress sites.
Iubenda’s services start with a basic free template for privacy policy only. They then offer several subscription plans – starting at €27 annually – covering both cookies policies and GDPR.
Cookie Notice
Cookie Notice helps you configure the documentation on web pages with different options for customization. Among other things, it allows you to choose where to place the banner, edit the message and configure different options for accepting the policy, ranging from the classic “I agree” button to the “Accept by scrolling” option.
Here are some of its most interesting features:
- Several options to choose from for cookies expiration;
- Manual blocking of loading page scripts;
- Reloads the page after the user clicks “I agree”;
- Compatible with plugins for multilingual WordPress sites;
Compared to Iubenda, it is not a real legal aid tool, so it only provides standard disclosure templates; but it remains undoubtedly a valid plugin for small and medium-sized businesses. Plus, it is completely free.
GDPR Cookie Consent
With over a million active installations on WordPress, GDPR Cookie Consent is one of the most widely used plugins in the world.
Among its outstanding features are automatic scanning, classification of cookies on the site, and quick integration with the main monitoring pixels. The short information banner is 100% customizable in style, colors, fonts and size, and it can be easily integrated with your site’s graphics.
Among other things, GDPR Cookie Consent allows you to:
- Manage the configuration and description of cookies from the WordPress backend;
- Insert the complete list of cookies used in the extended information page with a simple shortcode;
- Show the cookies used in a convenient table thanks to the Cookie Audit module.
All for free.
Make your site safe and reliable for visitors
The three plugins we’ve talked about will help you set up a cookie policy on WordPress in just a few steps. As we’ve seen, the topic of cookies and visitor data protection requires a lot of attention and should never be underestimated. If you need help with setting up your privacy policy, cookies, or GDPR, get in touch today, we are here to help!