This update is about making consent easier for visitors to give and for you to manage. Website owners, developers, agencies, and compliance teams all interact with consent in different ways, and this refresh aligns the public-facing banner and the admin-facing configurator.

The result is a clearer experience for visitors and a smoother setup behind the scenes.

If you’re already using iubenda, everything you rely on is still there. The change is in how it looks, how it feels, and how easy it is to configure.

A clearer banner for visitors

The new banner layout is cleaner, more structured, and easier to navigate.

It’s organized into three clear sections (header, body, and footer), with tabs that separate the notice from consent preferences. This helps make consent easier to understand and use, especially on mobile.

Purpose categories are shown with clear, pill-style indicators for Marketing, Functionality, Measurement, and Experience. Branding has also been refined, with logo colors that automatically adapt to your chosen theme.

Accessibility was a core focus. The new banner is designed to meet AAA contrast standards and improves touch targets and scrolling behavior, making it easier to interact across devices.

A configurator that’s easier to work with

The configurator has been redesigned to match the new banner, both visually and functionally.

As you customize settings, a live preview updates in real time. Color options are streamlined, settings are easier to navigate, and visual feedback is clearer as you make changes.

Each editable section also includes accessibility feedback to help you understand how design choices affect readability and contrast as you configure the banner.

Color customization is simpler now, too. Choose a primary color, and the banner automatically generates a balanced color scheme. All existing positioning and sizing options remain available.

A note on banner branding

For new websites created with the updated Privacy Controls & Cookie Solution, iubenda branding is visible by default and can be disabled from the Essential plan and above.

What hasn’t changed

All existing functionality remains intact. Integrations like TCF and Google Consent Mode continue to work as before. Pricing and plan features stay the same. Existing configurations are preserved.

What to expect 

New users started seeing the redesigned banner and configurator in December. Since then, we’ve been gradually expanding availability.

Selected users can switch existing websites to the new design via a manual toggle in the configurator, with gradual rollout to all users. Before any automatic migrations begin, we’ll first collect feedback from new users using the updated Cookie Solution to ensure everything runs smoothly. Automatic migrations will then roll out throughout 2026, starting with free websites in multiple phases.

All users will be notified well in advance via email before any changes take place, giving them ample time to review the update and prepare accordingly.

This phased approach helps us roll out improvements safely, without disrupting live sites. This update reflects how we think about consent: clear, accessible, and practical for real teams managing real websites. We’re excited for you to explore what’s new.

The post The redesigned cookie banner and configurator appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

The latest version, TCF 2.3, was officially announced on June 19, 2025, with updates that clarify vendor disclosure and strengthen accountability across the digital advertising ecosystem.

Here’s what’s changing, what it means for you, and how to get ready.

What is TCF 2.3? 

TCF 2.3 is the latest version of the IAB Europe Transparency and Consent Framework.

It’s the industry standard that helps publishers and advertisers operationalize with the GDPR and the ePrivacy Directive when processing personal data for digital advertising:

• It gives Consent Management Platforms (CMPs) like iubenda a standardized way to inform users and capture consent (or objections) for advertising.
• It makes sure consent signals are communicated consistently across the advertising supply chain, from your site to every vendor you work with.

What changes from the previous version?

TCF 2.2 (launched in May 2023) focused on implementing changes required by the Belgian Data Protection Authority and improving user-friendly descriptions. TCF 2.3 now tackles a different challenge: vendor disclosure ambiguity.

Mandatory “Disclosed Vendors” segment

The main change in TCF 2.3 is that the “Disclosed Vendors” section is now mandatory in all TC strings. Previously, it was optional.

– Clear binary signal: The Disclosed Vendors segment provides a simple indicator (1 = disclosed, 0 = not disclosed) specifying whether a vendor was shown to the user.
– Updated TC string structure: The string format now follows the following pattern [Core segment].[disclosedVendors segment].[Publisher TC].
– No more ambiguity: Vendors can now confirm whether they were properly disclosed to users before processing data.

Why this change? 

Under TCF 2.2, some vendors faced uncertainty in scenarios where it wasn’t clear whether they’d been disclosed to the user.

For example, when a CMP registered a user objection under Legitimate Interest, a vendor couldn’t always tell whether they’d actually been shown to the user. This distinction matters because vendors must be disclosed to users as part of meeting transparency obligations before processing data, including for Special Purposes.

By making the Disclosed Vendors segment mandatory, TCF 2.3 removes this ambiguity. This means cleaner signals across your advertising stack and fewer issues with vendor data processing.

What’s the timeline for implementation?

Here are the key dates to keep in mind:

June 19, 2025: TCF 2.3 officially announced and technical specifications released.

October 2025: Google confirmed its systems can accept and process TCF 2.3 strings.

February 28, 2026: Mandatory deadline. All CMPs and vendors need to support TCF 2.3. Support for new TCF 2.2 strings ends on this date.

Good to know: TC strings generated on or after February 28, 2026 must follow TCF 2.3 specifications. TCF 2.2 strings created before that date will still be valid.

If you use Google AdSense, Ad Manager, or AdMob in the EEA, UK, or Switzerland, you’ll need TCF 2.3 support by February 28, 2026.

Google has confirmed its systems can accept and process TCF 2.3 strings. If you miss the deadline, your ad requests may default to Limited Ads serving, which can reduce demand/personalization and impact revenue. The good news? With iubenda, no need to worry. We’ve got you covered.

What does this mean for iubenda customers?

If you’re using iubenda’s Privacy Controls and Cookie Solution, you’re all set. Our CMP already handles TCF 2.3 requirements.

Here’s what’s next for you:

• If you’re ready now: Set tcfVersion = 2.3 in your configuration to start using TCF 2.3 signals immediately. This is a good choice if you want to test the new signals with your ad stack before the mandatory date.

• Prefer a hands-off approach? Let us handle it: We’ll automatically switch your signals to TCF 2.3 after the February 28, 2026 deadline. You don’t need to do anything.

No banner changes needed: TCF 2.3 is a technical update. Your consent banner interface stays exactly the same.

No new data collection: This update doesn’t introduce new categories of personal data or expand data processing purposes.

Your users won’t notice: The change happens behind the scenes. The new TC string automatically generates the next time someone interacts with your consent notice.

More on this topic:

• Mobile apps and CTV: for this type of implementation, you may need to update to the latest version of our SDK. We’ll share detailed guidance closer to the deadline.
• Make sure to review your vendor list and confirm your vendors are registered on the updated Global Vendor List.

Over to you

Questions about TCF 2.3 or your setup? Reach out to our support team at info@iubenda.com.

The post Transitioning to IAB’s TCF 2.3: what you need to know appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

If you run a website or app, handling privacy isn’t optional; it’s the baseline. Between the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and the incoming wave of global regulations, staying on top of consent isn’t just about ticking boxes or avoiding legal headaches. It’s about building trust, protecting your business’ revenue, and even improving marketing performance.

But with so many tools out there, from free WordPress plugins to full-blown enterprise suites, how do you know which one’s right for you?

In this post, we’ve rounded up 9 of the most popular consent management platforms and broken them down in plain English.

We’ll cover everything including features, ease of use, pricing, and overall function. And you’ll also find a table below to compare the different platforms at a glance, so you can see which one might be best.

Consent management platform comparison: At a glance

Scroll →

	iubenda	consentmanager	Complianz	Cookiebot	Usercentrics	Piwik PRO	Termly	Didomi	Enzuzo
Legal policy generator included
Built-in banner & consent records
Notifies you as laws evolve
Multi-language support
Integration options	WordPress, Shopify, Google Tag Manager, Wix, Webflow, Squarespace, Joomla, PrestaShop, Magento, Drupal, Zapier, and more	WordPress, Joomla, Typo3, Drupal, eZ Publish, Magento, phpWiki, PrestaShop, osCommerce, OXID eShop, WooCommerce, and more	WordPress and Shopify	WordPress, Google Tag Manager, Wix, Squarespace, Shopify, custom websites	WordPress, Shopify, Google Tag Manager, Adobe Experience Platform, custom websites, enterprise-level platforms	Google Tag Manager, Google Analytics, custom websites (primarily focused on analytics integration)	WordPress, Google Tag Manager, Shopify, Squarespace, Wix, Webflow, custom websites	WordPress, Shopify, Google Tag Manager, custom APIs, etc.	Shopify, Webflow, Wix, WordPress, etc.
Ease of use	Very easy (quick setup and configuration)	Moderate (but very powerful)	Easy for WordPress and Shopify users	Simple setup, difficult to use interface	Complex	Less intuitive to use	Very easy	Requires custom setup	Moderate
Lawyer-backed policies	Written and maintained by legal experts	Recommended by lawyers and data protection experts	Written and maintained by legal experts	Unclear		Unclear		Unclear
All-in-one digital compliance suite
Consent rate optimization
Customer satisfaction	4.7/5 (Capterra)	5/5 (G2)	4.8/5 (WordPress)	2.3/5 (Trustpilot)	3.1/5 (Trustpilot)	4.6/5 (G2)	4.3/5 (G2)	4.6/5 (G2)	3.6/5 (Trustpilot)
Price	Free plan available. Paid plans from €4.99/month	Free plan available. Paid plans from €23/month	Free plan available. Paid plans from €59/year (less than €5/month)	Limited free plan available. Paid plans from €7/month	Paid plans from €7/month	Paid plans from €35/month	Free plan available. Paid plans from $10/month	Call for custom quote	Limited free plan available. Paid plans from USD $9/month
Recommended for	Businesses of all sizes	Enterprise businesses	WordPress and Shopify users	Mid-sized businesses	Large websites and enterprise businesses	Organizations in regulated sectors like finance, government, and healthcare	Small to medium businesses, startups, and freelancers	Enterprise businesses	E-commerce businesses of all sizes

What is a consent management platform (CMP), and how does it work?

A consent management platform (CMP) helps website and app owners collect, manage, and document user consent in line with privacy regulations like the GDPR, CCPA, and more. In a nutshell, it’s what powers the cookie banner you see when you first land on a site. But the best ones go much deeper than that, providing tools that help you improve consent rates and boost conversions to help you grow your business.

At a basic level, a CMP lets users decide what data they’re comfortable sharing. But behind the scenes, it also needs to:

• Block cookies and tracking scripts until a user gives consent
• Store and log consent preferences
• Provide options for users to withdraw or update consent
• Stay aligned with legal requirements that change over time

What should you look for in a consent management platform?

