Hi Siif Floor!

I did some research on Privacy policies and Cookies within the EU and could not find any specific requirements on how the cookie banner should present cookies information.

In summary, you must request consent for cookies that are used for tracking only.

Resource: https://europa.eu/youreurope/business/dealing-with-customers/data-protection/online-privacy/index_en.htm

Currently Simplero's cookie banner has this option built-in.

If you would like to provide further details on any tracking you might be doing through your site and cookies, you can provide the details in your Privacy Policy page that's linked in the Cookie banner.

Let me know if there are any other specific requirements within the EU that we are not aware of.

Lis Alvarez

Thank you for looking into this.

I hope you are able to translate it into English :)

And here are links to the regulations that are referred to in the chat:

Hi Siif Floor! I've been working with Victor on the document you shared yes :)

Funny enough, when you visit the eur-lex.europa.eu links you get the same cookie banner format that we use in Simplero.

If you use tracking, you can set it up so that Simplero doesn't run the tracking if the user hasn't accepted cookies.

More info on this guide: https://help.simplero.com/courses/1837-how-to-guides/lessons/489542-cookie-consent-banner

Thank you 🙂

-----

That is for sure interesting. I assume that you have concluded that this covers the part "that users should be allowed to give their specific consent depending on the purpose of the different types of cookies they are accepting, e.g. they should be able to give separate consent for tracking cookies."

I guess that we will have to look into if the Danish rules are similar to the EU rules or if Denmark has made its own more strict rules 🙈

I'll pass it on to the legal workers in the organization 'Dansk Erhverv' there must be someone there that can help us clarify this.

----

Hoping you will get back to me on these two as well:

You can see a link to the chat here.

And here are links to the regulations that are referred to in the chat:

Thank you very much 🙂

Siif Floor, the list of cookies they accept are based on whatever tracking code you add to your Simplero account/sites/landing pages... We are not planning on generating automatically a list of the tracking code you add to your Simplero account. Mostly cause you could put pretty much anything in there.

I understand by the regulations above that admins should list whatever tracking cookies they are using to their privacy policy page :)

Thank you for your response.

I will get back to it when we have time to dig into to the danish rules.

--

Will you reply to this as well: :)

You can see a link to the chat here (scroll to the buttom of the chat)

And here are links to the regulations that are referred to in the chat:

Hi Siif Floor,

We keep logs of who's accepted GDPR for processing someone's personal data. I'm sure you know how to find those in the Contacts page :)

As far as I understand tracking cookies, you are not recording personal data when tracking through GA, FB pixel, so you don't need to keep record of their cookie consent for that purpose.

Thanks a lot 🙌

I think I have all the info I need now to check up on it with 'Dansk erhverv's legal team' - if not, I'll get back to you 🙂

Lis Alvarez Hi Lis, On behalf of Siif I have consulted a lawyer at the Danish Chamber of Commerce regarding the question about cookie banner format. The lawyer is specialized in Danish business and commerce legislation.

The lawyer told that EU countries have the same GDPR regulation, but the various EU countries enforce the rules differently and Denmark has a more restrictive legislation than most of the other EU countries except Sweden. Because of that, we can't use the same cookie banner as eur-lex.europa.eu.

In Denmark, a cookie banner format MUST include the following options: allow all cookies, allow selected cookies, reject all cookies. Under the "allow selected" button, the user should be able to choose between necessary, statistics, functional, and marketing cookies with seperate checkmarks.

Furthermore the cookie MUST contain an generated automatically updated list of all the cookies the site collects with the following information:

1. Cookie name

2. Provider

3. Purpose of the cookie

4. Type of cookie (e.g., necessary, statistics, functional, marketing)

5. Duration of the cookie (e.g., session cookie, persistent cookie)

6. Description of cookies (HTTP or HTML)

The list can be hided under a "show more" button.

I have enclosed a exampel of a legal danish cookie banner format.

It is very important for us that you update the cookie tool so we can comply with Danish legislation regarding cookie banner format. We are looking forward to hear from you soon.

Thanks Jette Würtz, I've shared the details you've provided with the team.

Siif Floor: Hi!

Of course. This is under my radar and I will discuss it with the team. I hope to bring some updates soon.

Angel Orozco Thank you very much 😊

Angel Orozco An update on this please 🙏

Siif Floor: Hi. I'm really sorry, we've been reviewing other requests and haven't reached this one yet. I expect this week or the next one we'll have a decision and I'll let you know.

Angel Orozco

In my honest opinion, this should automatically be on top of your list as soon as a thing like this is brought to your attention.

I know that GDPR sucks (I agree) - but it is a legal matter that affects all of your european accounts and could lead to significant fines for all of those businesses.

Please prioritize this even though this is not the request with the most votes.

Siif Floor: Thank you for your opinion. I agree, and I will try to discuss this with the team as soon as possible.

Angel Orozco any update yet?

Regarding to this: "And yes it is our own responsibility to add the relevant information about cookies used to our privacy policy page and link to that in the cookies settings."

Then it would be preferred if Simplero can deliver an updated page we can link to with the cookies they use.. Or if there is an other way we can keep track of what cookies they use, then a guide that tells us how to do so.

Regarding to this:

"Regarding documentation of consent, I would believe it is enough, that the registration of the click shows in the clients browserhistory. I'm not even sure it's legal to store random visitors IP adresses for this purpose if it is even possible."

If the client has accepted cookies it does not seem to be enough that the client has the data in his/hers browser history.

The Danish guidelines says "As part of your responsibility, you must be able to document the consent." (translated from Danish. Original Danish text: "Man skal som led i sin ansvarlighed kunne dokumentere samtykket.")

So we have to have access to a log of their cookie consent.

Siif Floor In regard to list of cookies in privacy policy: Do we need more than what is stated here https://simplero.com/privacy-policy under Use of cookies? I think pasting that section into our own cookie section in our privacy policy should be enough?

Siif Floor In regard to documentation of consent: Have you examples of how other services stores this info? I can only see that it would mean storing IP and consent history since for most visitors that accept cookies we don't know who they are at the point of consent. And for how long should we store this? I see a potentially GDPR violation coming out of this.

Merete Stenner

Regarding documentation:

We use cookiebot for our wordpress site and they have a log that we can dowload in excel format with a lot of information about when they gave consent, what browser they used, a consent ID and much more. I guess they give consent for that as well when whey give the consent to the cookies.

I believe that "Digitaliseringstyrelsen" in Denmarks use Cookiebot as well. https://digst.dk/

Merete Stenner wrote "In regard to list of cookies in privacy policy: Do we need more than what is stated here https://simplero.com/privacy-policy under Use of cookies? I think pasting that section into our own cookie section in our privacy policy should be enough?"

I believe that is enough yes, but it would be more helpful to have something where we do not have to manually keep an eye out for updates... If we just copy/paste the text ,manually then we have to check all the time if there has been any changes. So i would prefer somewhing that are able to automatically show all the cookies that simplero set and that we have added our self via the tracking codes on our products, lists, account etc. Maybe something we can embed into our privacy policy or some kind of a GDPR-cookie-section for landingpages so we can build our Privacy policy on a page in simplero.

The best solution in my opinion would be if there is a button/link on the cookiebanner that pulls up a list of the cookies that are used in our simplero page/account like the one on

or