GDPR cookie consent banner module is updated with new exciting feature: Categories

Senior Drupal developer
Drupal GDPR ready

Does your site have traffic from EU? Then you need to ask for censent

According to GDPR, if you have any traffic from EU citizens on your site, you need to ask for consent before you, or third-party scripts, process any of their personal data.

One recurring GDPR feature request we’ve seen over the past few years has been to allow granularity in the cookie compliance consent, so that the user could accept or decline various cookie categories. This feature has now been added to the recently released versions 8.x-1.6 and 7.x-1.29. You can find the new consent method on the module settings page. To enable this feature, select “Opt-in with categories” as the consent method.

In this blog post, you can learn how to configure the EU Cookie Compliance banner to use GDPR categories, as well as how to use the categories in your code to track the user only when they give consent.

The different GDPR consent methods that the EU Cookie Compliance supports.
Consent for processing of personal information

GDPR consent banner configuration

Choosing this consent method reveals an expanded set of fields named “Cookie Categories” that you can find beneath the “Consent method” options. Here you can set up your cookie categories and configure how the banner behaves. Let’s first look at the categories:

Field for GDPR cookie categories showing configuration where 4 categories are entered

Categories are entered using the following pattern: key|label|description. The description is optional. The above setup will result in the following EU Cookie Compliance consent banner:

The resulting GDPR cookie banner, with the categories "Strictly necessary", "Performance", "Functional" and "Advertising" showing.

This will result in a fairly large GDPR consent banner. Note that the banner appearance in EU Cookie Compliance is based on a Drupal theme template, so you could always create a theme specific template and for example place the descriptions on the same line as the title, or perhaps have the descriptions appear on hover if space is a concern. By default, the banner has two buttons when you use the category consent method: “Save preferences” and “Accept all cookies”.

Below the text field for cookie consent categories are some additional options. The first option, which is on by default allows you to replace the “Agree” button with the two “Save preferences” and “Accept all cookies” buttons. In addition to labeling the buttons, you can also choose to make the first option compulsory by choosing “Tick the first checkbox and mark it read-only”. You can also choose to “Tick all category checkboxes by default” to make it more convenient for the user to opt-in to cookie usage under GDPR.

Screenshot showing the configuration options for the cookie banner with categories.

Code usage

In order to let your site and javascript comply with the cookie preferences set by the visitor, you may have to write some custom code. Although EU Cookie Compliance has some options to whitelist cookies and block scripts, not all scripts are added to the page source using the standard Drupal methods and can be altered through f.ex hook_js_alter in Drupal 7 (which is what the module attempts to do).

EU Cookie Compliance has for years had a method you can call to check if the user has agreed to store cookies and processing their personal data:

Drupal.eu_cookie_compliance.hasAgreed()

This function will return true when consent is given, and false when the user has declined processing of their data.

With the newly introduced categories, you can call the same function with a parameter:

Drupal.eu_cookie_compliance.hasAgreed(category)

Where ‘category’ is one of the category keys that you have defined on the EU Cookie Compliance module settings page, for example:

if (Drupal.eu_cookie_compliance.hasAgreed('performance')) {
  // Load scripts that deal with performance.
}


Conclusion

Many high profile sites allow visitors to choose among categories when the visitors give consent to the processing of private data through cookies in their browser. Now your site can do offer the same granularity if you use a recent version of the EU Cookie Compliance module.If you need help setting up your GDPR cookie banner, or have questions about how your site can become GDPR compliant, you can always get in touch with us at Ramsalt Lab through our contact page.


Latest news

En avgjørelser fra 13. januar i Østerike kunkluderer med at Google Analytics bryter med GDPR og er ulovlig å bruke.

Yngve W. Bergheim
Yngve W. Bergheim

The Liberian Observer is Liberia's first independent daily newspaper that envisions expanding into new markets and becoming the leading national digital newspaper. After thoughtful investigation they chose Ramsalt as digital partner.

Vi har fått en ny ramsalting til vårt Tromsø-kontor på tampen av året. Vi er nå over 20 ramsalte kvinner og menn klare til å hjelpe deg å bygge gode websider. 

In this article we want to have a closer look at pros and cons and similarities, this article should be useful for front-end developers or team leaders to decide which one will work best for the next project.

Soheil Sadeghbayan
Liam Soheil Sadeghbayan