A lot is changing in Italy in terms of data protection: website owners can no longer claim legitimate interest in order to place tracking cookies on their users’ devices.
What are profiling cookies and what is legitimate interest?
Let's clarify a couple of key points about profiling cookies and legitimate interest.
First of all, there is a big difference between technical and profiling cookies. While technical cookies are only functional and are used to provide the service to ensure the smooth running of the website, profiling cookies track users when they surf on websites or applications. The objective of profiling cookies is to collect user data to facilitate direct marketing activities and show the user targeted ads.
The legitimate interest of a website owner may constitute the legal basis of the processing as an alternative to consent. In a nutshell, before the new Garante Guidelines arrived, the website owner could place profiling cookies on users’ devices and process their personal data without their consent, under the claim of “legitimate interest”. Today, this is no longer possible. If personal data is being processed, the user must be informed.
Would you like to know what are the main changes regarding the Garante's Guidelines in Italy? Read the article here.
The rise of consent
Originally, the GDPR had been notably ambiguous on whether or not direct marketing can constitute as a legitimate interest, i.e. it can be done without user consent. This engendered confusion, and website owners carried on with their marketing activities, simply including legitimate interest clauses in their cookie banners.
The Italian Garante Guidelines have clarified the issue: cookies and other tracking tools with purposes that are non-technical (such as direct marketing)can only be used with valid user consent.
Also, such consent may only be considered valid if it is the consequence of a positive and conscious action that is verifiable and demonstrable. Consent must also be specific, i.e. expressed in relation to each different purpose of processing.
Here is an example of a 100% compliant cookie banner. For more examples of Didomi clients who have implemented both compliant and creative banners, see our article here.
How Didomi can help you
A CMP helps you collect, store and synchronize consents in a compliant way, prioritizing consent, not legitimate interest, as we believe this will mark the future of data collection. It also allows your users to choose, one by one, the purposes for which their data will be used.
The Didomi CMP second level where users can make their preference choices on a purpose-by-purpose basis.
Didomi ensures compliance with local regulations, but also highly values performance. We help our customers ensure high consent rates, and provide analytics dashboards so that our clients can stay up to date on the data they collect.
We also provide AB testing on the format, style and text of the banner, to ensure the highest consent rates possible for our clients.
Didomi's CMP on both mobile and web - This tool easily manages and optimises user consent collection on all your channels.
Kick start the implementation process today with one of our GDPR & Garante experts and benefit from an efficient, compliant and highly-performing CMP!