Not all tools are built the same. Here’s what actually matters when choosing the right consent management platform:

• Ease of setup – Are you comfortable spending hours tweaking code or bringing in developers to do so?
• Regulation coverage – Does it support GDPR, CCPA, and other privacy laws?
• Customization – Can you adapt the look and feel to your brand?
• Legal reliability – Are the policies and mechanics backed by actual legal experts?
• Automatic notifications – Does it automatically notify you of evolving laws or will you have to scramble last minute to manually check them yourself?
• Performance impact – Does it run smoothly without slowing your site down?
• Integrations – Does it integrate with CMS systems like WordPress or online stores like Shopify?
• Built-in Google Consent Mode – Does it help you recover marketing data when users reject cookies, especially for Google Ads and Analytics?
• IAB’s TCF – Does it share user consent with ad partners so you can run ads easily and get closer to compliance?
• Customer support – When you run into issues, can you reach a real person who helps quickly? Or will you wait weeks for a response? Check review sites like Trustpilot and G2 to see how each platform treats customers when things go wrong.

The best platforms for cookie consent and data compliance

1. iubenda

Unlike standalone CMPs, iubenda offers a complete digital compliance suite in one connected platform: cookie banners, privacy policies, terms and conditions, consent records, internal compliance solutions, accessibility solutions, and more.

It’s a solution that real legal experts back. And over 150,000 companies worldwide use it, from solopreneurs to giant enterprises, to help them get closer to compliance. And it goes beyond compliance too. With iubenda, you have access to solutions that help you improve user experience and increase consent rates, ultimately boosting conversions, trust and customer loyalty over the long run.

Standout features

• The auto-scan feature automatically scans your website for cookies, trackers, and third-party services to identify which disclosures you need in just a few minutes
• Customizable cookie banners integrate with Google Consent Mode v2
• Consent database and logs store records in a compliant format
• Easily manage and store consent across multiple platforms, handle data subject requests and whistleblowing reports, optimize newsletter opt-ins for better marketing, and more
• Easy plugin integrations for WordPress, Shopify, and more
• Up to 27 languages and coverage for global privacy laws (GDPR, CCPA/CPRA and other US State Laws, LGPD, and more)
• Notifies you as laws evolve

Best for

Businesses of all sizes looking for an easy-to-use, attorney-quality solution that offers everything they need to set up for compliance.

Pros

• Offers a full suite of compliance solutions in one place
• Real lawyers build and maintain the entire suite
• Easy setup. Simply copy and paste one line of code and tweak what you need
• Creates a simpler, faster consent experience that helps reduce bounce rates and increase conversions
• Great customer support that stays with you until your issue is resolved

Cons

• You’ll need a paid plan to access multiple languages and the Terms and Conditions Generator

Pricing

• Free plan available with everything you need for low-traffic sites
• Paid plans start around €4.99/month, depending on your needs
• Flexible pricing based on which solutions you activate, so you never pay for more than what you actually need

What people say

Users consistently highlight responsive customer support and ease of use. Reviewers mention that support agents stay with them until issues are resolved, and praise how the platform simplifies compliance without requiring legal expertise.

2. consentmanager

consentmanager is a consent management platform built for compliance and performance, offering customizable cookie banners, reporting tools, and optimization features to help businesses manage consent while improving user experience.

Standout features

• Highly customizable: 200+ design options, flexible targeting by country, browser, device, and more
• Detailed reporting: Analyze consent behavior by region, device, design variant, and other dimensions
• A/B testing and machine learning optimization to improve consent rates over time
• Auto-blocking and integrated crawler for compliance monitoring
• Predefined texts in over 35 languages
• Fully compatible with IAB’s Transparency and Consent Framework
• Google certified and Google Consent Mode v2 integrated
• EU-only data storage

Best for

Enterprise companies with complex digital portfolios, publishers, and e-commerce teams looking for detailed consent analytics.

Pros

• Flexible customization options (design, targeting, variants)
• Strong reporting for marketing and growth teams
• Compatibility mode makes switching from other CMPs easier

Cons

• The interface can be a bit tricky for first-time users

Pricing

• Free plan available
• Paid plans start from €23/month, depending on number of websites and views per month

What people say

Users appreciate the responsive customer support and highlight the A/B testing capabilities. Some report the interface has a learning curve.

3. Complianz

Complianz is a WordPress and Shopify plugin designed to make privacy compliance more manageable. It covers cookie consent, legal documents, and regional compliance rules (GDPR, CCPA, and more).

Standout features

• Designed specifically for WordPress and Shopify
• Research team regularly updates clause library to reflect the latest law changes
• Flexible banner designs
• Smart site scanner that automatically detects and handles cookies in use before visitors see them
• Region-specific banner behavior (e.g., GDPR vs. CCPA)
• Legal documents in multiple languages

Best for

WordPress and Shopify users who want privacy features that work smoothly out of the box.

Pros

• Trusted by 1 million users
• Quick and easy setup
• Helps build brand transparency and trust
• 30-day money-back guarantee

Cons

• You need a paid plan for the more advanced features

Pricing

• Free plan available
• Paid plans start from €59/year (less than €5 a month)

What people say

Reviewers report easy installation, a user-friendly interface, and solid compliance features. A go-to choice for WordPress and Shopify users who want privacy tools that just work.

4. Cookiebot

Cookiebot scans your site for cookies, categorizes them, and helps you display a compliant cookie banner.

Standout features

• Automatic cookie scanning and categorization
• Multi-language support
• Compatible with Google Tag Manager and Consent Mode
• Cookie banner creation

Best for

Mid-sized businesses that want consent features with a focus on automation.

Pros

• Simple setup

Cons

• Can’t create legal documents
• The interface isn’t intuitive and can be difficult to use
• Banners aren’t easily customizable

Pricing

• Free plan with limited features available
• Paid plans start from €7/month and increase in price if you have more than a certain number of subpages

What people say

While some users find initial setup straightforward, many report frustration with unexpected price increases, billing disputes, and difficulty reaching customer support.

5. Usercentrics

Usercentrics is a consent management platform with a focus on marketing, offering analytics tools that give users insights into their web audiences.

Standout features

• Data control and user segmentation
• Analytics and consent audit tools
• Affiliate and partner programs
• Customizable banners
• Multilingual support

Best for

Enterprise-level businesses looking for detailed control and integrations.

Pros

• Offers tools for consent rate optimization
• Fully customizable

Cons

• Difficult setup, especially if you need more complex integrations
• The cookie management tools and user interface are trickier to navigate if you’re less tech-savvy

Pricing

• Plans start from €7/month for basic features
• No free plans but there is a 14-day trial

What people say

Users value the compliance tools and customization options. However, many report confusion around pricing, with unexpected plan upgrades based on session counts that can lead to billing spikes. Support response times are also frequently cited as slow.

6. Piwik PRO

Piwik PRO offers analytics software built with privacy in mind, along with consent management features to help align with regulations. It positions itself as a more compliant alternative to Google Analytics.

Standout features

• Full analytics suite with consent tracking built in
• Server location controls

Best for

Businesses in regulated sectors like finances, government, and healthcare.

Pros

• Clear documentation and onboarding support

Cons

• Its interface is less intuitive than other platforms
• Overall features can be limited, depending on what you need
• Lacks flexibility with third-party integrations

Pricing

• No free plans but it does offer a 30-day free trial
• Paid plans start at €35/month
• Scaling is pricier, with Enterprise plans starting at €366/month

What people say

Users on G2 praise the analytics, but many report integration issues and limited CMP-specific features.

7. Termly

Termly is a lightweight tool that combines consent management with policy generators. It’s aimed at small businesses and freelancers who want basic compliance tools.

Standout features

• Automatic cookie scanning and script blocking
• Built-in policy generators
• Google Consent Mode v2 compatible

Best for

Small businesses, bloggers, and freelancers with basic compliance needs.

Pros

• Simple setup process
• Free plan available

Cons

• Limited to one domain per license (costs add up for multiple sites)
• Customization options are limited
• Some users report slow customer support response times

Pricing

• Free plan available with capped monthly pageviews
• Paid plans start from $10/month

What people say

Users find the setup straightforward. Some report limitations with the free plan when accessing certain features.

8. Didomi

Didomi provides consent management along with real-time data tools to help enterprise businesses understand and optimize user experiences.

Standout features

• Real-time consent data dashboards
• Customizable banners and forms
• CRM and ad tech integration

Best for

Large, global enterprise businesses.

Pros

• Solutions are scalable for large organizations
• Fully customizable

Cons

• Users find it hard to use at first
• It requires a lot of customer support to implement and response times can be slow

Pricing

• It doesn’t offer a free plan
• Didomi doesn’t seem to publish their pricing online, so you need to call for a custom quote

What people say

Users praise integration options but report frustration with the interface, steep learning curve, and slow support response times.

9. Enzuzo

Enzuzo is a lightweight tool that helps you manage cookie consent, handle data subject requests, and create legal policies. Its focus is on providing support in the e-commerce space, with solutions for Shopify and mobile apps.

Standout features

• Multi-language support
• Real-time consent analytics
• Supports mobile apps

Best for

Businesses in the e-commerce space.

Pros

• Simple installation
• Easy to understand and use

Cons

• Isn’t as customizable as other options
• Customer support can be limited

Pricing

• Free plan comes with limited features
• Paid plans start from USD $9/month for basic compliance tools

What people say

Users like the smooth Shopify integration and ease-of-use, but many express frustration with billing issues and limited customer support availability.

The best consent management platform

Your consent management platform shouldn’t just help you meet today’s legal standards, but help you boost consent rates to grow your business, while keeping you ready for what’s next. The right tool makes compliance easier, not harder; it works in the background, keeps you aware of regulation changes, and protects your users’ trust at every touchpoint.

When evaluating your options, prioritize platforms that offer lawyer-backed policies, auto-scanning, and Google Consent Mode v2 support. iubenda is one example that checks these boxes.

With the right CMP, you won’t just be well on your way to greater compliance, but have a powerful tool to grow your business.

The post A guide to choosing the best consent management platform: Features, pros & pricing appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Privacy-first ad performance

Unlock the full potential of Microsoft advertising

Boost your advertising campaigns while keeping on the road to compliance.

With iubenda’s Privacy Controls and Cookie Solution, you can easily activate Microsoft UET Consent Mode. Once you install the cookie banner, Consent Mode is activated by default – giving you privacy-first ad performance without sacrificing insights.

Ready to optimize your campaigns while staying compliant?

Set up Consent Mode

Available for all plans, including the Free one!

Trusted by over 140,000 clients in 100+ countries

Why choose Microsoft UET Consent Mode?

Microsoft UET gives you access to powerful advertising features, but today’s privacy regulations require proper consent management. Microsoft UET Consent Mode ensures you can use these capabilities while staying compliant:

Advanced advertising features: Measure online goals, get actionable recommendations, and track comprehensive engagement goals for your campaigns.

Smart audience targeting: Access essential features like remarketing, in-market audiences, and dynamic remarketing to reach your ideal customers.

Powerful bidding automation: Maximize conversions with advanced strategies like Target CPA and Enhanced CPC to optimize campaign performance.

Enhanced performance optimization: Improve ad performance, achieve better broad matching, and leverage the full partner network for wider reach.

Stay compliant with privacy regulations automatically as UET Consent Mode adjusts data collection based on user preferences.

Get Microsoft UET Consent Mode in three easy steps

STEP 1

Configure your consent banner

Answer a few simple questions, and go with iubenda’s automatic configuration or totally customize your banner and consent collection.

STEP 2

Install it on your site

Copy and paste the provided code into your website or choose from one of our dedicated plug-ins. Everything else is automatic, including Microsoft UET Consent Mode setup.

STEP 3

Unlock powerful advertising features

Start leveraging full advertising functionality while respecting your users’ consent choices since Microsoft UET Consent Mode is built into your iubenda CMP.

Get started now

More than compliance

With iubenda, your journey to compliance comes with added benefits:

Professionally prepared legal solutions

Developed by international legal experts to get complete coverage under GDPR, ePrivacy, the CCPA, and more.

Automatic updates

Stay current with evolving regulations through automatic cookie banner updates from our legal experts whenever regulations change.

Scanning and alerts

Our scanner continuously checks your site for compliance issues and alerts you as needed.

Flexible integration options

Choose from embedding code, using platform widgets, or leveraging our SDK.

Automated prior blocking

Block nonessential cookies until user consent is given.

Consent statistics

Gain insights into consent rates and optimize your cookie banner accordingly.

Trusted by over 140,000 clients in 100+ countries

The post Microsoft UET Consent Mode appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

In this article, we’ll walk you through the key improvements in our redesigned Privacy and Cookie Policy Document, highlight the features of the new design, and explain how these changes make compliance easier for businesses and users alike.

Why the Privacy and Cookie Policy Redesign?

Legal documents like privacy policies and cookie policies are often seen as dense, inaccessible, and challenging to navigate. At iubenda, we believe these documents should be tools for clarity and trust, not barriers. The redesign transforms compliance documents into user-friendly hubs of information, aligning with our mission to:

• Provide transparent and easy-to-understand data privacy practices.
• Centralize key features like cookie and email preferences, data subject rights, whistleblowing tools, and more.
• Enhance readability and usability with an intuitive layout.

What’s New: The Redesigned Privacy and Cookie Policies

The redesigned Privacy and Cookie Policies are more than just a visual refresh—they’ve been completely restructured to prioritize clarity, accessibility, and ease of use. Here’s what you can expect:

Feature	NEW Design	Old Design
User-Focused Layout	The new design introduces a clean, modular structure. Sections are clearly delineated, and a dynamic table of contents helps site visitors quickly find relevant information. Icons and visual cues guide site visitors to important sections like data rights and cookie preferences, improving navigation and readability. [+]	The original layout was text-heavy, with little visual hierarchy. Information was presented as lengthy paragraphs, making it hard for users to locate specific details. [+]
Summarized Information for Quick Access	A Summary section at the top provides an easy overview of key aspects, such as what data is collected, how it’s used, and who processes it. Legal jargon is minimized, and key points are summarized to make the policies easier to digest. [+]	With the old design, users had to sift through dense text to extract relevant information. [+]
Integrated User Controls	The new design integrates user controls directly within the Privacy and Cookie Policy, allowing users to manage their privacy preferences, opt out of data processing, and access important documents without leaving the page. [+]	In the old design, privacy settings and cookie preferences were dispersed across multiple interfaces, requiring users to navigate away from the document. [+]
Enhanced Accessibility and Mobile Optimization	The new design follows best practices for accessibility, including mobile optimization, screen reader compatibility, and a responsive layout that adapts seamlessly to different screen sizes. [+]	The old design had limited mobile compatibility and often resulted in poor user experiences on smaller screens. [+]

Key Improvements in the New Design

Here is a detailed comparison table showcasing the differences between the old and new Privacy and Cookie Policy designs:

Feature	NEW Design	Old Design
Visual Layout	Modular sections with clear icons and summaries, for a professional look.	Dense, text-heavy paragraphs with no structure.
Navigation	Clickable table of contents for quick access to sections.	Static layout, requiring users to scroll.
Content Presentation	Simplified language and summaries, written in plain terms.	Complex, legal language that’s hard to understand.
Icons and Visual Cues	Icons guide users to important information and sections.	No visual cues, making it harder to navigate.
User Tools Integration	Integrated tools for managing preferences, requesting data access, and submitting forms.	Limited functionality, requiring users to navigate multiple interfaces.
Mobile Optimization	Fully responsive design for seamless use on any device.	Limited mobile compatibility and readability.
User Empowerment	Clear instructions and actionable tools within the policy.	No clear action steps for users.
Transparency	Transparent and user-focused design, outlining data practices in plain language.	Overwhelming and hard to digest.
Widgets/Integration	Legal Center widget for easy access to privacy tools, placed conveniently in the website footer or app.	No widget or centralized integration for privacy tools.

How the New Privacy and Cookie Policy Design Works

Whether you’re already using iubenda to manage your Privacy and Cookie Policies or you’re considering it for the first time, here’s what you need to know:

• New Documents: If you’re creating a new Privacy or Cookie Policy from February 2025, the redesigned structure will be automatically applied. You don’t have to do anything—just create your document as you normally would, and the new format and design will be applied by default.
• Existing Documents: For users with existing policies, the new structure won’t automatically apply. You’ll need to activate the new design manually. This can be done simply by activating a toggle to update your existing documents to the new layout. Here’s how:

Step-by-Step Guide to Activating the Redesigned Privacy and Cookie Policy Document

If you’re ready to take advantage of the new, streamlined design for your existing Privacy and Cookie Policy documents, follow these simple steps to activate the updated layout:

1. Go to the Embedding Section
   Navigate to the embedding section of your Privacy and Cookie Policy document in your iubenda Dashboard.
2. Activate the New Design
   Look for the toggle switch labeled “ Try out the new Privacy and Cookie Policy document design!” and turn it on.
3. And that’s it! Your Privacy and Cookie Policy will now reflect the new, user-friendly design.

Check Out the Redesigned Layout

Here’s a quick look at what the redesigned Privacy and Cookie Policies look like:

• Modular Layout: Each section is neatly organized into collapsible panels. Users can click to expand or collapse sections as needed.



• Summary at the Top: Key information about the data you collect, its purpose, and your data protection practices is presented in an easy-to-read summary right at the beginning.



• Table of Contents: A clickable table of contents allows users to jump directly to relevant sections (e.g., Types of Data collected, Definitions and legal references, etc.).



• Interactive Controls: Site visitors can manage their privacy preferences directly from the document, with options to opt out of data processing, manage cookie settings, and more.



• Access Supporting Documents: Easily download related documents like the Privacy Policy, Cookie Policy, or Terms and Conditions for reference. These documents are now accessible with a simple click, helping users find all necessary information quickly.

Why You Should Update Your Documents

While new users will automatically benefit from the redesigned documents, it’s crucial for businesses to update their existing Privacy and Cookie Policies to reflect the new design and format. Here’s why:

• Clarity and Transparency: The redesigned documents present information in a much clearer and more accessible way, which helps build trust with your users.
• Improved Compliance: The new layout follows best practices for data privacy, making it easier for businesses to comply with regulations like GDPR, CCPA, and others.
• Better User Experience: With simplified language, intuitive navigation, and integrated controls, your users will appreciate the enhanced experience.

The redesigned Privacy and Cookie Policies mark the first phase of our efforts to make compliance even easier and more transparent. Whether you’re creating a new document or updating an existing one, the new structure helps simplify complex legal information and empowers both businesses and users with better control over data privacy.

The post The New Privacy and Cookie Policies: Refined, Simplified, and User-Friendly appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Gold CMP Partners are CMPs that meet specific technical requirements for the implementation of Google Consent Mode, and that demonstrate outstanding customer service.

We’re proud of this certification because it highlights our continued efforts to provide you with a reliable solution that supports your business.

iubenda is fully integrated with Google’s services

Moreover, iubenda is also one of the Consent Management Platforms that is directly integrated into Google Ads, Google Analytics and Google Tag Manager.

This new feature simplifies consent management for Google users, making it easier than ever to manage user consent and to meet the EU User Consent Policy.

You can now create your cookie consent banner with Google Consent Mode support without leaving your dashboard in Google Ads, Google Analytics, or Google Tag Manager. In just a few clicks, iubenda’s CMP will be up and running!

We support you every step of the way

From the very beginning, our goal has been to support your compliance journey – making it easier for your business and giving you peace of mind.

Being a Google Gold CMP Partner allows us to take our goal even further.

About us

Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.

www.iubenda.com

The post iubenda is a Gold CMP Partner, fully integrated with Google’s services appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Geolocation is a powerful feature that allows you to customize your website’s consent banner based on the user’s geographic location. This is particularly important because privacy regulations like GDPR in the European Union and various state laws in the United States, such as the CCPA in California, have distinct requirements.

With iubenda, you can set up different consent banners to comply with these varying regulations, ensuring a seamless user experience while maintaining compliance.

• How Does Geolocation Work?
• Implementing Geolocation for Cookie Banners
• Step-by-Step Implementation

How Does Geolocation Work?

In short, Geolocation works by detecting the user’s location and displaying a consent banner tailored to the specific legal requirements of that region. 

Geolocation uses a combination of IP address detection, location-based services, and sometimes additional user-provided information to determine the geographical location of a website visitor. 

