'Most Innovative Startup 2020' by RSA - Watch the video

Learn More

On 10 July 2021, the Italian data protection authority (Garante) released new guidelines on cookies and other similar tracking technologies. These Guidelines apply equally to active identifiers such as cookies and passive identifiers such as fingerprinting.

The Garante reaffirms that no tracking technologies can be installed on a user’s device unless consent has been obtained.

Some of the key points of the Guidelines are set out below:

  • Consent to the use of cookies and other tracking technologies should be freely given, specific, informed and unequivocal.
  • Consent should apply to all processing activities carried out for the same purpose or purposes. If the processing has multiple purposes, consent should be given for all of these.
  • In general, simple scrolling down a website, silence, inactivity on the part of the user, or the preselection of boxes does not constitute valid user’s consent for the use of cookies and other similar tracking technologies. The only exception in the case of scrolling is where it is part of a series of actions that unambiguously indicates the user’s willingness to consent.
  • By default, cookies or any tracking technology should not be dropped on the website unless the user affirmatively accepts.
  • Organizations must reaffirm a user’s consent when at least six months have passed since the excessive repetition of the cookie consent banner is likely to damage the freedom of choice of the user. However, the consent banner may be presented earlier where the conditions of the collection of consent have changed or if the website publisher is not aware that cookies have already been installed on the user’s device in order to be re-transmitted.
  • Cookie-walls are to be assessed on a case-by-case basis. Cookie walls may be acceptable where both services offered to the user are genuinely equivalent.
  • The cookie consent banner must consist of clear and concise information. It must consist of the following:
    • Minimum information on the use of technical and profiling cookies with their relevant purposes.
    • Close Command: A command of X to close the banner on the top-right and inside the banner.
    • Accept Command: A command to accept the use of cookies.
    • Privacy Policy Link: A link to the privacy policy or extended information located in the second information layer of the banner. It must include information required under Articles 12 and 13 of the GDPR such as data recipients and data retention periods.
    • Preference Center: A link to a dedicated area where users can make granular choices as to the functionalities, the third parties and the categories of cookies (grouped by homogenous categories). Users must be able to change their cookie preferences at any time.

Websites must use commands and fonts of equal size, emphasis and colors so that users are not misguided by banner design choices.

How Securiti Can Help

Securiti’s Cookie Consent Management Solution enables organizations to build cookie consent notices in accordance with the applicable legal requirements. It can help you comply with the Italian Guidelines on cookies with the help of following features:

  • Periodic scanning of websites
  • Configurable preference center
  • Auto-blocking of non-essential cookies
  • Dynamic consent refresh every 6 months
  • Granular consent records and reporting

Ask for a DEMO to understand how Securiti can help you comply with Italy’s new Guidelines on Cookies and other tracking technologies, GDPR and a whole host of other global privacy laws and regulations, with ease.

Scan your website and maintain GDPR/CCPA/LGPD compliant cookie consent - FREE

Provide a simple and secure way for your visitors to exercise their right to opt out of the sale of their information to advertisers.

Share this

Our Videos

View More

China’s PIPL

China has drafted its new data protection law, Personal Information Protection Law (PIPL) that will strengthen the regulatory framework for privacy and data protection in China.

Learn More
View More

South Africa’s POPIA Explained

The video gives an overview of South Africa's Protection of Personal Information Act (POPIA).

Learn More
privacy policy and notice management View More

Dynamic Privacy Policies & Notices

Automatically Update & Refresh Your Policies and Notices

Learn More
View More

Universal Consent & Preference Management

Simplify and automate universal consent management

Learn More
View More

Cookie Consent Management

Automate and manage the entire consent life cycle with efficiency for various cookie compliance regulations around the world.

Learn More
View More

Sensitive Data Intelligence

Discover granular insights into all aspects of your privacy and security functions while reducing security risks and lowering the overall costs

Learn More