Consent is closely linked to the information we provide to the person concerned. No provider can guarantee that the recipient, using his or her free will, will make better or worse use of the information made available to him or her.
However, what can be guaranteed is that this information will be presented in a way that is “accessible” to the recipient. This means that the information must be given before the information is stored on the device. The information must be provided in a clear and precise language, avoiding any ambiguity, information overload and separately from other legal notices and general conditions, among other requirements.
Information society service providers are familiar with the methods to be used when they want to draw the attention of their users to certain products, services or information. Therefore, the requirement to ensure that information on the use of these technologies is guaranteed in such a way that the user can access it without any effort is not a special challenge.

With respect to privacy, please note that any individual can be identified online by the identifiers provided by their devices. (recital 30 RGPD).
Well, this identification gives the providers the possibility to combine the data obtained from the browsing habits on their websites, with the behavior of that user in other domains, its geolocation, etc. This allows the elaboration of profiles of individuals and their identification.
If the identification of a natural person already falls within the scope of the RGPD, the elaboration of a profile of the same is a specially protected aspect in terms of data protection. This means that a careful examination will have to be made of what kind of personal data are being processed and, depending on the specific processing, security measures will have to be taken to ensure the legitimacy of the processing.

Withdrawal of consent

Perhaps one of the most controversial issues regarding cookies is the obligation by which the person concerned must be able to withdraw his or her consent as easily as I do. In practice, this is implausible and not very functional. The cookie warning is a warning offered to the user as soon as he or she visits the web content of the page. Consent can be given with a click. While to withdraw it is necessary to “make several clicks” and browse the website.
Therefore, within the agglomeration of basic information to be delivered to the interested party, it must include clear information on how to accept, deny or revoke consent or delete the cookies stated through the functionalities provided by the publisher (the management system or configuration of cookies that has been enabled) or the navigation software used or the operating system of the terminal or through the common platforms that may exist for this purpose. The reference to the settings of the navigation system is valid. If the publisher’s management system does not allow the rejection of third party cookies once accepted by the user, information will be provided on the tools provided by the browser or by third parties. Users are advised that if they wish to delete third party cookies, they may do so through the means made available by the latter or from the browser itself.

When can cookies be used and installed?

The use of the cookie may take place when the user has the mandatory information about cookies and the way to obtain consent and the consent is given in accordance with the legal requirements, explained above.
Therefore, any use of cookies or similar technologies must be accompanied by the informed consent of the users for such use, so that the recipients have the opportunity to examine the information and decide whether or not to accept the use of such devices.

Obtaining consent for the use of cookies when a publisher provides services across different pages

Is it possible that the same publisher that provides different services through different domains can inform and obtain consent for the use of cookies in all its domains through a single web page? Yes, it is possible to obtain a single consent from the publisher for the storage of information on the user’s device or terminal when the cookies installed due to access to different domains owned by the publisher have similar characteristics related to the provision of services requested by the user. In any case, it is necessary to inform which are the web pages or domains of its ownership from which the cookies are going to be sent, the type of cookies and the purposes for which they are being used.

What happens when the content of the cookies changes?

Generally, once consent has been obtained from a user for the use of cookies, it will not be necessary to obtain it again as long as the purpose of the cookies or the third parties that process the data obtained are not changed. In the event that the privacy policy is updated, the user will be given the opportunity to make an informed decision as to whether or not to accept the policy.

Can access to the service be denied if the user refuses the installation of cookies?

As a general rule, the use of “cookie walls” is not legal. It is not permitted to deny access to the service to a user for not accepting the installation of cookies. This does not prevent that if access to certain areas of the domain is restricted if the policy of cookies is not accepted.

Leave an answer

Your email address will not be published.

The company processes your data to facilitate the publication and management of comments. You can exercise your rights of access, rectification, deletion and opposition, among others, according to our Privacy policy.