Here’s a deeper look into the process:

1. IP Address Detection: When a user visits your website, their device’s IP address is identified. This IP address is a unique identifier assigned to each device connected to the internet and can be used to approximate the user’s location. While not pinpoint accurate, IP address detection can reliably determine the user’s country or region.
2. Location-Based Services: Some advanced Geolocation systems may use more precise location-based services, especially when integrated with mobile devices or applications that have access to GPS data. This allows for more accurate targeting, such as distinguishing between different states in the US or specific regions within a country.
3. Database Mapping: The detected IP address is then matched against a database that maps IP addresses to geographical locations. This mapping provides details such as the user’s country, region, state, and even city. The accuracy of this mapping can vary, but for the purposes of regulatory compliance, it is typically sufficient to distinguish between major legal jurisdictions.
4. Decision-Making Logic: Once the location is identified, the system applies predefined rules to determine which consent banner to display. For example, if the system detects a user from the European Union or the United Kingdom, it will trigger the GDPR-compliant banner, ensuring that all required information is presented and proper consent is obtained for cookie usage. Conversely, if a user is identified as being from California, the banner will comply with the California Consumer Privacy Act (CCPA), which has different requirements.
5. Customization and Flexibility: Geolocation isn’t just about legal compliance; it can also be used to customize content based on location, such as language preferences or local promotions. For instance, a site could display content in German for users from Germany or highlight specific products available in a particular region. This enhances the relevance of the information provided to users, improving their overall experience.
6. Continuous Updating: Geolocation systems are continually updated to reflect changes in IP address allocations, new legal requirements, and advancements in location detection technology. This ensures that the Geolocationremains accurate and that the appropriate consent banners are displayed as regulations evolve.

By leveraging these technologies, Geolocation helps businesses navigate the complex landscape of global data protection laws. It ensures that users are presented with the correct information based on their location, protecting both the user’s privacy rights and the business’s compliance obligations.

Activate Geolocation Compliance Settings with iubenda

At iubenda, we strive to help businesses comply with laws all around the world. Our geolocation-based consent settings in our Privacy Controls and Cookie Solution product is a good example.

What makes this feature relevant to your business?
Geolocation for compliance is an important feature to consider when your website is accessible by users in various regions with different privacy laws, like Europe and the US.

Each legislation has its own requirements in terms of disclosures to be made on the banner, prior blocking of cookies, opt-in or opt-out mechanisms…

Please consider that our geolocation feature is available exclusively in our Advanced and Ultimate plans. 

If on the Free, Starter or Essentials plans, go to your website’s dashboard and click on “Upgrade” on the top left:

More detail on our pricing page

Step-by-Step Implementation

Once you activate the geolocation-based feature, you can display a cookie consent banner tailored to visitors based on their specific region or country. With iubenda, you can configure geolocation settings independently for each regulation. To set it up, follow these steps:

• Log in to your iubenda Dashboard and go to the project you want to configure
• Navigate to the Privacy Controls and Cookie Solution Generator, and click “Edit”
• Once in the Configurator, depending on the regions you want to comply with and edit, navigate to the relevant section—whether it’s GDPR for Europe, LGPD for Brazil, US State Laws, or the Swiss data protection framework—and click “Edit“

• Set it to “Manual configuration“
• Scroll down to the bottom and adjust the configuration settings:
  • For GDPR: Change “All users” to “Users in Europe only”.
  • For LGPD: Change “All users” to “Users in Brazil only”.
  • For US State Laws: Change “All users” to “Users in US only”.
  • For Switzerland: Change “All users” to “Users in Switzerland only”.

Example for the US State Laws

• Save Your Changes

That’s it! The geolocation feature will now help you display the correct consent banner to users based on their location, helping your website stays compliant with various global privacy regulations.

The post Introduction to the iubenda Geolocation Feature appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

A subscription is a recurring payment model where customers pay regularly (e.g., monthly, annually) for continuous access to a product, service, or content. This model also allows for automatic renewals, ensuring uninterrupted usage until the subscriber cancels. It’s popular for services like streaming, magazines, and software. Subscriptions provide convenience for users and stable revenue for providers.

iubenda Subscription Clauses

To add these clauses:

Navigate to Business model > Payments and user rights > Subscriptions > Add subscription-related clauses.

Country-specific rules

Brazil

Suppliers should inform about renewals 30 days in advance.

Czech Republic

Users must be sufficiently informed in advance about automatic renewals/automatic subscription extension. Notifications should be sent via email or preferred communication methods. Fixed-term subscriptions with no automatic renewal/automatic subscription extension are acceptable, while those with automatic renewal require prior user notification. If not agreed otherwise, open-ended subscriptions may be terminated at the end of a calendar quarter with three months’ notice.

Denmark

For B2C:

• Subscription services can be non-terminable by consumers for up to five months. After this period, they must be terminable with one month’s notice (however, a shorter binding period, such as two months can also be agreed upon).

This general rule does not apply for fixed-term subscriptions with no automatic renewal if (1) delivery of the goods or services must take place within a year from entering the agreement, (2) the total value of the services or goods delivered under the agreement is less than DKK 2,000, and (3) payment in full is made no longer than 14 days after entering the agreement. Practical examples are annual passes to e.g. the Zoo, a museum etc. Instead, this will be defined as a consumer purchase subject to a 14-day right of withdrawal.

• Specific rules apply to services like mobile subscriptions and electricity delivery.

For B2B:

• Termination terms can be agreed upon freely.

Germany

Subscriptions to consumers cannot exceed an initial term of two years. This is based on the German “Gesetz für faire Verbraucherverträge” and is mandatory when targeting Consumers in Germany.

On March 1st, 2022, Germany’s new act for fair consumer contracts came into effect. The most relevant provisions regard the termination of subscription contracts for the provision of goods or services over time. 

All subscription plans are affected by the new criteria. Contracts and terms and conditions must be updated accordingly:

Greece

Termination must occur within a “reasonable time,” which can be specified in the T&C.

“Reasonable time” is not determined by the applicable legal framework but is interpreted ad hoc.

Italy

The supplier must send the consumer a notice in writing, via SMS, or through another electronic means indicated by the consumer, at least 30 days before the automatic renewals/automatic subscription extension.

Sweden

Auto-renewal is permitted if:

a) Conditions for auto-renewal are clear.

b) The deadline set for the consumer to terminate the contract and avoid auto-renewal is not unreasonably early (no more than 30 days prior to the end of an ongoing term is advisable for agreements that run for a year at a time).

c) Reminders are sent in writing, at least a month before the deadline.

The requirement to remind the subscriber in due time before auto-renewal does not apply if the agreement can be canceled with three months’ notice (or less) after renewal. Agreements that are renewed one month at a time (e.g., digital content subscriptions) therefore do not call for reminders to be sent in accordance with (c) above.
If the supplier fails to send a written reminder in accordance with (c) above, the user will be entitled to terminate the agreement immediately at any time during the new subscription period.

The rule described stems from specific legislation and court practices that target fixed-term subscriptions that are auto-renewed. As regards trial periods, in principle, free trial periods that are converted into paid subscriptions should also be treated as fixed-term subscriptions in accordance with the principles below:

• a free trial period that is converted into a paid, fixed-term subscription should be regarded as a “Fixed-term subscription” with automatic renewal; 
• a trial period converted into an open-ended subscription (i.e. extended monthly until further notice) should be treated as a “Fixed-term subscription” with automatic subscription extension, etc.

Switzerland

The following minimal criteria are required for automatic renewal to potentially hold up on a case-by-case basis:

• Explicit reference to automatic contract renewal upon conclusion of the contract, and;
• Explicit information about the cancellation (notice) period when the contract is concluded, and;
• Explicit notice of impending contract renewal in good time so that there is sufficient time to terminate the contract, and;
• No excessive restrictions for termination (such as only termination by fax is accepted). 

For fixed-term subscriptions with automatic renewal, upon renewal, according to case law, a right of termination at any time with a maximum notice period of two months is established.

Subscription models offer significant benefits but require careful consideration of country-specific regulations. By using iubenda’s clauses and understanding the rules in different countries, businesses can ensure compliance and maintain transparent relationships with their customers.

The post Understanding Subscription Models and Compliance with Country-Specific Rules appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

WordPress Plugin for Google Consent Mode v2

iubenda’s All-in-one Compliance WordPress plugin is the easiest way to activate Google Consent Mode

Download the plugin, install it on your WordPress site and the automatic configuration will instantly enable Google Consent Mode

Start now

Enable Google Consent Mode
3 easy steps with iubenda

Step 1

Download and install the plugin

Go to the WordPress repository and download iubenda’s plugin. Install it on your website and follow the instructions for the implementation.

Step 2

Configure the cookie consent banner

If you’re not sure, you can also use the automatic configuration and we’ll suggest the best implementation for your website.

Step 3

Enable Google Consent Mode

Once the consent banner is live, Google Consent Mode v2 will be automatically enabled on your WordPress website.

Is Google Consent Mode already active on your website? Check here!

Why you should use Google Consent Mode on WordPress

Starting March 2024, to keep using Google services functions like targeting and conversion tracking for EU users, you are required to add Consent Mode to your website. To handle all this, Google recommends working with a Google CMP Partner, like iubenda.

“iubenda stays on top of the laws around the world, so they adjust and add more stuff to help users comply with new laws.”

+100,000

Active installs
on WordPress

The post WordPress Plugin for Google Consent Mode v2 appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Zapier makes iubenda even better

Set your internal data free, and automate compliance tasks across multiple services with iubenda and Zapier.
We bring more than a decade of experience in digital privacy to your projects, and with powerful partners like Zapier, we have the technology to help your team quickly adapt to changes to your customers, your business and to major privacy laws.

What do you get with iubenda?

Top-notch tech that makes it easy to meet complex privacy standards.

A full-featured software suite backed by an international team of lawyers.

A robust Site Scanner that effortlessly helps identify services that you need.

Tools and policies that are updated constantly to help you stay compliant as the law changes.

The confidence of working with a Google-certified Consent Management Partner.

One convenient dashboard to manage cookie banners, privacy policies, terms and conditions and more — for all your projects.

Read what real customers are saying

Join 100k+ Happy Clients

iubenda is simple to use and integrate into your web and mobile applications.

Michael S., IT Systems Engineer

The post iubenda x Zapier appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Today, cookies rule the web, and these questions are on most website owners’ minds. Every website installs them to function better and get deeper insights into their audience.

This post will show you how to make your WordPress website compliant and use cookies lawfully.

How to manage cookie consent step by step

If you are based in the EU or target EU-based users, you need to comply with the Cookie Law.

Need help figuring out how to block cookies from being installed until users have granted their consent? No worries, our solution does just that. Click here for an Introduction to the Prior Blocking of Cookie Scripts.

Let’s take a closer look at what you need to make your WordPress website compliant.

Step 1: Create a cookie banner and a cookie policy

The first thing you have to do is create a legal document that validates your usage of cookies.

