How-to: make your pixels and website GDPR compliant

Wonderkind Pixels may only be placed on the browser of the website visitor if the website visitor has given consent to the use of Wonderkind Pixels and he/she has been informed adequately.

Get valid consent on your website

When using Wonderkind Pixels, you must comply with applicable laws and regulations. The ePrivacy Directive requires prior informed consent for storage or access to information stored on a user’s equipment.

Informing your website visitors

According to current regulations (the ePrivacy Directive, the General Data Protection Regulation (“GDPR”) and the Dutch Telecommunication Act), a website visitor must be informed adequately before he/she consents to the use of Wonderkind Pixels. As a result, the first information layer, the cookie consent notification, and the second information layer, the privacy statement, must contain the correct information.

Example of a cookie consent notification

Wonderkind advises you to always review changes to your cookie consent notification and privacy statement with your legal advisors.

The cookie consent notification should contain that your company and third parties (such as Wonderkind) use cookies on your domain. If your company does not already have a cookie consent notification, an example of a suited cookie consent notification would be:

“[insert your company name] uses functional, analytic and tracking cookies and similar techniques, also from third parties, to show you relevant advertisement, also outside the [insert your company website] domain, to provide you with an optimal visitor experience, and to analyse and improve [insert your company name]’s and third parties’ services. Our advertising, analytic and social media partners have access to your use of our site. Read about how we use cookies and how you can control them by clicking “Cookie Settings”. See our Privacy Statement for more information. By clicking accept you consent to the use of cookies.” [Cookie Settings] [Accept]

No rights can be derived from the text of this cookie consent notification.

Adjusting your Privacy/Cookie Statement

Next to the adjustment of your cookie consent notification, your privacy/cookie statement should also refer to Wonderkind. You should explain briefly that Wonderkind uses cookies to show relevant job advertisements to your website visitors, which is a service Wonderkind provides to you. You also need to refer to Wonderkind's Privacy Statement so visitors can read more about the use of cookies by Wonderkind (https://wonderkind.com/privacy-statement-technology).

Wonderkind suggests that you add the following section to your privacy statement:
Use of Wonderkind’s Services: We make use of the services of Wonderkind, a technology company that finds talent for companies through artificial intelligence. Wonderkind uses cookies to show relevant job advertisements to you. For more information about the use of cookies by Wonderkind and how Wonderkind processes your personal data, please visit https://wonderkind.com/privacy-statement-technology.

Example of a cookie table

If you have a cookie table, you can include the following cookies in your cookie table:

No rights can be derived from the text of this cookie table.

Conclusion

You should always ensure that you legally acquire consent and that you are able to prove that you have acquired consent of all website visitors for the use of your own cookies and Wonderkind’s cookies on your domain.

Questions

If you have any questions about the way Wonderkind places the pixel and tags, please contact your onboarding manager or check out our how to article. For other legal questions, we advise you to discuss it with your legal advisors.

FAQ

1. Do I need to log consent of a website visitor? 

Article 7.1 of the GDPR states the following:

Where processing is based on consent, the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data. 

This means that you, as a website owner, must be able to document that a website visitor has given consent to the processing of his/her personal data (through the use of cookies). 

Article 29 Working Party, an independent EU Advisory Body, has released an updated ‘Guidelines on consent under Regulation 2016/579’. In point 5.1, they give an example of how a controller can prove that valid consent has been obtained from the data subject. The controller may keep a record of consent statements received, so he can show how consent was obtained, when consent was obtained, and the information provided to the data subject at the time shall be demonstrable. The controller shall also be able to demonstrate that the data subject was informed about the use of cookies, and that the controller’s workflow met all relevant criteria for a valid consent.

The Dutch Authority for Consumers & Markets also recommends website owners to log all the user consents in a consent log. These log files can serve as evidence for complaints. It is recommended to also store what information was given to the website visitor and which privacy statement was applicable at that time. 

2. What is the expiry date of the cookies?

The expiry date of the cookies is 60 days. A website visitor may delete the cookies, stored on his/her computer, at any time through his/her browser settings. 

3. Is the Google Tag Manager (“GTM”) GDPR compliant? 

Wonderkind Pixels may only be placed on the browser of the website visitor after the website visitor has given consent to the use of Wonderkind Pixels. Your onboarding manager can help you place the pixels in the GTM, but he/she cannot help you create the triggers. You should make sure that the cookies will only be set after the website visitor has given consent to the use of the cookies.

Did this answer your question?