On February 1, 2022, a new law on electronic communications enters into force, which regulates the rules for the use of cookies. On this occasion, we were contacted by the podnikajte.sk portal and they asked us to answer a few questions in connection with the new rules, as we create e-shops and web applications.
- Do clients contact you with requests regarding these changes?
Yes. We have incorporated changes related to the new legislation for several customers.
- What process can they expect with this change? How will the new rules and the need to adjust the settings of cookies on the website affect the costs for companies, how much will it cost? How long can it take to adjust a website’s settings to meet the requirements of the new law?
On the one hand, it’s necessary to make changes to the website itself. We recommend clients use third-party tools that only deal with cookie processing. Examples are https://www.cookiebot.com/en/ or https://www.cookiehub.com/. Once installed on the website, these tools will provide everything necessary for the use of cookies within the framework of European legislation.
Depending on the size of the site, the services are priced from 5 to 40 Euros per month and the implementation itself ranges from 0 to 8 programming hours.
On the other hand, personal data protection is also linked to other processes. It may therefore affect accounting software or the whole information system. An example is data anonymization. If a customer wishes to delete the data, e.g. even from an economic system, this change should affect the entire infrastructure of the company, not just the website. At this point, the costs can vary significantly.
- Do the requirements of the new law always require the intervention of a developer or are there also cases when clients can deal with this change without cooperating with the supplier of the e-shop solution? Does the fact that it’s a tailor-made solution, an out-of-the-box solution or an open-source solution, also play a role in this?
It very much depends on how the solution is developed. In many cases, no developer intervention is required. However, if a customer decides to do their own implementation, it may be more demanding.
- What should the information about cookies or obtaining consent for their use look like according to the new regulations? How will it differ from the current method (from today’s form, e.g. cookie bars or pop-up windows)?
The basic difference lies in the fact that the current cookie bars, which we can see on various Slovak as well as foreign websites, were rather informative in character. They told the customer that they were using cookies and added a small explanation of what cookies were used and what they were used for.
It’s currently necessary to obtain consent for the use of cookies from the website visitor (opt-in principle). The website visitor should also be able to choose the categories of cookies, according to the purpose. They should be able to say whether they want to use basic cookies only or, for example, also marketing ones. If a customer doesn’t choose any option, website uses only the basic cookies that are necessary for the operation of the site.
Our implementation at www.edsi.sk or ortopedicke-matrace.cz can serve as an example.
- If you have already applied changes to cookies on some websites, how do website visitors respond to the new method of obtaining consent?
For the average user, this functionality complicates working with the website. On a theoretical level, we fully agree with the new regulations. It’s very important that online service providers inform customers about how they work with their personal data, and it’s equally important that customers have the opportunity to change their preferences.
But in practice, I don’t think that an average person will pay much attention to “another pop-up window”. Rather, they will perceive it as an obligatory step along the lines of: “I’ll quickly agree and continue clicking.”
In addition, what simply put “cookies” give us are often positive features, and this whole discussion demonizes them a little. For example, they allow personalized ads on social media, which is a feature that I like to use myself, and I personally don’t mind that Facebook knows that I want a new coffee machine.