Users must be informed upon their first visit to your website; that’s why you need a cookie banner. The cookie banner must, at the very least:

• inform users that your website/app (or any third-party service you use) uses cookies;
• clearly state which action will signify consent;
• be conspicuously visible;
• link to a cookie policy.

The cookie policy is necessary because you must provide your users with all the details about your activity. Be sure to include:

• the type of cookies installed (both first-party and third-party);
• all third-parties that install, manage, or access cookies via your site/app, with a link to their respective policies, and any opt-out forms (where available);
• the purposes for which cookies are used.

Your cookie policy should also be available in all languages in which the service is provided.

You can use online generators to automatically create a professional and legally-sound document and generate a cookie banner, like with iubenda’s Privacy and Cookie Policy Generator + Privacy Controls and Cookie Solution. Our solutions allow you to manage all aspects of the Cookie Law and GDPR, and to create a fully customizable cookie banner.

Step 2: Add your cookie notice and policy on your WordPress website

Now that you have your policy and banner, it’s time to add them to your WordPress website.

If you haven’t done so already, you can simply use our WordPress cookie plugin to create your own. It will make the implementation a lot easier! Here’s how:

• Download the plugin from the WordPress plugin repository. Next, access the administration panel within WordPress and click on Plugins > Add New Plugin > Cookie Solution. Then install and activate it.
• For more in-depth instructions, see our WordPress cookie plugin installation guide.

If you don’t want to install our plugin, or if you’ve generated your cookie banner in another way, you can always add the cookie notice to your WordPress website by pasting the code of your banner to the head of your website.

Easily integrate iubenda’s compliance solutions into your WordPress site with our 1-Click Embedding feature—no coding required! Learn more in our guide.

Almost every WordPress theme allows you to modify the head of your website, so the implementation is pretty straightforward.

Step 3: Block cookies from running prior consent

The last thing you need to do to be compliant is block cookies from running if you don’t have your user’s consent.

The GDPR and the Cookie Law stress the importance of consent, and you’ve surely heard about GDPR fines. Well, many of those fines are issued because of consent.

The prior blocking of cookies will be enabled directly from the Privacy Controls and Cookie Solution dashboard, with just a simple tick!

Moreover, installing our plugin for WordPress websites automatically detects and blocks cookie scripts from running.

Be careful, though! The plugin doesn’t block all cookie scripts (here’s a list of those included), so you may need to block some of them manually.

How iubenda can help

Managing cookie consent on your WordPress website can be challenging. But with the right tools, it’s surprisingly easy!

iubenda can help you manage all aspects of the Cookie Law: our Privacy and Cookie Policy Generator allows you to create a cookie policy. Then, our Privacy Controls and Cookie Solution helps you create, install a fully customizable cookie banner, and block cookies prior to consent. All of this with very little effort from your side and via our WordPress plugin for quick results!

FAQ on WordPress Cookie Consent

See also

• iubenda All-in-one Compliance – WordPress cookie plugin
• How to identify the Cookies used by your website
• GDPR cheat sheet: 15 things to know

The post How to manage cookie consent on WordPress appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

This innovative metric is set to redefine what it means to have a swift and responsive website, by measuring the time it takes for a website to respond to user interactions.

At iubenda, we’ve always believed in staying ahead of the curve. Over the past months, our team has worked to ensure our Privacy Controls and Cookie Solution not only meet but exceed the standards set by this new web vital. 

The results are in, and we’re thrilled to share that our efforts have paid off spectacularly.

Interaction to Next Paint: Our Achievement

Our dedication to performance and user experience has placed us at the top of this new metric. Data comparisons against our main competitors reveal a striking advantage:

On desktop platforms, we’re leading the chart, showcasing our commitment to providing a seamless experience for all users.

More impressively, our optimization efforts on mobile devices have set a new industry standard, affirming our leadership in mobile web performance.

These results underscore our unparalleled dedication to not just keeping pace with technological advancements but setting the pace for the industry.

Why This Matters to You?

We know that every second counts, therefore the performance of your website can significantly impact your audience’s engagement, satisfaction, and conversion rates. 

Take the Next Step 

The introduction of INP marks a new era in web performance metrics, and iubenda stands at the forefront of this evolution. 

The post How iubenda is Redefining Web Excellence with Interaction to Next Paint appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

This doesn’t change pricing or anything else for you right now, but more will be changing for this top-notch Shopify app. In the near future, look out for added features and improved support from the world’s most advanced compliance platform. And don’t worry, even after it’s powered up by iubenda, using the app with Shopify will always be quick and easy.

What now?

You can check out iubenda’s Terms and Conditions or review our Privacy Policy. If you’d rather stop using your plan altogether, we’ll be sorry to see you go. Just get in touch, and we’ll help cancel your subscription right away.

What is GDPR Legal Cookie by iubenda?

GDPR Legal Cookie by iubenda is a Shopify app that helps you to quickly and easily align your shop with GDPR. It lets you design a compliant cookie banner that matches your store’s design and blocks trackers from running before your users consent to them. It also supports the latest version of Google Consent Mode, a Google technology that enables conversion and analytics modeling, allowing Google’s services to fill in data gaps when users do not consent.

The post Unveiling GDPR Legal Cookie by iubenda appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

What is the ISO 27001 certification?

ISO/IEC 27001 is the world’s best-known standard for information security management systems (ISMS).

The ISO/IEC 27001 standard offers guidance to companies of all sizes and industries on how to create, implement, maintain, and continuously enhance an information security management system.

This certification recognizes that we have put in place a system to manage security risks that meet the highest standards.

Why is the ISO 27001 certification important?

Being part of the privacy and data protection industry, we know how important the security of your data is. With cyber crimes on the rise, protecting our customers’ data is one of our key priorities.

That’s why – by achieving the ISO 27001 certification – we have taken a significant step towards ensuring the security and integrity of our information assets. You can rest assured: your sensitive information is safe with us.

The post iubenda has successfully obtained the ISO 27001 certification appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Maximize your ad revenue with a privacy-first,
business-centric solution

A one-stop solution for higher consent rates, greater ad revenue, and comprehensive compliance. Here’s how iubenda can help you..

Meet the latest requirements

Ensure you’re always up-to-date with evolving privacy regulations, providing the comprehensive support you need to meet compliant.

IAB TCF v2.2 + GPP & GPC Support: Stay ahead with the latest compliance standards. Our platform fully supports the IAB TCF version 2.2, alongside GPP and GPC, ensuring seamless compliance while improving user experience and consent rates.

Google-Certified CMP for Publishers and Developers: If you’re using Google AdSense, Ad Manager, or AdMob, you’ll soon need a Google Certified Consent Management Platform (CMP) integrated with the IAB’s Transparency and Consent Framework (TCF) to serve ads in the European Economic Area or the UK. Our solution is certified and ready to help you comply. Google Consent Mode is also fully supported, enhancing your ad-serving capabilities while respecting user privacy.

Improve your performance on every device

A set of features designed to make the most out of every consent.

Rejection recovery: Convert initial rejections into positive consents by displaying custom text where cookie-reliant elements are blocked.

Lightning-fast solution: In the world of online advertising, speed is crucial. If your CMP is sluggish, it can hinder your ability to deliver targeted ads on your website. Advertisers often expect lightning-fast response times, and delays can result in missed opportunities. Our CMP is amongst the fastest in the market.

App support (Android and iOS) with iubenda SDK: Leverage the iubenda SDK to seamlessly integrate your app on both Android and iOS. Ensure a smooth user experience and maximize your revenue across mobile devices.

Customize your solution for higher consent rates

Create notices that resonate with your audience. More personalization, higher conversion rate.

Device-referred themes: Enhance user experience and consent rates with device-specific themes.

A/B testing: Test and implement the most effective design and content for your consent banner, improving user response (in partnership with Consent Manager).

Cookie paywall: Create a paywall that requires user consent for the use of cookies in order to access certain premium content or features.

AI-powered CMP: Use machine learning algorithms for continuous improvement of consent rates through different designs (in partnership with Consent Manager).

WCAG for accessibility: Improve your consent rates by making consent banners accessible to all users.

Monitor your performance

Check what’s working and what can be improved, and monitor every update.

Email alerts with hourly scans: Stay updated with consent rates and other critical metrics. Instantly track new services added to your website.

Benchmark and optimization reports: Make informed decisions to improve your consent strategies using comprehensive reports, bounce rate included (in partnership with Consent Manager).

We help make your site compliant with international privacy laws

More than a simple CMP: iubenda’s comprehensive suite helps you meet the requirements of international online privacy laws.

Attorney-level solution

Harness the expertise of an international legal team packaged into a convenient software solution.

US State Laws support

Comply with the latest US state law requirements with the click of a button. Receive automatic updates to stay on top of what comes next.

Automatic cookie banner creation

The strictest requirements are automatically applied based on user and website location, so you’re always on the right side of the law.

The post Unlock greater ad profits appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

We have some exciting news for you: after being selected as a Google CMP Partner, we have now obtained a new Google certification which makes our CMP 100% compliant with the latest requirements!

Today, almost every website uses cookies. Managing cookie consent and privacy preferences is essential, but new requirements are always coming up — keeping up with everything can be a challenge.

What if we told you that compliance doesn’t have to be a hassle?

Our Privacy Controls and Cookie Solution is the best solution to manage cookies and privacy preferences for any type of business. Our goal is to give you all the help and support you need: that’s why we’re constantly updating our solution with new features. The Google certification we obtained is proof of this.

Trusted by over 90,000 clients in 100+ countries

Not sure if you need to comply?

---

Scan your site with our Site Scanner and find out now!

The post Why choose a Google-certified CMP like iubenda? appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

As a Google CMP Partner, iubenda is now certified to give you all the help and support you need.

Google CPM Partner Program: More about the new requirements

Having integrated IAB’s Transparency and Consent Framework in their ads systems, Google will now require all publishers using their products — such as Google AdSense, Ad Manager, or AdMob — to use a Google-certified CMP that integrates with the TCF when serving ads to users in the European Economic Area or the UK.

On their side, CMP Partners will need to undergo a certification process, which will ensure their compliance with the TCF.

iubenda has been selected as a Google CMP Partner and our Solutions, therefore, fully integrate with the Transparency and Consent Framework (TCF). We are now certified, to continue to give you specialized care and support wherever needed.

Official statement by Google

---

“By supporting the TCF, we aim to promote a unified and reliable approach for users and publishers across the broader ecosystem. […] In connection with this new requirement, Google has begun the process of certifying CMPs that work with our publishing partners for TCF compliance. We want to ensure that each CMP can be used with our technology in ways that users expect.”

