How RapidSpike Cookie Monitoring Can Support Managing GDPR
When the General Data Protection Regulations (GDPR) and ePrivacy Directive (EPD) updated we saw a proliferation of “cookie consent” banners crop up on websites as a direct result. The key parts of the GDPR relating to this change are from Recital 30:
Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.
Essentially, cookies became a form of ‘personal information’. In turn this meant that site owners were required to attain direct consent for storing them.
This led to the cookie consent banners we see everywhere – particularly whilst shopping on ecommerce websites.
As a site owner it is essential to understand what cookies (and therefore what information) we are storing, as well as the type of cookie and the duration it will be stored for.
Cookie management can be a complex issue simply because you are not just responsible for cookies stored by first-party software (i.e your own) – but also cookies that are used by third parties you have loaded on your website.
Third parties might include;
- Live chat and support ticket software
- Marketing and tracking utilities
- CRM, lead generation
Any one of these, once loaded on your site – e.g. via the popular Google Tag Manager – could also be using cookies to store information. If you are using Google Tag Manager (software designed to allow ‘safe’ adding and removing of scripts and utilities loaded in to website pages) you may not truly have a grasp on who or what has been added to your site.
Monitoring software like RapidSpike behaves like one of your customers – viewing from the ‘outside in’. This means that when our monitoring tools (for example a ‘page load monitor’) visits your website, it does so in a way that’s almost exactly the same as a real person.
These monitoring tools are then able to analyse all the scripts and other files that are loaded during the visit.
We have had a Cookie Management dashboard for years – it’s found in our Page Load and User Journey monitoring sections.
However we have now added a full Cookie Audit in the form of a GDPR dashboard. This dashboard is website-wide and will aggregate all cookies we have seen across all monitors on your website.
You can find the dashboard by viewing a website and clicking on PCI & GDPR AUDIT in the sidebar. Then select the GDPR tab.
The dashboard displays a cookie inventory, split into First Party and Third Party cookies (i.e cookies from services other than your own website). The more pages you monitor with RapidSpike the more we are able to detect.
You can see important information about the cookies, including their expiry and where they were seen. You can also generate a PDF or CSV report of the cookies to help you track them.
Given that RapidSpike is able to monitor exactly like a user does, we are easily able to see cookies placed by third parties – and even additional resources that might be loaded by further third parties, giving you the clearest picture possible.
If you need any help with your dashboard, please speak to one of our helpful team members today via Live Chat.