Consent Management Platforms (CMP) for Beginners

Tobias Pennings
November 13, 2023
Overview
This is also a heading
This is a heading

In the current digital age with increasingly stringent privacy regulations (such as AVG) in Europe, managing cookies is a major challenge. Cookies are invaluable for collecting user data and personalizing online experiences, but they have also raised concerns about privacy and data protection.

In this article, we dive deeper into the Cookie World and clarify the role of Cookies in current digital marketing and data protection strategies. Whether you're a marketer, a website owner, or a privacy-conscious consumer, this article gives you insight into the role of Cookies and how Cookie Management Platforms can contribute to the balance between personalization of online experiences and privacy.

What are Cookies?

Before we dive into the use of Cookies Management Platform (CMP), we'll explain to you exactly what Cookies are.

Cookies are pieces of code that are forwarded from a website that you visit to your web browser. They are stored on your (mobile) browser (Chrome, Safari, Edge, etc) that you used to visit the website. They serve various purposes, such as remembering information about your visit to a website. For example, cookies can include information about which pages you visited, how long you stayed on a website, what products you placed in a shopping cart, or even your login details.

Cookies are pieces of code
Cookies are pieces of code that are forwarded from a website

This information is useful for both the website visitor and the website owner. For visitors, cookies can improve the user experience, for example by keeping you logged into a website or showing product recommendations based on your previous activities.

For website owners, cookies help understand the behavior of their visitors and can optimize their website to better meet the needs of their users.

Different types of cookies

Not all cookies are the same. Some cookies are automatically deleted when you close the browser, while others remain on your device for a longer period of time. There are also third-party cookies, such as Meta or Google, that are used to track your online activities and tailor ads.

There are different types of cookies that are used on the website. Each type of cookies has its own specific purposes. Here are the most common cookies:

  • Session cookies: These are temporary cookies that are automatically deleted when you close the browser. They are used to store temporary information about the website visitor for that single session, for example items that have been added to the shopping cart. When the session ends, these cookies are not stored.
  • Persistent cookies: These remain on your browser. Even after you close your web browser. Persistent Cookies do have an expiration date; after a certain period of time, they are automatically deleted. These cookies are used to remember information the next time you visit the website, such as your login details about language settings.

Both types of cookies can be divided into different cookie categories:

  • Functional cookies: Functional cookies are intended to improve the visitor's user experience. For example, it stores which region you're visiting your website from or what language you've set the website to.
  • Analytical cookies: These cookies are used to collect information from your website visitors. As a website owner, they give you insight into the behavior of your visitors. What pages did they visit? How long to stay on this page? What do people click on?
  • Marketing and advertising cookies: These are used by advertisers (such as Meta and Google Ads) to track users and make ads better suited to customer needs. Information such as your interest and surfing behavior is hereby registered. These cookies ensure that advertisements can be more personalized, but now also cause concerns about privacy.
  • Tracking cookies: This is a specific type of marketing cookie that is used to track users across websites. They can be used for advertising purposes, but often have privacy implications and are influenced by stricter regulations.
  • Third party cookies: These are cookies that are placed by third parties, such as advertising networks or social media platforms, and not directly by the website you visit. These cookies are often used for advertising and marketing purposes and can share information between different websites.

What is a Cookie Management Platform?

A Cookie Management Platform (CMP) is the software that you use to manage and control the cookies on your website. A CMP is primarily intended to ensure that you, as a website owner, comply with privacy regulations. In addition, it is intended to give website visitors transparency and a choice when it comes to the use of cookies.

Examples of Cookie Detectors
With a Cookie Management Platform, you ensure that you comply with (online) privacy regulations

We have listed the most important functions of a CMP for you:

  • Cookie management: Every website uses cookies, as a website owner, you are responsible for managing them. A CMP helps you identify, classify, and manage the different types of cookies.
  • Consent management: A visitor to your website should always be able to consent to the use of cookies. Through a popup window on the website, visitors indicate their preferences for accepting different types of cookies.
  • Transparency: As a website owner, you are obliged to be transparent about the use of cookies. A CMP ensures that website visitors have easy access to this information. This includes, for example, what types of cookies are used, what they are used for and which parties collect the data.
  • Comply with regulations: By using CMP properly, you comply with the most legal requirements regarding privacy. This way, you comply with all the rules and prevent any fines or legal problems.
  • Reporting: A CMP often also provides a report on the use of cookies on your website. This can be valuable for internal control (how often are your cookies accepted/not accepted?) and ensures that you can demonstrate that you comply with the legislation.

Managing cookies has become increasingly complex in the past period. Not only does it take technical knowledge to set everything up, it also involves legal considerations. That's why using a CMP is so important. With the right CMP, you ensure that you, as a company, can comply with all rules concerning Cookie Management, both technically and legally.