Easily collect consent with iubenda

As a publisher, using a CMP that integrates with the Transparency and Consent Framework is in your best interests.

The TCF is fast becoming the industry standard, and it grants publishers benefits like:

• Maximizing their ad revenue
• Smoothly collecting and transmitting user preferences
• Enhanced options and control over how they process users’ data

Moreover, if you’re using Google’s products, a Google CMP Partner will make the experience even more seamless.

Google CMP Partner

As a Google CMP Partner, iubenda can support advertisers with Consent Mode set-up.
Using our Google Tag Manager template is a recommended option to implement iubenda and support Google Consent Mode in a codeless way, saving significant time and effort.

The post New Google CMP Certification Program appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

In a nutshell, just pick a plan for each site you manage depending on the features you need!

How Does This Affect You?

Nothing changes to your current active plans. They will keep renewing at the old prices, and no action is required from you.

The only change is for new purchases or upgrades, for which – starting from mid-September – our new and simpler pricing will apply.

New Pricing vs. Old Pricing: See What’s Changed

The change in pricing is designed to introduce more flexibility, transparency, and user-friendliness. Here’s a sneak peek into what to expect:

Main changes from the old to new subscription plans:

Any doubts? Get in touch with our customer support team if you need clarification about this new pricing structure.

The post Introducing New and Simplified Pricing Structure appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Starting March 1, 2023, the Prior Blocking feature is always enabled on all installations of our Privacy Controls and Cookie Solution, regardless of your previous code or dashboard set-ups.

This means that the “Prior blocking and asynchronous re-activation” (server side) and “Prior consent” (priorConsent parameter) options are always active. More about these two options here.

Beyond these options, we remind you that prior blocking must then be set up by using any of the blocking methods described in this guide.

New behavior for exceeding the page views/month limit of your plan

We’re also changing the behavior of our Privacy Controls and Cookie Solution for users who exceed the page views/month limit of their plan.

Instead of disabling the prior blocking for the current month, the cookie banner will be replaced by an alert (this also applies when the subscription expires). As a result, you won’t be able to get visitors’ consent and release cookies.

We’ll roll out this change across all Privacy Controls and Cookie Solution delivery channels in the following order:

• Beta—March 15, 2023
• Current (default and most used channel)—March 22, 2023
• Stable—April 19, 2023

As usual, if you have turned off automatic upgrades, we’ll email you when you approach or exceed the threshold covered by your Privacy Controls and Cookie Solution plan. This way you can always avoid service interruptions.

Cookie and Consent Preference Log

Finally, if you have enabled the Cookie and Consent Preference Log (required by many EU data protection authorities), we remind you that from January 15, 2023, the invalidateConsentWithoutLog parameter is forced to true.

Since cookie consents without proof are considered invalid by many EU data protection authorities, a new consent is requested—via the cookie banner—whenever a user’s consent is missing in the Cookie and Consent Preference Log.

What do I need to do?

No action is required, but you may want to take the chance to make sure that your cookie banner configuration is up-to-date with the latest requirements by data protection authorities.

Our configurator and scanner report can help you and automatically suggest the best configuration.

The post Changes to our Privacy Controls and Cookie Solution appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

However, running an affiliate program involves working to build trust with your audience.
Here’s why we wanted to share some best practices for you to get started. Even if you’ve been doing it for a while, you’ll find some valuable tips and tricks.

Let’s start with the basics!

What is Affiliate Marketing, and why is it a great way to earn income?

Affiliate marketing comes in different shapes and forms. The simplest way to explain it is: you are recommending a product to your audience and earning a commission for every successful referral.

The good thing about iubenda’s affiliate program is that people who use your link to purchase also get a 10% discount. So it’s a win for you, your referred person and us!

Lots of people recommend products every day to your friends and the people surrounding you. So, why not take it one step further and earn a commission for doing that?

Now that we’ve learned about what affiliate marketing is, let’s find out…

How not to Affiliate Market!

Affiliate Marketing might not be the right choice for you, if…

1. You don’t have a community, reach, or audience that you can market iubenda to.
2. Your audience doesn’t trust your recommendations.
3. Your audience is not interested in iubenda’s products.

Now that we’ve got the essentials out of the way, let’s learn the top practices to promote iubenda to your community!

7 tips on how to promote iubenda

#1: Share a story

Blogs are a great way to affiliate market. You can spend some time creating a piece of content, which will be read repeatedly by your audience and others. Even if it was created a while ago.

It also offers multiple content-sharing opportunities, meaning, after creating your blog, you can share it on your socials and via newsletters, for example.

#2: Video review or tutorial

Legal compliance is a complicated topic, and using and implementing iubenda can confuse some users.

Creating a video to either review iubenda (and voice your reason for using it) or creating a tutorial on how you used our products to make your website/app compliant can be a great way to showcase your sincerity in using the product and sharing your affiliate link.

#3: Share iubenda in your newsletter

We at iubenda love to use newsletters to stay in touch with our users. Newsletters allow you to share interesting stories and more details than social media. And since users sign up to receive your emails, they pay more attention than on social media or other platforms. Moreover, a newsletter is also the perfect place to add your affiliate link!

So, if you’re sending out a newsletter, remember to keep it entertaining and engaging with graphics and the right wording.

#4: Post on social media

Social media is a great tool for promoting affiliate links. However, make sure that you are not spamming your followers with your affiliate link ten times a day.

Adhere to the rules of social media. Post relevant, interesting and engaging content, by sharing a story, instead of just an “ad”. Tell your audience why you are suggesting what you are suggesting and pair it with beautiful graphics. This is also a good place to mention that all your recommended friends will get a 10% discount.

#5: Word of mouth

One of the best ways to recommend a product will and will always be by word of mouth. If your friend or client is talking about setting up a website and how to deal with compliance issues, you can easily recommend iubenda.

Of course, this way is one of the slowest ways of spreading the word, but at the end of the day also one of the most effective. Lots of our affiliates are agencies or freelancers who help others build websites with iubenda and who use iubenda for their own as well.

#6: Have a dedicated partner page

Another great way of showcasing affiliate links is building a partner page on your website. There you can showcase apps, software and other tools that make your life easier.

When people, especially developers, stumble upon websites that look and work great, they can be curious about what tools the website owner is using to make the website work well.

#7: Mention iubenda on your podcast

If you have a podcast, it’s also a wonderful place to share your affiliate link. However, make sure that you are not just plugging it in without context.

Let’s say you are having an episode talking about “How to start your own e-commerce business”: iubenda would be a great add-on here as we help you make your website legally compliant.

Before you leave this blog post, let us give you some…

Don’ts in Affiliate Marketing

As with everything, affiliate marketing also has its rules, regulations and guidelines. More about iubenda’s specific guidelines can be found here.

In general, we can give you the following tips:

• Don’t break the law around affiliate marketing
• Don’t impersonate iubenda
• Don’t violate iubenda’s terms
• Don’t spam people

In summary, don’t be unethical!

Of course, if you have any questions, or concerns or need support, we are just one email away. Please contact us at any time.

About us

Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.

www.iubenda.com

The post 7 tips on how to promote iubenda and earn commissions appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Cookie requirements are different everywhere, and with Data Protection Authorities constantly updating their cookie guidelines, it can be hard to keep up.  

At iubenda, we care about your safety from non-compliance fines and want to help! 

We’re proud to introduce our new Privacy Controls and Cookie Solution Configurator, the best way to collect cookie consent while being on the right side of the law!

What’s new?  

A new interface

We’ve listened to your feedback and redesigned the interface. 
Now it’s much easier to understand the requirements that apply to you.

Automatic configuration based on location 

This is the best part, something that our old Configurator didn’t have. 

Where are you based? Where are your users? Answer these two simple questions, and we’ll suggest the best configuration for your site/app. Use our automated configuration, or tweak it manually, as you prefer.

Easier to customize

Our intuitive interface also makes it easier for you to customize your banner.
Our Privacy Controls and Cookie Solution allows you to adapt your Cookie Banner, Consent Banner and Privacy Controls to your specific needs. Choose your format, text, theme, colors, and add your own logo. It’s yours to edit as you like!

Already using our Privacy Controls and Cookie Solution? No need to re-configure!

If you are already using our Privacy Controls and Cookie Solution, you won’t need to do anything. Simply go to your dashboard: you’ll find the new Configurator there, ready to use. 

But don’t worry. 
Even if we changed our Configurator, your banner is still there!

The post New: Privacy Controls and Cookie Solution Configurator appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Laws like the GDPR, Cookie Law and CCPA have made consent management platforms (CMPs) necessary for businesses operating in the EU and US, including publishers. This guide breaks down what a consent management platform is, why publishers need it, and how to enable the industry-standard Transparency and Consent Framework in our Cookie Solution.

What is a Consent Management Platform (CMP)

CMP is short for Consent Management Platform or, less commonly, Consent Management Provider. CMPs are also responsible for passing user consent along with the Transparency and Consent Framework (TCF) and must therefore be registered and meet TCF standards and policies.

Simply stated, a CMP helps you provide transparency to the users regarding the access and storage of their personal information (through cookies and other trackers) in compliance with major data privacy laws like the GDPR, the ePrivacy Directive, the CCPA and more.

More specifically, CMPs help you gather, store, and use users’ preferences to collect and process their personal information for specific purposes (e.g., analytics, advertising, and retargeting strategies).

Do I need a Consent Management Platform (CMP)?

Short answer: yes, you probably need one. 

A) The GDPR/ePrivacy Directive or UK GDPR/PECR applies to you (not sure? Take our 1-minute quiz), and your site/app (or any third-party service run by your site/app) uses cookies or other trackers to process personal information.

Why?

Because according to the ePrivacy Directive (as well as PECR, its UK transposition), you must clearly and visibly inform users of your site/app’s use of any cookies (or trackers) and collect active consent before running scripts related to non-exempt cookies/trackers. 

For example, let’s consider publishers operating in Europe. Cookies and trackers are their bread and butter since they help them monetize their site/app via third-party advertisers. The use of trackers for purposes like behavioral advertising, remarketing, and content personalization requires obtaining users’ informed consent before installing those trackers. 

B) The California Consumer Privacy Act (CCPA) applies to you (not sure? Take our 1-minute quiz), and you share user data (e.g. IP address) with third parties, which legally obligates you to:

• inform Californian consumers that their data might be collected, and
• give them the option to opt out by displaying a “Do Not Sell My Personal Information” opt-out link. 

