The GDPR has been negotiated and discussed in European legislation for several years. Despite that, in the last year, its entry into force caused a lot of excitement among all website owners, as well as Internet users. See what GDPR is, what GDPR restrictions on cookies are, and whether it is worth adding GDPR WP plugin to your site.
What is GDPR?
The GDPR stands for General Data Protection Regulation. It is a legal framework that defines the rules of collecting and processing of personal information within the European Union. It was created to catch up with the levels of technological change that happen across the continent. The GDPR came into force on May 25, 2018. What is GDPR in practice? Basically, it is all about three main courses:
- new rights for individuals to access the information that companies hold about them,
- obligations for companies to manage personal data better,
- new penalties for non-compliance with GDPR provisions.
Who is impacted?
The GDPR includes both personal data, and sensitive personal data. This means that every institution, company, start-up, foundation, e-commerce and so on that collects and processes such data is subject to GDPR.
Personal data is any data related to person’s identification. This is, for example:
- IP number,
- ID number, and so on.
Sensitive personal data is for example:
- political views,
- sexual orientation,
- genetic data.
What does GDPR say on cookies?
The GDPR notes that on the Internet, individuals can be associated with various online identifiers. Such tools include, for example, cookies. Despite the fact that not all cookies used on the internet can identify users, the great majority of them do. In such cases, the GDPR guidelines on cookies are clear. When cookies can identify a person via his or her device, it is considered personal data.
To become compliant with GDPR restrictions on cookies, companies will have to either stop aggregating the identifying cookies or find a legitimate way to aggregate and process this kind of data. What is important is that implied consent is no longer lawful. A user must consent for cookies through a clear and aware action, for example, by clicking a pop-up box or choosing settings or preferences under a settings menu. It is not enough to simply visit the site. Importantly, the user must also have the option to easily withdraw his or her consent.
How does GDPR WP plugin work?