What is important when choosing a CMP?

The range of CMP systems is enormous. To make sure you make the right choice, there are a number of points to pay attention to.

  • User friendly: Of course, the system must be user-friendly. Not only for yourself (easy to use and implement) but also for your website visitors. They must be able to easily give or refuse consent.
  • Comply with laws and regulations: Always check whether the CMP complies with the relevant and current privacy laws in Europe. Do you use US software? Then keep in mind that different rules apply in America! Prevent any fines or legal issues.
  • Integration options: Check out the integration options with other software tools and systems you're already working with, such as your CRM system or e-commerce platform.
  • Support and updates: Always check whether the software also offers good customer support. If you run into problems, it is nice if you are helped easily and quickly. In addition, it is also good to check whether updates take place regularly, so that it always complies with changes in privacy laws and regulations.
  • Costs: Everything costs money these days, even a good CMP often comes with costs. Compare the prices of different providers and always check if there are any additional costs for extra features or support, for example.

Some of the systems we recommend:

Cookiebot cookie detector
Cookie detector from Cookiecode.co.uk
iubenda cookie detector

Common mistakes when setting up CMP

As has often been mentioned in this article, setting up a CMP is quite technical. Without the right knowledge, it can be very complex and errors can quickly lurk. We list the most common mistakes for you.

  • Incomplete or unclear information for visitors: It's important that your information is complete and clear for your visitor to understand. It must be clear which cookies your visitor gives consent to and also what these cookies are used for.
  • Forcing your visitor to accept cookies: You often see with a Cookie Detector that a visitor actually has no choice but to accept the cookies. There is no option to decline. This is in violation of regulations.
  • Data, consent and preferences not followed: If a user does not consent to the use of cookies or changes their preferences, this must always be followed up immediately. So make sure you do something different than what you promise.
  • Ignore regulations: Please note that the laws and regulations for the use of Cookies vary by country or region.

You must avoid the above mistakes at all times. These errors can not only cause legal problems (which is bad enough), but can also make website visitors less confident in your organization.

Google Consent Mode

By using Google Consent Mode, you can report the status of your users' cookie consent to Google. Tags and the way in which those tags are collected are then adjusted based on the choice made by a user.

Activation mode works in conjunction with your Consent Management Platform. This mode receives users' consent decisions via the cookie notification or widget and dynamically adjusts the behavior of Analytics, Ads, and external tags that create or read cookies.

If visitors decide not to give consent, this is sent to Google via Google Consent Mode instead of storing cookies. If you're using Google Analytics 4, Google will supplement the missing data with conversion modeling and behavioral modeling.

Therefore, if the user does not consent to the processing of their data for Google Analytics, the Consent Mode in Google Analytics generates a random fake user ID before data is collected, which is not stored as a cookie. This identifier is refreshed each time the page is reloaded.

This means that each page view is attributed to a new user ID and session, making users, sessions, and page views completely independent. Additional events besides page views are identified with the same identifier as the page where they occurred.

This way, you can continue to collect valuable performance data while respecting each user's privacy preferences. The disadvantage of using Google Consent Mode is that visitors who refuse cookies are excluded from processes that use cookies and process personal data, such as saving your shopping cart or staying logged into a website. But the benefit of using Consent Mode is for users who don't want to be tracked. This gives those users the certainty that they can be safely on your site.

CMP combined with Server-Side Tagging

Server side tagging is an advanced approach to website tracking and analysis. Normally, websites place third-party pixels (pieces of code) that allow visitors' browsers to collect and forward data. With server-side tagging, the measurement of visitor data takes place via a server of the website itself, so the owner of the website remains in control to choose which platforms to send that stored data to.

With server-side tagging, visitor data is measured via a server, so that the owner of the website is in control to choose which platforms to send that stored data to.

Benefits of Server Side Tagging with CMP

Via Server side Tagging, you have control over which data you forward. For example, if you load a Meta Pixel, Meta can decide for itself which data is forwarded and there is little chance that you are AVG compliant as a party. When you load your own pixel (which is connected to your own server), you can decide from the server how to forward this data to Meta so that you are compliant.

How do you set up Server Side Tagging with your CMP?

Setting up the CMP in combination with Serverside Tagging is basically the same. You ask the visitor what they give permission for and you ensure that you process the consent data via your own server.

Conclusion

By now, the importance of a good CMP system is hopefully clear to you. As an (online) entrepreneur, you don't want to run the risk of legal or even financial consequences. Make sure you read carefully about the various options and options.

Are you going to be too dizzy with all the technology that comes with it? Then get the help of an expert!