In May 2011, the EU Cookie Directive was released concerning all websites operating in the EU countries or targeting customers within the European Union. The new law obliged website owners to provide visitors with the information on cookies policy and the possibility to accept or decline it. On May 25, 2018, another EU regulation came out in regards to GDPR compliance that introduced new personal data collection rules. EU directives impose lots of requirements on ecommerce businesses making it difficult to fully comply with the established data processing standards. Luckily, there are third-party extensions in the Magento ecosystem that help to implement new rules and meet the EU requirements.
Below, we describe the core features of the Amasty Cookie Consent extension for Magento 2.
EU cookies policy legislation implies that websites should meet the following requirements:
- Informed consent with a cookies policy. It means that you should inform visitors that cookies are used on your web store and receive their approval.
- Consent received before actual usage of cookies.
- Option to opt out. You should provide users with an opportunity to allow or refuse using cookies.
- Clear notification of the cookies usage. You can place a banner or insert a popup window in your website pages informing about your cookies policy.
Another challenge for merchants related to EU regulations is making their cookies policy compliant with the GDPR requirements. If you don’t consider GDPR rules when creating your cookies policy, it might lead to losing customers’ loyalty and turning away potential business partners. Moreover, websites that breach GDPR legislation are indebted to administrative fines that are quite tough.
- GDPR-compliant cookie notifications;
- Cookies usage with informed consent;
- Cookies notice bar linking to detailed information on the cookies usage;
- Customers’ control over cookies consents;
- Guest visitor access to cookies settings;
- Cookies classification into essential and optional categories;
- Dedicated grid with cookies details in the Magento backend;
- Convenient customer consents management;
- Store view-based cookies configuration.
As a store owner, you can create different groups and assign cookies to them. You can set a category as essential or optional and specify its description. It is possible to create any number of cookies categories and organize them according to your sales strategy. For example, after collecting cookies consents, you can use customers data for Google and Facebook remarketing, Google Analytics, A/B testing, and other goals.
As for backend management of cookies, you can view and manage them on a dedicated grid. The grid displays each cookie name and connection to a specific category. Here, you can also add descriptions of the cookies that will be available for your website visitors on the frontend. As for managing customers’ cookies policy consents, they are gathered in the Cookie Consents grid that displays details on each consent as well as essential customer data. Consent logging allows admins to track all actions related to the cookies policy and get more control over customers’ activity on a web store.
Besides, the Magento 2 cookie notice module allows configuring cookies per store view. Thus, you can create a custom cookies settings page with the possibility to translate its elements for each of your websites.
To create and manage cookie categories, go to Customers → Cookie Consent → Cookie Groups. Here, you access a grid where you can classify cookies into different groups. The grid includes the following columns:
- Cookie Group Name;
- Is Essential;
- Is Enabled;
The grid supports filtering and sorting and allows deleting groups in bulk. If you need to do some modifications in the cookie group information, you should click “Edit” in the Action column. To create a new cookies category, click on the “Add New Group” button.
When configuring the settings of a new group, enable it, mark as essential if necessary, specify a custom category name, add a description with the explanation on this particular cookies usage, and assign selected cookies to the group.
You can manage all cookies on a separate grid that gathers the following details: a unique ID assigned to each cookie, cookie name, a category where a cookie is included, and description. The Cookies grid also allows applying filters and sorting to the columns, use mass action to delete selected cookies, as well as edit them from the Action column.
The Cookie Consent extension allows adding new cookies right from the grid page. When configuring new cookie, you should specify its name and description and link it to one of the groups you have created before.
You can view and manage customer cookie consents on the dedicated grid located under Customers → Cookie Consent → Cookie Consents. The grid gathers the data on customers who accepted the cookies policy and shows a customer’s ID, name, and email. Here, you can also see websites and IP addresses as well as consent type (notification or confirmation cookie bar consent), the date and time of cookies approval, and status.
In the next settings tab, you can configure necessary options to create a custom design of your cookies policy bar. Here, you select the position of the bar (top or bottom of the page) and select colors for background, buttons and text on them, text of the notification, and links.
Now, let’s see how the GDPR Cookie Compliance module functions on the frontend.
By clicking on the “Cookies Settings” button in the notification bar, a customer will open a new page listing all cookie categories. A user can move a toggle next to each category’s name to enable or disable it for processing. There is a description under each cookies group that clarifies how the cookies it contains are used.
The module also allows frontend users to check the list of all collected cookies in each group by clicking on the appropriate link.
The same page can be reached by clicking on the Cookie Settings link in the footer.