In May 2011, the EU Cookie Directive was released concerning all websites operating in the EU countries or targeting customers within the European Union. The new law obliged website owners to provide visitors with the information on cookies policy and the possibility to accept or decline it. On May 25, 2018, another EU regulation came out in regards to GDPR compliance that introduced new personal data collection rules. EU directives impose lots of requirements on ecommerce businesses, making it difficult to comply with the established data processing standards fully. Luckily, there are third-party extensions in the Magento ecosystem that help to implement new rules and meet the EU requirements.
EU cookies policy legislation implies that websites should meet the following requirements:
- Informed consent with a cookies policy. It means that you should inform visitors that cookies are used on your web store and receive their approval.
- Consent received before the actual usage of cookies.
- Option to opt out. You should provide users with an opportunity to allow or refuse using cookies.
- Clear notification of the cookie usage. You can place a banner or insert a popup window on your website pages informing about your cookies policy.
Another challenge for merchants related to EU regulations is making their cookies policy compliant with the GDPR requirements. If you don’t consider GDPR rules when creating your cookies policy, it might lead to losing customers’ loyalty and turning away potential business partners. Moreover, websites that breach GDPR legislation are indebted to administrative fines that are quite tough.
- GDPR-compliant cookie notifications;
- Cookies usage with informed consent;
- Cookie notice bar linking to detailed information on the cookie usage;
- Cookie bar popup with the ability to allow/disallow particular cookie groups;
- Customers’ control over cookies consents;
- Guest visitor access to cookies settings;
- Cookies classification into essential and optional categories;
- Dedicated grid with cookies details in the Magento backend;
- Convenient management of customer consents;
- Auto-cleaning of the consents log;
- Store view-based cookies configuration.
Moreover, the Amasty EU cookie law consent extension allows displaying all types of collected cookies grouped in categories with their description in the special popup. By placing cookie bar popup on your store pages, you let customers decide which cookies they will allow instantly when they enter your website.
As a store owner, you can create different groups and assign cookies to them. You can set a category as essential or optional and specify its description. It is possible to create any number of cookie categories and organize them according to your sales strategy. For example, after collecting cookies consents, you can use customer data for Google and Facebook remarketing, Google Analytics, A/B testing, and other goals.
Furthermore, you can customize the design of the cookie bar to better fit into your store’s theme and choose its position on a page. It is also possible to disable the display of cookies on every page in case a user ignored them on the landing page. This way, you create less distractions for customers when they are browsing your web store. Besides, the Magento 2 cookie notice module allows configuring cookies per store view. Thus, you can create a custom cookies settings page with the possibility to translate its elements for each of your websites.
As for the backend management of cookies, you can view and manage them on a dedicated grid. The grid displays each cookie’s name and connection to a specific category. Here, you can also add descriptions of the cookies and specify their lifetime that will be available for your website visitors on the frontend.
As for managing customers’ cookies policy consents, they are gathered in the Cookie Consents grid that displays details on each consent, as well as essential customer data. Consent logging allows admins to track all actions related to the cookies policy and get more control over customers’ activity on a web store. Note that it is also possible to set the period during which you want to store cookies in the log and utilize automatic log cleaning.
To create and manage cookie categories, go to Customers → Cookie Consent → Cookie Groups. Here, you access a grid where you can classify cookies into different groups. The grid includes the following columns:
- Cookie Group Name;
- Is Essential;
- Is Enabled;
The grid supports filtering and sorting and allows deleting groups in bulk. If you need to make some modifications in the cookie group information, you should click “Edit” in the Action column. To create a new cookies category, click on the “Add New Group” button.
When configuring the settings of a new group, enable it, mark as essential if necessary, specify a custom category name, add a description with the explanation on the usage of a particular cookie, and assign selected cookies to the group.
You can manage all cookies on a separate grid that gathers the following details: a unique ID assigned to each cookie, cookie name, a category where a cookie is included, description, and the cookie lifetime. The Cookies grid also allows applying filters and sorting to the columns, use mass action to delete selected cookies, as well as edit them from the Action column.
The Cookie Consent extension allows adding new cookies right from the grid page. When configuring a new cookie, you should specify its name, description, and lifetime and link it to one of the groups you have created before.
You can view and manage customer cookie consents on a dedicated grid located under Customers → Cookie Consent → Cookie Consents Log. The grid gathers the data on customers who accepted the cookies policy and shows a customer’s ID, name, and email. Here, you can also see relevant websites and IP addresses, the date and time of cookies approval, and consent status.
As for the configuration of the Magento 2 Cookies Consent extension, its general settings are divided into 3 sections: General Settings, Cookie Bar Customization, and Page Speed Optimization.
Now, let’s see how the GDPR Cookie Compliance module functions on the frontend.
Another type of cookie bar displays all available cookie groups in the popup and lets customers decide which cookies they will accept by moving the corresponding toggle.
By clicking on the “Cookies Settings” button in the notification bar or “More Information” link in the popup, a customer will open a new page, listing all cookie categories. A user can move a toggle next to each category’s name to enable or disable it for processing. There is a description under each cookies group that clarifies how the cookies it contains are used.
The module also allows frontend users to check the list of all collected cookies in each group by clicking on the appropriate link.
The same page can be reached by clicking on the Cookie Settings link in the footer.