In general, given the rapid emergence of privacy laws worldwide, it’s hard to imagine a site or app that doesn’t need a Consent Management Platform. 

As a registered CMP, we’ve integrated IAB Europe’s industry-standard TCF and CCPA Compliance Framework with our Cookie Solution to help publishers comply with the law while meeting industry requirements and maximizing ad revenue.

What is the IAB GDPR Transparency and Consent Framework (TCF)

The IAB Transparency and Consent Framework (TCF) is a digital advertising initiative that helps publishers, technology vendors, agencies, and advertisers meet the transparency, consent, and choice requirements of the GDPR and ePrivacy Directive when processing personal data or accessing and/or storing information on users devices (such as cookies, advertising identifiers, device identifiers, and other tracking technologies).

The IAB TCF provides a standard process for getting GDPR user consent and signaling those consent preferences across the advertising supply chain (You can read the framework policies here). 

The TCF and Brexit / UK Law

Currently, the requirements of the UK’s General Data Protection Regulation (UK GDPR) and the UK’s Privacy and Electronic Communications Regulations are identical to that of their EU counterparts (the GDPR and ePrivacy). THEREFORE, the TCF Framework also helps companies meet the current requirements of both UK Regulations. 

Why publishers should enable the Transparency and Consent Framework

Despite being a relatively new initiative, the IAB TCF 2.0 is rapidly becoming the industry standard, with vendors like Google, Adobe and AdRoll involved in its implementation.

While not strictly mandatory, enabling the TCF 2.0 offers many benefits for publishers and users, maximizing ad revenue and allowing publishers to smoothly collect and transmit user preferences to the third-party ad vendors they work with, while exercising stricter control over how they process users’ data.

TCF benefits for publishers

• Secure your ad revenue: Some advertising networks may limit access to their network or serve only non-personalized ads where TCF 2.0 consent is not passed to vendors. This means that your ad revenue could potentially be decreased if you’re not using the framework.
• Enhanced options and control
  • More granular purposes: an extended list of purposes that includes more granular options. There are now 10 purposes, 2 special purposes, 2 features and 2 special features, giving you more opportunities to collect consent. 
  • Purposes and legal basis restrictions: you have full control over which third-party ad vendors you want to work with and disclose to your users and for what purposes you allow these vendors to process personal information.

    Why is important to select a restricted number of vendors to work with.

    Choosing to provide transparency and help establish legal basis within the Framework for a large number of Vendors may reduce the ability for users to make informed choices and increase publisher and vendor legal risk. It may therefore result in vendors refusing to work with publishers disclosing too many vendors and negatively impacting publisher ad revenue.

    The Belgian DPA (APD) in a decision on IAB Europe and the TCF has explicitly stated that providing transparency for a large number of vendors would need a disproportionate amount of time for the user to read this information and would result to be incompatible with the condition of sufficiently informed consent as required by GDPR.

    To restrict the number of vendors, select “Only allow the vendors disclosed in your privacy and cookie policy” in the TCF settings of our Cookie Solution.

  • You can specify the legal basis upon which you require vendors to operate
  • You can determine at your discretion that, for specific purposes and vendors, only consent (or legitimate interest) is a viable legal basis.

    What’s a legal basis and why it is important to restrict it.

    A legal basis is a lawful ground under which personal data are processed. According to GPDR, there are six possible legal basis. In the advertising sector, two legal bases are commonly used:

    • consent of the data subject; and
    • legitimate interest of the data controller.

    The TCF supports both, but some national DPAs, like in Italy and Belgium, have excluded the use of legitimate interest as a valid legal basis, that’s why it’s important to restrict it to “Consent only” if you operate in those countries (you can read more about country-specific requirements in our Cookie Consent Cheatsheet). 

Google fully supports TCF 2.0 (and later versions). Google is now part of the TCF global vendor list: this means that, if you’re using Adsense, AdMob or Ad Manager, separate Google ad personalization settings are no longer needed (you can read Google’s release on publisher integration with the IAB TCF 2.0 here).

What about ad vendors that are not yet part of the TCF? 
While the framework comprises an ever-growing list of ad vendors, some advertisers are not yet part of the TCF. That’s the case with some of Google’s partners. To circumvent this problem, Google has defined a temporary technical specification called Additional Consent Mode, intended only for use alongside TCF 2.0 to serve as a bridge for Google’s Ad Tech Providers who are not yet registered on the TCF 2.0 Global Vendor List.

 iubenda CMP fully supports TCF integration requirements set by Google, including the Additional Consent Mode.

TCF benefits for end-users

• Enhanced transparency:
  • grater granularity at the purpose level that will enable users to make more informed choices regarding the processing of their personal data; 
  • detailed and easily understandable descriptions of the purposes of data processing; 
  • specific information about the duration of information stored on a user’s device. This is the most important news of TCF 2.1: IAB has amended the TCF policies in order to comply with the changes required by the Planet49 ruling. This update is turned out to be what we now call TCF 2.1
• Enhanced control: not only users can easily provide, deny or withdraw consent for each vendor or purpose but you will also offer them a streamlined means of exercising their right to object to processing on the basis of a legitimate interest. 

iubenda and the IAB Transparency and Consent Framework (TCF 2.0 and 2.1) 

Our cookie consent manager for the ePrivacy, GDPR and CCPA allows you to display a fully customizable cookie banner, collect cookie consent and implement prior blocking. 

Also, as a registered Consent Management Platform (id number 123), the iubenda Cookie Solution lets users set advertising preferences and is compatible with the IAB GDPR Transparency and Consent Framework. This feature allows users to toggle advertising preferences for advertisers on the IAB’s extensive global vendor list.

1. Enable the IAB Transparency and Consent Framework

To enable the TCF 2.0+ on your Cookie Solution, head to your dashboard and click on the site/app that you’d like to update. Next, click the Edit button in the Cookie Solution area (if you haven’t already activated the Cookie Solution, here’s a tutorial on getting started).

Now enable the IAB TCF option. You’ll immediately notice that:

• The banner text will be lengthened to meet IAB requirements. The additional text (only editable upon request) contains essential disclosures related to the enhanced options that we mention in the sections below.
• “Accept” and “Learn more and customize” buttons will be force-enabled, as required by IAB.

What the banner notice for TCF v2.0 needs to contain

• information about the fact that information is stored on and/or accessed from the user’s device (e.g. use of cookies, device identifiers, or other device data);
• information about the fact that personal data is processed, and the nature of the personal data processed (e.g. unique identifiers, browsing data);
• a link to the list of vendors;
• a list of purposes (using the GVL standardized names and/or stack names);
• information about the special features used by the vendors (using the GVL standardized names and/or stack names);
• information about the fact that the user can withdraw their consent at any time, and how to resurface the Framework UI in order to do so;
• a call to action for the user to express their consent
• a call to action for the user to customise their choices 

Furthermore, you’ll have the chance to enable Google’s Additional Consent Mode option, a feature that allows you to gather consent for Google ad partners that are not yet part of the Transparency and Consent Framework, but are on Google’s Ad Tech Providers (ATP) list.

Cookie Solution snippet

Once enabled, your Cookie Solution embed code will go from this:

<script type="text/javascript">
    var _iub = _iub || [];
    _iub.csConfiguration = {
        "lang": "en",
        "siteId": XXXXXX, //use your siteId
        "cookiePolicyId": YYYYYY, //use your cookiePolicyId
        "consentOnContinuedBrowsing": false,
        "perPurposeConsent": true,
        "invalidateConsentWithoutLog": true,
        "floatingPreferencesButtonDisplay": "bottom-right",
        "banner": {
            "acceptButtonDisplay": true,
            "rejectButtonDisplay": true
            "closeButtonRejects": true,
            "customizeButtonDisplay": true,
            "explicitWithdrawal": true,
            "listPurposes": true,
            "position": "float-top-center"
        }
    };
</script>
<script type="text/javascript" src="//cdn.iubenda.com/cs/iubenda_cs.js" charset="UTF-8" async></script>

To this (note the stub-v2.js script, "enableTcf": true and other TCF options):

<script type="text/javascript">
    var _iub = _iub || [];
    _iub.csConfiguration = {
        "lang": "en",
        "siteId": XXXXXX, //use your siteId
        "cookiePolicyId": YYYYYY, //use your cookiePolicyId
        "consentOnContinuedBrowsing": false,
        "perPurposeConsent": true,
        "invalidateConsentWithoutLog": true,
        "floatingPreferencesButtonDisplay": "bottom-right",
        "enableTcf": true,
        "googleAdditionalConsentMode": true,
        "tcfPurposes": {
            "1": true,
            "2": "consent_only",
            "3": "consent_only",
            "4": "consent_only",
            "5": "consent_only",
            "6": "consent_only",
            "7": "consent_only",
            "8": "consent_only",
            "9": "consent_only",
            "10": "consent_only"
        },
        "banner": {
            "acceptButtonDisplay": true,
            "rejectButtonDisplay": true
            "closeButtonRejects": true,
            "customizeButtonDisplay": true,
            "explicitWithdrawal": true,
            "listPurposes": true,
            "position": "float-top-center"
        }
    };
</script>
<script type="text/javascript" src="//cdn.iubenda.com/cs/tcf/stub-v2.js"></script>
<script type="text/javascript" src="//cdn.iubenda.com/cs/iubenda_cs.js" charset="UTF-8" async></script>

Now that you’ve pasted the Cookie Solution code inside  body of your pages, let’s talk about prior blocking the vendor scripts.

2. Collect consent to ad personalization

The iubenda CMP provides the __tcfapi function in order for vendors to read the consent properly.
We use a script (safe-tcf-v2.js) that has the only job of reading the TCF cookie and releasing the __tcfapi function and not directly blocking the vendor scripts. It is a synchronous activator that runs at the very beginning of the page, guaranteeing that the consent is read within 500ms from the vendor scripts being executed.

This is the default behavior when enabling the Iab TCF options of our configurator.
It works from the second pageview (when consent is already present on the page) and it allows to achieve high-performing in terms of load speed.

However, it may result in some incompatibilities with Google Ad Manager, AdSense, and AdMob. If you want to directly block the vendor scripts you can see below.

Further implementations and optimization – Google Ads users

Vendors have a maximum time (generally 500ms, usually non-configurable) to wait for consent from the CMP. 
In cases where the CMP does not respond within a maximum of 500ms, vendors’ Sell-Side Platform uses the opt-out status of the user instead, which means that in such cases, your end-users will be served with non-personalized ads.

