On March 31st, 2021, the French Data Protection Authority (the “CNIL”) will start to actively check that websites and apps are respecting the French Cookie Consent guidelines.
We’ve created the short list below to help you understand these requirements and meet them with minimum effort.
Are you or your users based in France? Then CNIL requirements apply to you.
The 5 most important facts about the French Cookie Consent guidelines, and how iubenda can help you.
You must allow your users to choose freely between giving and declining their consent to cookies. Both choices must be equally conspicuous and users should not be pressured to give their consent. Your Cookie Banner must, therefore, include BOTH an “Accept” and a “Reject” button.
You need to use iubenda’s Cookie Solution:
All third-parties whose cookies are consent-based must be individually mentioned in your Cookie Policy and links to these companies’ Privacy and Cookie Policies must also be included.
You need to use iubenda’s Privacy and Cookie Policy Generator:
Users should not be prompted to express their consent choices too often. Therefore, regardless of whether a user has given or denied consent to cookies, the CNIL considers that such choice should be stored for 6 months, before users are asked again.
The 6-months-period is considered as a best practice and not as a hard requirement.
You need to list the categories of cookies you’re using (strictly necessary, basic interactions & functionalities, experience enhancement, measurement and/or targeting & advertising) on the first layer of your cookie banner.
Customize the banner content in the “Advanced view” of the configurator (more info in our advanced guide) and mention the categories of cookies you’re using. Please note that we’re going to publish very soon a 1-click option to allow you to seamlessly meet this requirement.
CNIL plans to publish a list of analytics tools that do not require consent under French legislation. These analytics tools and their associated cookies will be exempt from the above consent requirements.
If you’re using iubenda and you’re subscribed to our newsletter, you only need to wait for our email about the list of analytics tools that do not require consent under French legislation. We’ll inform you as soon as CNIL publishes this list.
Then you only need to make sure your configuration is tweaked according to our instructions above.
Start using our Privacy and Cookie Policy Generator and Cookie Solution to create your Cookie Policy & Cookie Banner and easily meet these Cookie Consent requirements.
Make sure to also check out our Cookie Consent Cheatsheet for a clear overview of the French cookie consent regulations. Curious if the French regulations are stricter than those of other countries? You can find that out, too.