GDPR compliance

[Richard Williamson]

I've had a notice from Google that our site does not comply with google's cookie policy on consent - I've pasted the email below. Is there a simple solution to enable this for our IPS site?

 

Quote

On May 25, 2018, we updated Google’s EU User Consent Policy to coincide with the General Data Protection Regulation (GDPR) coming into force. This Policy outlines your responsibility for making disclosures to, and obtaining consent from, end users of your sites and apps in the European Economic Area (EEA) along with the UK. It has come to our attention that the attached site(s)/app(s) do not comply with our Policy, because they:

• do not seek to obtain consent from users, and/or • do not correctly disclose which third parties (including Google) will also have access to the user data that you collect on your site/app. You can view these controls and the list of ad technology providers in your Ad Manager, AdSense or Admob account. • do not otherwise meet the requirements of Google's EU User Consent Policy.

If you have guidance or confirmation from a Data Protection Authority that the domains listed do not require a consent notice or that they otherwise already comply with applicable privacy laws, including GDPR, please contact us. We will review any guidance you have received from a regulatory body and take action accordingly.

Action Needed

Please check the site(s) or app(s) listed in the attached file and take action to ensure they comply with our Policy. We will re-review your site(s) or app(s) regularly and monitor your account. We may take action, including suspension, if the Policy violations have not been resolved by Apr 5, 2023.

Policy Requirements

The EU User Consent Policy outlines your responsibility as a user of our ad technology to:

• Obtain EEA along with UK end users’ consent to: ○ the use of cookies or other local storage where legally required; and ○ the collection, sharing, and use of personal data for personalization of ads. • Identify each party that may collect, receive or use end users’ personal data as a consequence of your use of a Google product. • Provide end users with prominent and easily accessible information about those parties’ use of personal data

Find Out More

You can refer to our Policy help page for more information on complying with Google’s Policy including a checklist for partners to avoid common mistakes when implementing a consent mechanism. We also recommend that you consult with your legal department regarding your compliance with the GDPR and Google’s policies.

 

[Marc Stridgen]

Taking a look at your site I make the following observations

• you don't currently appear to have a privacy policy at all, which you really should have on there based on the above. We also provide the ability to add cookie information used by the software, although any 3rd party cookie information such as that from google, would be for you to include yourself within your privacy policy if needed.
   
• You also don't have a guest confirmation bar on there, which can link to the privacy policy, cookie bar, or anything else you wanted it to

While we are unable to provide legal guidance on following rules within your particular jurisdiction, these would certainly be a good place to start. If you go to your admin CP and type in GDPR in the search bar, we have added this as a search term to these items to make them easy to find.

Hope this helps you get to where you need to be.

[Richard Williamson]

Thanks Marc - I think the privacy must have dropped off ewhen we migrated. Thanks for the signpost to those settings, have turned them on now!

[Marc Stridgen]

No problem at all. Happy to get you were you need to be 🙂