Your full-service-agency operating from Berlin, Hamburg and Madrid

New data protection laws

Important changes to the cookie banner

The “reject” button must be visible

It has been known for some time that the “reject” button on a cookie banner can neither be omitted nor hidden. At least since the introduction and enforcement of the General Data Protection Regulation (GDPR) in May 2018, it has been clear that website visitors must be able to access a cookie banner, which automatically appears when they view a page, in order to either consent to or reject the use of cookies.

Not all companies have put this into practice. As a result, more and more warnings and fines have been announced and imposed. Recently, the French data protection authority, CNIL, fined Google, or rather: google.fr, 150 million euros, while also imposing a fine of 60 million euros on Facebook because the website users in these cases needed several clicks before they could reject the cookies.

The German Data Protection Conference DSK (an association of German data protection authorities) shares this view. In December 2021, in its “Orientation Guide for Providers of Telemedia”, the group criticized the fact that the banners, through which a cookie consent must be obtained, are often lacking in transparency. The guide recommends that websites must “at least allow users to reject cookies without a series of additional clicks”.

This means that: If you want to avoid warnings, fines or a dispute with the supervisory authorities, then you should immediately double-check your own cookie banner and adapt it to these specifications.

Is your website in compliance with the GDPR policies?

Let us take a look and give you recommendations!

Get in touch

Is your website in compliance with the GDPR policies?

Let us take a look and give you recommendations!

Get in touch

Is your website in compliance with the GDPR policies?

Let us take a look and give you recommendations!

Get in touch

Some cookie consent tools are not GDPR-compliant

Those who use a cookie banner on their website often use so-called cookie consent tools. They ensure that a banner with the cookie notice is placed over the page when you visit a website.
But beware: These tools also move data – and sometimes they use servers that are not located in Europe or that belong to companies that are based outside of the EU. For this reason, the Administrative Court of Wiesbaden prohibited RheinMain University of Applied Sciences from using the cookie consent tool, “Cookiebot”, in December 2021. The servers of Cookiebot are located in Europe, but belong to a US provider. This means that the data is not stored in compliance with GDPR. Other cookie banner providers also work together with US services, which is not always apparent at first glance.

Conclusion: When choosing a cookie consent tool, be sure to pay attention to information such as “GDPR compliant”. We recommend the provider, cookiefirst.com, to our customers who are based in the Netherlands.

Frequently asked questions about cookies

What are cookies, exactly?

Cookies are small files that websites store in their browsers. There are cookies that are necessary technically – without them you cannot use certain functions of a website (such as storing login data or using a shopping cart). However, cookies are often also used to collect information about website visitors that is forwarded to other companies (including the Facebook Pixel). According to the GDPR, website users must have the option to actively consent to or reject the use of cookies when visiting a website.

The technically-necessary cookies are not affected. American Programmer, Lou Montulli, invented cookie technology back in 1994. Back then, the Internet had no memory. So, no connections between a user’s activities on a website could be made – you couldn’t fill a shopping cart. He called the small text files that overcame this problem “magic cookies”.

And what are cookie consent tools?

In the past, cookies were simply set without the user being notified. Now you have to give your consent on every website. And that’s how the term, “cookie consent tool (or consent management tool)” came to be – “consent” is the English word for the idea of voicing agreement with another’s actions. A cookie consent tool, therefore, helps with the technical implementation of a banner that places itself on a website, like a mask, and gives the user the opportunity to either agree to the use of cookies or to reject them. Often, there is also a third option in these tools: select certain cookies. In addition, cookie consent banners must contain a link to the privacy policy if the banner covers it on the website.​

Important changes to Google Analytics

It’s best to stop using Google Analytics

If you use Google Analytics, you should look for an alternative now! According to a recent assessment by the Austrian Data Protection Authority, DPO, a website operator is in violation of the GDPR if they use Google Analytics on their website.

The reason is similar to the judgment on the cookie consent banner. The use of Google Analytics carries with it an illegal transfer of data to Google LLC in the USA.

More concretely – this decision was about an Austrian company that was taken over by a German company. The case is, therefore, now also being examined by a German data protection authority. And the attitude of the German Data Protection Conference (DSK) towards Google Analytics and data transfers to the USA is well known.

Experts, therefore, expect that the Austrian decision will be upheld by the German authorities. Conclusion: This decision significantly increases the risk that website operators who use Google services will experience regulatory proceedings or warnings. We recommend that all website operators look for privacy-compliant alternatives from Europe this year to replace Google Analytics (and other Google services), or to prepare for disputes with the German data protection authorities.

A good alternative to Google Analytics

Be on the safe side with Pagesense or Matomo

We, at codafish, recommend Pagesense by Zoho or Matomo Analytics to our customers – with which you can track the surfing behavior of your website visitors without any privacy concerns.

Data protection is important to us!

…and, because that is the case, we work closely with data protection experts on this topic! If you need support for the technical implementation of legally-compliant cookie notices, please feel free to contact us!

Is your website in compliance with the GDPR policies?

Let us take a look and give you recommendations!

Get in touch

We are here for you!

We, at codafish, are your competent partner for digital projects

We would be happy to advise you on how to integrate legally-compliant cookie notices on your company website. We take care of the implementation and the regular updates.
Would you like to learn more with no obligation? Simply fill in the contact form or call us directly: +49 30 666384800

Dive into our World

Here is where we inform you about exciting digital trends and explain how you can use them in your business. In addition, we offer you a closer look at our work as a digital agency. Thank you for your interest. Thank you for your interest.

logo pimcore codafish silver partner

Six reasons you should use Pimcore

Every day, companies generate a ton of important data: information about products and services, suppliers and salespeople, marketing activities and sales, customers and their interests.

Read More
zoho news zoho one

Zoho: 10 reasons to switch to Zoho

Why Zoho? For a bit more detail about all of the amazing ways that Zoho can help you to take your business operations to the next level, here is our list of 10 things that we, here, at codafish, think make Zoho great!

Read More
codafish team timo mueller andreas wroblewski general manager partner

Grants for digital transformation in Germany

As an authorized go-digital consultant, we support you in the implementation and application process! Learn what grant-funding programs are available!

Read More

We call you!

Are you planning a new digital project and you have questions about our services? Complete this form or call us at 00800 26323474
  • This field is for validation purposes and should be left unchanged.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Error: Embedded data could not be displayed.
Error: Embedded data could not be displayed.