Cookiebot Drupal

 

Cookiebot CMP operates from the cloud and thereby scales with your needs. The service utilizes the extensive features of the cloud to ensure high availability, like full redundancy, load balancing, automatic capacity scaling, continuous data backup and geo-replication along with a traffic manager for automatic geographical failover on.

How to implement the Cookiebot cookie consent banner

  1. CookieYes helps you easily display a cookie banner on your Drupal website and manage user consent.
  2. Yes, Cookiebot Consent Management Platform (CMP) treats domains and sub-domains separately. This is because we need to scan each domain/sub-domain. Therefore, you need a subscription for each of your domains and each of your subdomains. example.com, it.example.com and uk.example.com are treated as 3 different domains.

You can use the offical Cookiebot WordPress plugin to implement the cookie consent banner and cookie declaration on your website. Alternatively you can implement Cookiebot with Google Tag Manager or manually.

Cookiebot WordPress implementation

Cookiebot offers a WordPress plugin that makes your website compliant with GDPR/ePR and CCPA.
You can use the Cookiebot WordPress plugin to handle user consents and give users the option to opt in and out of cookie categories.
Cookiebot scans your website to find all cookies and tracking technologies. They are then automatically blocked until your users choose which categories of cookies to accept.
The cookie declaration includes the option for a Do Not Sell My Personal Information link – offering full compliance with GDPR/ePR and CCPA.

Download, install and activate the Cookiebot WordPress plugin.

Once activated navigate to the settings tab of the plugin and insert your Cookiebot ID which you can find in the Cookiebot manager. It looks like this: data-cbid='00000000-0000-0000-0000-000000000000'.

When using advanced functionalities please read the official Cookiebot WordPress plugin page.

Manual implementation

Add your personal Cookiebot script for the consent dialog. Your script is available in the Cookiebot manager under ‘Your scripts’. Please choose whether you want to use automatic blocking mode or manual blocking mode. Add your preferred script to the WordPress theme file “header.php” inside the <head>-tag and before the wp_head() call, e.g. (marked in bold):

* Please note that this example doesn’t use automatic cookie blocking mode When saved, the cookie consent banner will display on your website. If you have used Automatic Cookie Blocking Mode you may skip ahead to Showing your cookie declaration in full on a separate WordPress page or post.

Manually implement prior consent on plugins:

To hold back plugin-cookies until the visitor has consented, script tags within the plugin must be marked up with the tag attribute “data-cookieconsent”. The value of this attribute must be set to one or more of the following values (comma-separated) which must reflect the type(s) of cookies being set by the script tag: preferences, statistics, marketing. Finally the “type”-attribute of the script tag must be set or changed to “text/plain” (highlighted in bold). Example:

Cookiebot Drupal Install

In WordPress, script tags may also load from plugins with the function wp_enqueue_script. In that case you can make the necessary modifications to the script tag using the filter script_loader_tag. PHP plugin example:

Showing your cookie declaration in full on a separate WordPress page or post:

If you want to show your cookie declaration in full on a seperate page or as part of your privacy policy, embed your cookie declaration script as described below. In the content editor for the page or post where you want to show your cookie declaration in full, switch to text view mode and paste the script code where you want the declaration to show, e.g.:

Tags:

Updated September 7, 2020.


The Internet has more dimensions than you can see.

Even your own website has dimensions that are not immediately visible to you, and these secret grey spaces hide trackers and intruders that see everything and remember all.

Here, no privacy exists.

But there is a way to make these dimensions visible, and to cast a light on the hundreds of potential trackers that lie in hiding on your website and invade your users’ privacy.


What is a cookie scanner?

Drupal

A cookie scanner is a software technology that scans websites to detect which cookies and trackers are in operation on the domain.

Data protection laws like the EU’s GDPR and California’s CCPA require websites to know what personal data it collects from its users – and for the most part, personal data collection is done through cookies.