This might happen if you use Google’s advertising services such as Ad Manager, AdSense and AdMob.
To prevent these issues, you can directly block the vendors’ scripts using one of the prior blocking methods supported by our Cookie Solution, then execute them only after consent has been collected.

You can use this to have more direct control regarding ensuring compliance and serving personalized ads from the first pageview when consent hasn’t been collected yet. It also allows you to avoid error 2.1a (for Google Ad Manager, AdSense, and AdMob users).

Our Cookie Solution offers various tools for the prior blocking of scripts that may install cookies. More in our introduction to the prior blocking of scripts. To block Google’s scripts, you can directly reference the examples for Google AdSense and Google Publisher Tag.

Per-category consent

Please note that if you’ve enabled the Cookie Solution’s per-category consent feature, you’ll need to tag TCF scripts as “purpose 1” (Necessary).

window.__tcfapi('getTCData', 2, function(result,success) { console.log(result) });
window.__tcfapi('getTCData', 2, function(result,success) { console.log(result) }, [1,2]);
window.__tcfapi('ping', 2, function(result) { console.log(result) });

Finally, as required by IAB, you have to provide a link or button (e.g. in the footer) that allows your visitors to update their advertising tracking preferences even after closing the cookie banner. 

Let’s see how.

3. Provide a link/button that allows your users to reopen the consent modal and edit their preferences

To implement, just add the iubenda-advertising-preferences-link class to a custom link or button:

<a href="#" class="iubenda-advertising-preferences-link">
    Update your advertising tracking preferences
</a>

Place it anywhere on your site (typically added to the footer). Once clicked, the link above will trigger the opening of the advertising tracking settings modal:

To meet IAB’s requirements, please note that if you don’t implement the iubenda-advertising-preferences-link class, we’ll automatically display a small widget that hovers on your pages:

Additional features and settings

Under the IAB TCF tile you’ll find these enhanced publisher options:

1. Restrict the number of vendors to work with

Under the IAB TCF tile you’ll find these enhanced publisher options:

To do this, select “Only allow the vendors disclosed in your privacy and cookie policy” under the “Restrictions” section of your TCF settings.

By enabling this option, only the vendors that are disclosed in your iubenda privacy and cookie policy will be displayed inside the TCF panel. Please note that, in order for this option to work, at least one TCF vendor will have to be added to your privacy and cookie policy. Adding vendors can be easily done from our Privacy and Cookie Policy generator: click on “add services”, select the “advertising” section and add all the advertising services that you work with.

We suggest you opt for this option, even if you prefer to use your own privacy and cookie policy documentation. If this is the case, you can still generate a Privacy & Cookie Policy with iubenda and technically benefit from this feature without the need to necessarily link it inside the banner or in your site/app. However, bear in mind that, no matter which privacy and cookie policy documentation you choose to use, it should still mirror what’s declared inside the cookie banner.

Note

According to the TCF specifications, “for vendors that register for Special Purposes only (and no other Purposes) and have been displayed by the CMP the value must be set to 1”. The goal is simply to signal that those vendors have been displayed and that can consequently pursue such special purposes (which are technical in nature) under legitimate interest. 
Special purposes unlike normal purposes cannot be restricted. However, the “Only allow the vendors disclosed in your privacy and cookie policy” option can come to hand even in this case since it will allow you not to display vendors that register for Special Purposes only, and consequently the value for them will be set to 0.

Vendors will soon be required to provide additional information inside the Global Vendor List (GVL), making it easier for publishers to decide which vendors to work with.

2. Restrict purposes and legal basis

To do this select the “Restrict Purposes” option, decide which purposes you want to enable, and finally select the legal basis under which personal data can be processed for active purposes. 

Note: if you are not sure about this aspect, consider that “Consent only” is usually the safest option and definitely best practice for purposes related to profiling.

3. Request new consent from users that had previously provided consent, if the IAB Framework preference is not found

We’ve already mentioned the importance of restricting the number of vendors you want to work with. Another advantage of providing transparency for a limited number of vendors is the possibility to basically eliminate the problem of requesting new consent at the global vendor list update. In fact, the IAB vendor list is updated almost weekly. 

If, nevertheless, you decide not to limit the number of vendors to work with, you may want to choose how to handle new consent requests, avoiding showing the cookie banner to users who have already given consent a few days or weeks before.

Inside the tile IAB TCF, you’ll find a section called Request new consent at vendor list update, where you can choose between three different values:

• Never (default value) – users who have already given consent will not be shown the cookie banner again. Consent for new vendors will be set to off.
• Immediately – users will get prompted with a new consent request whenever the vendor list is updated.
• With a delay – users will get prompted with a new consent request x days after the update of the vendor list (you’ll have to specify the number of days).

Please note that this feature is not available when pointing directly to a specific version of the Cookie Solution (e.g. cdn.iubenda.com/cs/versions/iubenda_cs-1.7.0.js), but only through the official Current/Beta endpoints.

4. Provide gdpr and gdpr_consent parameters into the request to the vendor

Some vendors may ask you to explicitly provide gdpr and gdpr_consent parameters into their request. Here’s a snippet to meet this requirement:

<script type="text/javascript">
    __tcfapi('addEventListener', 2, function(tcData) {
        if (tcData.eventStatus !== 'useractioncomplete' && tcData.eventStatus !== 'tcloaded') {
            return;
        }
        var gdpr = tcData.gdprApplies ? 1 : 0;
        var gdpr_consent = tcData.tcString;
        console.log({ gdpr: gdpr, gdpr_consent: gdpr_consent });
        // Remove event listener to avoid invoking the ads multiple times
        __tcfapi('removeEventListener', 2, function(success) {
            console.log('event listener removed', success);
        }, tcData.listenerId);
    });
</script>

Once replaced the console.log line with the request to the vendor by using the gdpr and gdpr_consent variables, add this snippet below the iubenda_cs.js script, and it will automatically invoke the vendor script with the correct consent data.

5. Result

Now when your users click on the Learn more and customize button (or the advertising preferences panel link) in your cookie banner in order to manage their preferences, they’ll see the following options:

Note: when the user indicates that they would like to manage preferences by opening the preference window, all cookies are “turned off” by default as a positive affirmative/opt-in action is legally required for valid consent.

The post The complete guide to iubenda Consent Management Platform (CMP) and IAB TCF 2.0 & 2.1 appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Luckily, our cookie consent plugin for WordPress simplifies and manages these compliance requirements within a few clicks. Our plugin lets you automate the implementation of GDPR and ePrivacy requirements by providing a fully customizable cookie banner, blocking scripts, and managing all aspects of cookie consent.

Since the plugin works with our cookie consent management solution, it allows you to block scripts that can install cookies before consent (including the most common widgets and third-party cookies), without the need of direct intervention on the code.

Introducing our new plugin: All-in-one Compliance for GDPR / CCPA Cookie Consent + more

---

Now you can manage consent, create a cookie banner, add your privacy policy and set your terms and conditions, from a single install.

And that’s not all!

Our plugin now scans and rates your site, showing you at a glance what’s missing. It also suggests what you need to do to improve your website’s compliance.

Download it here.

Here’s a list of the scripts that can be automatically detected and blocked by our WordPress plugin:

What is the iubenda Privacy Controls and Cookie Solution?

The Privacy Controls and Cookie Solution allows you to manage all aspects of the Cookie Law, and it lets you:

• easily inform users via cookie banner and a dedicated cookie policy page;
• obtain and save cookie consent settings;
• preventively block scripts prior to consent.

It’s completely free for up to 1K page views per month (no payment info required for free accounts), with affordable plans available for sites that have more monthly traffic.

Generate your cookie banner and download the WordPress plugin now:

About us

Cookie consent management for the ePrivacy, GDPR and CCPA

www.iubenda.com

See also

• Privacy Controls and Cookie Solution – WordPress plugin installation guide
• How to add a GDPR cookie banner to WordPress
• How to manage cookie consent on WordPress

The post Need to manage GDPR cookie consent on WordPress? Here’s a plugin for you appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

1. You can make changes to all your documents across all your sites/apps at any time (and at no additional cost) from your dashboard. Adding a new analytics tool? Update the privacy policy in one click and have the update spread across all your websites and apps, across one or multiple languages.
2. Our team of international lawyers constantly monitor and release updates to the legal texts. From time to time laws and third-party requirements are amended and updated; by hosting your documents, we can ensure that your documents always meet the latest requirements. Minor changes, such as Google’s privacy policy URL needing to be updated, are released automatically. For major changes, we always warn you in advance.
3. Your development team doesn’t need to be involved each time you need to make a change to the documents. You can easily make direct changes to your documents from within your dashboard.
4. Hosting gives you multiple integration options. You can opt for our JavaScript widget, or use our API for a fully integrated, white label and customizable experience.
5. The documents are hosted on a top-notch content delivery network known for its speed and reliability. We also give you the additional option to access documents via our API if you’d like to cache them within your own application.

See also

• Can I remove the statement: iubenda hosts this page and collects some personal data about users?
• Why is the iubenda service on a recurring basis?

The post 5 Reasons Why We Host Your Documents appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Types of data collected” section update

We’ve rewritten the privacy policy text section regarding the types of data being collected by any site or app. This section is now more precise and tells the reader that all data processed is mandatory in nature with one exception. That exception is data that is specifically marked as not being mandatory. The provision of such data is up to the user’s choice, and the service is not affected by it.

Overview of the changes

You can preview the fully revised wording here on our Github account, which will highlight the exact changes for you:

Why did we make this change?

We’ve made this revision because certain implementations of the European Privacy Directive require such a statement. Since our main rule for our documents is to have the most restrictive wording inside our privacy policy by default, our legal team started to get to work and organised the necessary changes for the new default wording.

When do you get this update?

You are free to keep the old wording intact until September, 1st. Starting today, 18.07.17, you can get the new wording by updating your privacy policy (you can remove and re-add a service, for example). Any new privacy policies created starting today will automatically have the new wording inside.

On September 1st, all privacy policies will have this change applied automatically. This includes your privacy policy, if you choose to wait until then.

Anything else? Do I have to communicate these changes?

As with any change to data collection practices we suggest to make these changes known to your users. In theory these changes do not include any real change to what’s done with the already collected data or to the purpose of the collection.

The new wording communicates that some data submitted is not mandatory and that in turn the non-provision doesn’t make it impossible for the service to be provided.

The post 18.07.17: Changes to Our Types of Data Collected Section appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.