Grey hairs over GDPR

Grey hairs about GDPR?

We have recently received an increasing number of contacts about the GDPR. (General Data Protection Regulation <General Data Protection Regulation>)
Although this law regulating the processing of personal data became applicable in all EU countries in spring 2018, it continues to raise some eyebrows, especially among small businesses who may not have the resources to familiarise themselves with the subject as much as they should.

We did our own little poll on the subject, and a quick browse through five different websites showed what we had been thinking: the need for help in this area is greater than you might suddenly imagine.
Is your site already equipped with a privacy policy and that annoying pop-up that asks the visitor to accept the cookies used on the site?

What is GDPR

GDPR stands for General Data Protection Regulation.
It is the law governing the processing of personal data that became applicable in all EU countries in spring 2018.
This law governs how companies must handle the personal data of website visitors

WHAT IS EVESTE

A cookie is basically data that a web server stores on the computer of a user visiting a website.
The purpose of a cookie, in all its brevity, is to improve the user’s experience of surfing the Internet.
Cookies allow websites to recognise, for example, whether you have visited the site before.
Whether you have returned to a site and found that it remembers your previous language choices.
If you have previously chosen Finnish instead of English as your language of use, the site will translate the text for you without any extra choice.
Cookies are also used to collect technical information about the devices you use to surf the web.

WHETHER COOKIES ARE USEFUL

Yes.
As the examples above clearly show, cookies are useful to a certain extent.
It’s up to each individual to decide in their own little mind how useful, but I don’t think anyone can argue that cookies don’t make our lives in this golden age of the Internet quite a bit easier.
From a service provider’s perspective, benefits can be measured from a few other perspectives as well.
For example, cookies are used to track the behaviour of a visitor: how long he stays on the site, which links he clicks on, whether he leaves the site immediately on arrival and/or whether he returns later.
To give a few examples.
On this site we also monitor the above mentioned things, in addition to which we monitor, among other things, the times of the day when our site receives the most traffic and the different channels from which users have come to our site (Google, Facebook, YouTube, etc.).
The purpose of tracking is by no means stalking (yes, there are still people who think that way in Finland today), but rather to use this information to create more targeted content for the visitor, so that the user experience is smoother on their next visit.
In use, the site will remember your visit to, for example, an online shop.
You may see a shopping cart started but not completed on your previous visit, so you don’t have to add products to your shopping cart again.

WHETHER COOKIES MUST BE USED

Some cookies are necessary for the functionality of the website.
For example, the shopping cart function of an online shop is not possible without the use of certain essential cookies, so there is no need to ask for the user’s permission to use essential cookies.
Acceptance of cookies also significantly enhances the positive user experience of the web surfer.
If you disable cookies, you may be logged out of, for example, frequently visited websites that previously still remembered your login details.

WHETHER COOKIES ARE HARMFUL

A cookie is basically a file that is stored on your device when you visit different websites.
This small file contains a tiny amount of anonymous information about how you interact with our site during your visit.
Cookies are not harmful to computers or otherwise to the web surfer.
This plain text file cannot contain a virus.
As these cookie files are also very small in size, your computer’s memory will not be essentially full even if you allow them to be stored on your computer.

WHETHER A POP-UP WINDOW ABOUT COOKIES ON WEBSITES IS MANDATORY

In Finland, it was previously ruled that it is sufficient for websites to simply inform visitors about the cookie policy, and for them to be able to disable cookies independently in their browser settings.
Later, the Data Protection Ombudsman ruled that the visitor must be able to refuse cookies and that clear consent must be obtained for their use.

Traficom Cybersecurity Centre will continue to provide guidance in the same way as before, but the Data Protection Ombudsman’s guidance forces a rethink.
In practice, if you want to make sure that you comply with these provisions, you will need to obtain the user’s consent (pop-up) for the use of cookies.
It is not enough to ask for consent only for cookies, you must also have consent for other technologies that allow you to track users.
For example, many Finnish companies collect data for different platforms, such as Meta Business Suite or Google Analytics, in which case cookie disclosure becomes mandatory.
In addition, a few years ago, a case came to light where the Assistant Data Protection Ombudsman had ordered a company to change the way it had previously asked for consent to use cookies.
This case has prompted companies to think more carefully about their own approach to the use of cookies.

I would like to clarify here that your consent to the use of cookies is not primarily about the processing of personal data, but about the fact that this data may be stored on your computer, or that the data stored on these devices may be used later.

Have you got grey hairs on this topic? Want to know more?Book a free consultation (1-2h) at >by following this link<

Marika Sarajärvi
The author is an entrepreneur at Lappi Action Oy and the parent of an entrepreneurial family in the IT sector, read more >here>