A cookie scanner is therefore a vital tool for compliance with GDPR, CCPA and more data protection laws across the world.


Cookiebot's cookie scanner

Our unmatched cookie scanner forms the cornerstone of Cookiebot’s consent management platform.

Cookiebot’s cookie scanner finds all cookies and trackers – even the hidden trojan horses – so that your website can become compliant and protect user privacy.

Cookiebot’s cookie scanner –

  • Detects all cookies and trackers in operation on your website
  • Generates a cookie declaration with details on each cookie; type, duration, provider and purpose
  • Automatically blocks all cookies and trackers until users have made their choice of consent (for GDPR compliance)
  • Presents users with opt-out options (for CCPA compliance)

Try Cookiebot free for 30 days… or forever if you have a small website.


How does Cookiebot's cookie scanner work?

The Cookiebot cookie scanner simulates human beings and their behavior online in order to lure out and detect all of the cookies and trackers in hiding on a given website.

Cookiebot’s cookie scanner cheats the trackers into thinking that a real person is scrolling on the website, and in that way baits them to come out form their hiding and show themselves.


What are cookies?

Cookies are small text files that a website places on your browser. When people visit your website, cookies collect data about them.

Cookiebot Drupal Free

Necessary cookies serve your website’s most basic functions.

Preference cookies remember user choices of language, currency setting or log-in details for optimal user experience.

Statistics cookies track users and collect different information about them and their online behavior and is used to inform website owners on the analytics of their site.

Marketing cookies harvest data for third-party companies that assemble comprehensive profiles on people and use these to target them with advertisement. This is known as behavioral advertisement and is a multi-billion-dollar industry.


Cookiebot’s cookie scanner performs fully-rendered simulations of multiple users (7-8 on average) visiting a website and their behavior on that website, which includes scrolling up to 10,000 subpages, clicking all links, menu points and buttons, moving cursors around, as well as playing and pausing embedded video and audio content.

Basically, the cookie scanner exhausts all of the technically possible options on a website through simulated user interaction. Sort of like rustling a bush to see all the insects crawl out of their hiding.


Cookie scanners are like an x-ray of your website, revealing what’s hidden.


During these simulated sessions, the website cookie scanner monitors all network traffic between the website and the “browsers” of the simulated users, as well as any traffic sent to other websites.

Our cookie scanner uses this data to identify all the trackers that are present.

Once our cookie scanner has scanned a domain and all of its subpages, Cookiebot catalogues all of the identified trackers by their –

  1. technical properties,
  2. type and expiry period,
  3. exact location within the source code,
  4. third party providers,
  5. and purpose.

The purpose of a tracker – is not something that the cookie scanner alone can determine, which is why the Cookiebot research team is constantly working on classifying trackers according to information provided by the third-parties themselves, either on their websites or in response to our direct inquiries.

If no such information is forthcoming, the tracker will be categorized on the basis of its technical properties and the available knowledge about the business model for the third-party company controlling the tracker. The next time the cookie scanner encounters this tracker, it will categorize it accordingly.

Finally, this vast knowledge that the cookie scanner generates is stored in Cookiebot’s cookie repository of more than 22 million trackers, which have been classified and ascribed more than 3,500 unique purpose descriptions.


What kind of cookies does Cookiebot's cookie scanner find?

The Cookiebot cookie scanner finds all cookies and online trackers technology present on a domain.

This is a crucial and defining feature that we are very proud of at Cookiebot.

Our cookie scanner is unmatched in the industry, and finding the trackers is, of course, the prerequisite for real compliance with data protection laws like the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Of the most common tracking technologies that our web cookie scanner finds are –

  • HTTPS/JavaScript cookies
  • Dynamic cookies set during the user's interaction with the website
  • HTML5 Local Storage trackers
  • Flash Local Shared Object trackers
  • Silverlight Isolated Storage cookies/trackers
  • IndexedDB trackers
  • Pixel tags
  • Ultrasound beacons

All of these trackers can be found on a website, even if the website owner is not aware of their presence.

