Many services offered by Google, like AdSense and Analytics, help businesses and developers enhance their online presence. These services help you track user interaction with your website and tell you where most of your traffic is coming from.
However, to use these services, you need to stay in compliance with international law.
In this article, we will take a look at how Google has updated its EU Consent Policy to comply with the GDPR. We'll also discuss the requirements of this policy and how you can ensure that you meet them.
It may not seem like it relates here, but you need to know some background about the EU Cookies Directive that came into effect in May of 2011. As part of an amendment to the e-Privacy Directive, it was adopted by all member states of the European Union.
It applies to:
Under this directive, the website owners are required to inform their visitors:
Websites need to display a cookies notice and obtain their visitors' consent. Most websites use banner notices for notifying visitors while asking for their consent.
Here's an example of a cookies banner notice from RT:
Websites that require cookies for transmitting communications or for operating are exempt from displaying the cookies notice and obtaining user consent. These may include cookies like authentication cookies, user input cookies used for filling forms or adding items to shopping carts, and/or cookies required for multimedia content.
The Google EU User Consent Policy came around just as the EU Directive was passed. Although Google's policy has very stringent demands, it is very much in line with the EU Cookies Directive.
So, if your website meets the requirements of the EU Cookies Directive, you'll likely be meeting the requirements of Google's EU User Consent Policy.
The aim of Google's EU User Consent Policy is to help those who use Google's services meet the demands of the EU Cookies Directive. This is what the policy says:
Google breaks down its requirements into two types of properties:
First, the properties under your control requirements involve any site or app that is under your control or that of your affiliate partner.
If you use Google products such as Analytics on a property that's under your control, you need to do the following:
Second, the properties under a third party's control requirements apply when your use of a Google product results in end-user personal data collected by a third party being shared with Google.
In these cases, Google requires that you use "commercially reasonable efforts" to make sure the third party is complying with this policy.
Compliance can be achieved fairly simply with just a few steps. Here's what you need to do.
Here's an example from Janitza:
Remind users that they can opt out and provide instructions for how they can do so.
You'll also need to keep records of the consent you obtain.
To comply with Google's EU User Consent Policy: