What are the latest cookie guidelines?

In November 2019 the Norwegian Nasjonale Kommunikasjonsmyndighet (NKOM) explicitly stated the demand for explicit consent before setting cookies on websites, and when the cookies handle personal data it should be done by GDPRs definition of consent. This is all aligned with the Norwegian Datatilsynet (Data Protection Authority) who confirms the fact that the consent should be aligned with GDPR. In other words, this means that the consent collected on a website that collects personal data must be:

  • Freely given

  • Specific

  • Informed

  • Unambiguous

This means you need to

How do we become cookie compliant in Norway using Cookie Information to collect valid consents?

Before you can start your compliance journey you need an account in our platform and a user for that account. If you have an account but do not have a user please contact our support through the chat in the bottom right corner. If you do not have an account or a user click here to start a trial.

Offer an easy way for your users to decline cookies

When you are in the Cookie Information platform you should go to the Consent Solution which holds domains for the Norwegian market. Then you follow this guide on how to change the template and be sure to pick either the Overlay v2 or Overlay v3 template (beware that this change will also affect all the other domains in that Consent Solution).

Inform your users about how you use cookies

When informing the user you have to consider two things.

  • All cookies in the scan result have been categorized and given a purpose. This means that all unclassified cookies need to be classified.

  • The main text of the pop-up needs to correctly explain what happens when the user clicks which button on the pop-up. The default text provided by Cookie Information accurately describes the functionality of the default templates and will therefore comply. Read more about the text and how to use it here.

Provide your users with a granulated option for consent

Your visitors should be allowed to make a granulated consent of what they consent to. This means that just saying yes or no is not enough. Your user should also be able to consent to different types of cookies. In Cookie Information we have specified four categories matching four purposes a cookie setting service might have.

  1. Technical necessary

  2. Functional

  3. Statistical

  4. Marketing

Our templates Overlay v2 and Overlay v3 have Privacy Controls that allow the user to opt-in to each category.

The privacy controls also exist as a separate widget, allowing you to implement it directly on a landing page which you can read about here.

Respect your users' privacy choices

This means that you should not set any cookies (except for necessary ones. You can set those) before your visitor has given valid consent. Also, this means that you should respect the choices made by the visitor. E.g. if the visitor only consents to functional cookies you are only allowed to set cookies classified as necessary and functional - statistical and marketing cookies should stay blocked.

In Cookie Information this is resolved in different ways.

  1. On all solutions created after May 6th, 2021, our feature Autoblocking has been enabled by default. This means all first-party cookies are automatically blocked before consent and based on the visitor's choices.

    1. This means cookies are treated on a website as they have been categorized and classified in our platform.

  2. Third-party cookies have to be blocked by implementing our Cookie Control SDK on each cookie setting.

Provide your users with an easy way to change or withdraw consent

Once a visitor has given consent, it should be as easy for the visitor to change it or withdraw it again afterwards. All Cookies Information templates have the re-open consent pop-up icon enabled.

Store documentation of consent for 5 years

On this last note, you don't have to worry. It is part of our service to you, and you simply have to ask our support team if you need access to a specific consent. You can read more about it here.

Implement the solution

Did this answer your question?