They usually sneak their way in through analytical tools, social media links, embedded videos, and many other website add-ons.


Why use Cookiebot's cookie scanner?

If your website has users from inside the EU, you are required to be compliant with the GDPR.

If your website has California residents among its users, you may be required to obtain compliance with the CCPA.

Using a cookie scanner is a vital tool in order to become compliant with data protection laws like the GDPR and CCPA. In fact, it’s technically impossible to be CCPA or GDPR compliant without it.

Why?

Because both laws require that you inform users of what cookies and trackers your website uses, what data you collect and who you pass it on to (e.g. third parties like Google and Facebook).

Cookiebot Wordpress


Cookie scanners for GDPR compliance

Cookiebot Drupal

GDPR compliance entails that –

Drupal
  • You must reveal all cookies and trackers operating on your website to the user, in plain language, so that he or she can make an informed choice of consent or revoking of consent.
  • You must withhold all cookies and trackers on your website (besides the strictly necessary cookies), until you have received clear and explicit user consent for setting cookies and trackers in activation.
  • The consent must be freely given, and never e.g. as a condition for using a service.

EDPB guidelines on valid consent

The European Data Protection Board (EDPB) is the leading supervisor of the GDPR, responsible for adopting guidelines and issuing decision on how the GDPR is to be interpreted and enforced by national data protection authorities in each EU member country.

On May 4, 2020, the EDPB adopted guidelines on valid consent that clarify how websites who process personal data of individuals inside the EU are supposed to obtain the prior consent of users.

The EDPB guidelines specify that –

  • Cookie banners are not allowed to have pre-ticked checkboxes, i.e. cookies must be deselected by default so that the users can give their clear and affirmative consent.
  • Scrolling and continued browsing on a website (implied consent) is not a valid form of consent.
  • Cookie walls (forced consent for access to a website) is not a valid form of consent.

Cookiebot Drupal Database

Cookie scanners for CCPA compliance

Cookiebot wordpress

CCPA compliance means that you must -

  • Feature a Do Not Sell My Personal Information link on your website that users can use to opt-out of third-party data sales.
  • Provide a notice at or before the point of collection informing the consumer of the categories of personal information that the company collects and for what purpose.
  • Include two steps for a deletion request, whereby the consumer can submit the request and subsequently agree to the personal information to be deleted.
  • Obtain opt-in consent from minors age 13 to 15 before selling their personal information, and opt-in consent by parents or legal guardians from consumers under the age of 13.
  • Update your privacy policy to include a description of the rights (opt-out, disclosure, deletion) and how to exercise these rights.

Google Consent Mode and the Cookiebot scanner

Google Consent Mode is a way for your website to make all its Google-services (like Google Analytics and Google Ads) run based on the consent of your end-users.

Using Cookiebot and Google Consent Mode together offers a seamless integration of GDPR compliance with analytics optimization and ads revenues for your website, i.e. by receiving valuable aggregate and non-identifying analytics insights or by displaying contextual ads to end-users rather than targeted, personalized ads – respecting the user’s consent in GDPR compliance and securing important ads revenue for your domain.

Cookiebot’s scanner and consent management platform is a perfect fit with Google Consent Mode, and helps your website find a balance between data privacy compliance and website optimization/conversion measurements.

Cookiebot collects user consents for processing personal data, and Google Consent Mode uses these consents to run all your website’s preferred Google-services in a simple, streamlined way.


Cookie scanners as explorative tools

But the cookie scanner technology is about more than just data law compliance.

In the recent year, the cookie scanner technology has shown itself to be an important explorative tool in investigative journalism – as a revealer of the hidden things of the Internet that invade our private lives and democratic institutions.


Cookie scanner reveals ad tech surveillance of EU government websites

Earlier in 2019, we at Cookiebot released a report on the ad tech surveillance of public sector websites in major EU nation states, in which we used our cookie scanner technology to analyze tracking that occurred during simulated visits to thousands of pages across official government websites and public health service websites in all 27 EU member states.

