Cookie banner
Swift comes with a cookie banner to implement basic cookie consent for visitors of the website.
When cookies are either accepted or denied, DynamicWeb’s cookie manager will respect the user choice and only set cookies categorized according to the consent given.
The acceptance or denial of cookies will also impact the level of tracking in Google tag manager because of GDPR regulation.
To set up the cookie banner:
- Open the cookie manager and check Enable Cookie manager
- Create pages with privacy policy and cookie policy information
- Open the Swift website-settings and locate the Cookie notice section - then:
- Set the privacy policy link
- Set the cookie policy link
- Select a Layout and set a banner/modal theme as appropriate
- Save
By default, Swift does not come with any cookies except the cookies set by DynamicWeb 10 to handle e.g. login information, cart content, and backend language and area selection.
To see an example of to customize how the cookie banner works and how to extend cookie banner functionality in Swift see the Swift website-settings documentation for custom header include.
Legal considerations
Caution
The information provided here is for general informational purposes only. It is not intended to be legal advice and should not be construed as such. For specific legal advice and assistance, please consult with a qualified attorney who specializes in data privacy and compliance matters.
A cookie banner can cover both GDPR (General Data Protection Regulation) and the ePrivacy Directive, commonly referred to as the Cookie Law, but it needs to be designed appropriately to ensure compliance with both sets of regulations.
GDPR Requirements
- Informed Consent: Users must be provided with clear and comprehensive information about the data being collected, the purpose of the data collection, and how the data will be used
- Explicit Consent: Users must give their explicit consent before any personal data is collected or processed. This consent must be a clear affirmative action
- Right to Withdraw Consent: Users should be able to withdraw their consent as easily as they gave it
- Data Protection: Personal data must be protected and processed in a way that ensures its security
ePrivacy Directive (Cookie Law) Requirements
- Prior Consent: Users must give their consent before any non-essential cookies are placed on their device. Essential cookies, which are necessary for the website to function, do not require consent
- Clear Information: Users must be informed about the types of cookies being used, their purpose, and how long they will be stored
- Cookie Settings: Users should be able to manage their cookie preferences and have the ability to accept or reject different categories of cookies
Key Elements of a Comprehensive Cookie Banner
- Clear Information: Provide detailed information about cookies, their purposes, and categories (e.g., necessary, preferences, statistics, marketing)
- Consent Options: Include options to accept all cookies, reject all cookies, or customize cookie preferences. This can be done through a “cookie settings” link or button
- Affirmative Action: Ensure that consent is given through a clear action, such as clicking an “Accept” button. Pre-ticked boxes are not considered valid consent
- Access to Policy: Provide easy access to the website's privacy policy and cookie policy for more detailed information
- Withdrawal of Consent: Offer a simple method for users to withdraw their consent at any time, such as through a cookie management tool or settings page on the website
The Swift cookie banner implementation tries to adhere to these requirements.
GDPR, tracking and the cookie banner
Accepting cookies on a website can also act as consent to track data that is categorized as personal data under GDPR regulations. This means that by agreeing to cookies, users are allowing the website to collect, process, and store personal data, such as IP addresses, browsing history, and other identifiers, which can be used for tracking and profiling purposes.
Explanation:
- Informed Consent: Users must be clearly informed that accepting cookies involves the collection and processing of their personal data
- Explicit Agreement: The consent to cookies must be a clear affirmative action indicating the user's agreement to the tracking and use of their personal data
- Scope of Consent: The cookie banner should explain what types of personal data will be collected, the purposes of tracking (e.g., analytics, personalized advertising), and how the data will be used
Example Message for a Cookie Banner:
By accepting cookies, you agree to the collection and processing of your personal data, such as your IP address and browsing behaviour, for purposes including analytics, personalized content, and targeted advertising. For more information, please see our Privacy Policy.
This ensures users understand that their consent to cookies also covers the consent required under GDPR for processing personal data.
This is important to understand when e.g. Google Tag Manager is also implemented as that some features in GTM can be considered tracking of personal information. On the policy page and the text you provide in the cookie banner will have to take that into consideration.
The Cookie banner and Google Tag Manager
Swift comes with a Google tag-manager implementation. Swifts tag-manager implementation relates to the cookie banner and the user’s acceptance of cookies and consent of tracking (GDPR).
Google Tag Manager Consent mode v2
We have implemented Consent Mode V2 based on Google's recommended implementation to comply with privacy regulations and user consent requirements, in alignment with EU data privacy laws (GDPR) and the Digital Markets Act.
We manage four key parameters based on user interaction with the cookie notification, following Google's recommendations:
- ad_storage
- ad_user_data
- ad_personalization
- analytics_storage
Please refer to Google's consent mode implementation guide for further details.
If full cookie consent is not granted in Swift Cookie banner, we set ad_storage, ad_user_data and ad_personalization to false to indicate that these parts is not consented by the visitor. It is then up to Google Tag Manager to adhere to these settings and leave out tracking of data GTM categorizes as personal data.
If consent is not granted, some UTM parameters may not be transmitted to GA4.
You can easily change the behaviour of the ad_storage, ad_user_data and ad_personalization and set some or all to true if cookie consent is not fully granted. We believe this would be a violation of the GDPR and Cookie legislation.
Regarding UTM parameters, be aware that GA4 supports only the following: utm_id, utm_source, utm_medium, utm_campaign, utm_term, utm_content, utm_source_platform, utm_campaign_id, utm_creative_format, and utm_marketing_tactic.
List of ecommerce events
The following ecommerce events have been implemented in Swift:
Event | Description |
---|---|
view_item_list | This event is used when the user has been presented with a list of items of a certain category. |
select_item | This event will signify that an item was selected from a list. |
add_to_cart | This event signifies that an item was added to the cart and is ready for purchase. |
add_to_wishlist | This event signifies that an item has been added to a wishlist. In Swift this would be when customers add products to the favorites list. |
remove_from_cart | This event signifies when items are removed from a cart |
view_cart | This event signifies that a user viewed their cart |
begin_checkout | This event signifies that a user has begun the checkout process |
add_payment_info | This event signifies that a user has submitted their payment information |
add_shipping_info | This event signifies that a user has submitted their shipping information |
purchase | This event signifies that a user has purchased on or more items |
You can read about each event in the GA4 event reference documentation.