Cookiebot found over 100 advertising technology companies systematically and invisibly tracking EU citizens when they visit their governments online. Our cookie scan report made news headlines globally, including TechCrunch, BBC and Financial Times.

Drupal

Read the full Cookiebot report here.


Cookie scanners and the ad tech industry

Cookie scanners, like our Cookiebot scanner, reveal the third-party trackers that harvest user data for the purpose of profiling: the method by which cookies and trackers on websites harvest user data in order to collect data points of personal information and assemble them in comprehensive profiles on users, ranging from your political beliefs and geographical location to eye color and health, sexual orientation and financial information, and so on.

These profiles are used in what is known as behavioral advertisement.


Cookiebot Drupal 7

Contextual ads versus behavioral ads

Contextual ads work by presenting advertisement relevant to a particular search inquiry. You go on Google and enter something into their search engine, and Google will display ads that are relevant to your search. If you searched for rock-climbing shoes, ads for rock-climbing shoes will appear.

No big deal.

Behavioral ads, on the other hand, are non-search ads, i.e. they don’t require the context of your particular search inquiry to serve you advertisement online. Rather, they are based on collected and accumulated information about you as a person and served to you on your preferred social media platforms, as ads in online papers and magazines, and countless other websites you visit every day.


Cambridge Analytics was found to have 5,000 data points on every American.


Big Ad Tech is a multi-billion-dollar industry relying on the collection and selling of data about human beings and their individual and collective behavior – the commodification and monetization of private inner lives for the benefit of a small group of the wealthiest companies on Earth.

Cookiebot Drupal Tutorial

However, 45 percent of companies using behavioral ads saw no significant benefit from them, and 23 percent said they actually caused a decline in revenue, as reported in the New York Times recently in an opinion piece by Gabriel Weinberg, the chief executive and founder of the search engine, web browser company and Google-alternative DuckDuckGo.

Perhaps behavioral advertisement isn’t the miracle that Google and Facebook seem to be promising. Perhaps our data, mined and harvested and commodified, is just for the benefit of the powerful companies themselves. In which case, protecting privacy online becomes a no-brainer.

That is what our cookie scanner does. It protects privacy.

Try Cookiebot free for 30 days... or forever if you have a small website.


FAQ

What is a cookie scanner?

A cookie scanner is a technology used by websites to monitor and detect the cookies and trackers in operation. Cookies often collect and process personal data on users, when they visit a website. A cookie scanner helps websites be compliant with data protection laws like the EU’s GDPR and California’s CCPA that require websites to know what kind of personal data they collect, how and for what purposes.


How does a cookie scanner work?

A cookie scanner works by simulating real-life users on a website. A cookie scanner will simulate scrolling, clicking, playing videos, browsing subpages and all other interactions that real-life users are able to do. By simulating real-life users, a cookie scanner activates all cookies and trackers that are in operation on a website and then detects all their technical properties for the website owner to inform its users about.

Try Cookiebot free for 30 days... or forever if you have a small website.


What are cookies?

Cookies are small text files that are stored on a user’s browser when they visit a website. Some cookies are necessary cookies that only last for as long as the user’s session on the domain, but most cookies are persistent, stay in activation for years and collect personal data on visitors that can be used to create profiles for behavioral marketing schemes and other things that can infringe on user privacy.

Try Cookiebot free for 30 days... or forever if you have a small website.


Do I need a cookie scanner?

If your website has cookies – which it most likely has – then you need to scan your website. Knowing what cookies and trackers are in operation on your website is a requirement of data protection laws like the EU’s GDPR and California’s CCPA. Without a cookie scanner, you most likely will not know about the hidden trojan horses that are loaded secretly within other cookies, nor will you know the technical specifications of each cookies that the laws also require you to inform your website’s users of.

Try Cookiebot free for 30 days... or forever if you have a small website.


Resources