GDPR cookie consent banner module is updated with new exciting feature: Categories

Senior Drupal developer
Drupal GDPR ready

Does your site have traffic from EU? Then you need to ask for censent

According to GDPR, if you have any traffic from EU citizens on your site, you need to ask for consent before you, or third-party scripts, process any of their personal data.

One recurring GDPR feature request we’ve seen over the past few years has been to allow granularity in the cookie compliance consent, so that the user could accept or decline various cookie categories. This feature has now been added to the recently released versions 8.x-1.6 and 7.x-1.29. You can find the new consent method on the module settings page. To enable this feature, select “Opt-in with categories” as the consent method.

In this blog post, you can learn how to configure the EU Cookie Compliance banner to use GDPR categories, as well as how to use the categories in your code to track the user only when they give consent.

The different GDPR consent methods that the EU Cookie Compliance supports.
Consent for processing of personal information

GDPR consent banner configuration

Choosing this consent method reveals an expanded set of fields named “Cookie Categories” that you can find beneath the “Consent method” options. Here you can set up your cookie categories and configure how the banner behaves. Let’s first look at the categories:

Field for GDPR cookie categories showing configuration where 4 categories are entered

Categories are entered using the following pattern: key|label|description. The description is optional. The above setup will result in the following EU Cookie Compliance consent banner:

The resulting GDPR cookie banner, with the categories "Strictly necessary", "Performance", "Functional" and "Advertising" showing.

This will result in a fairly large GDPR consent banner. Note that the banner appearance in EU Cookie Compliance is based on a Drupal theme template, so you could always create a theme specific template and for example place the descriptions on the same line as the title, or perhaps have the descriptions appear on hover if space is a concern. By default, the banner has two buttons when you use the category consent method: “Save preferences” and “Accept all cookies”.

Below the text field for cookie consent categories are some additional options. The first option, which is on by default allows you to replace the “Agree” button with the two “Save preferences” and “Accept all cookies” buttons. In addition to labeling the buttons, you can also choose to make the first option compulsory by choosing “Tick the first checkbox and mark it read-only”. You can also choose to “Tick all category checkboxes by default” to make it more convenient for the user to opt-in to cookie usage under GDPR.

Screenshot showing the configuration options for the cookie banner with categories.

Code usage

In order to let your site and javascript comply with the cookie preferences set by the visitor, you may have to write some custom code. Although EU Cookie Compliance has some options to whitelist cookies and block scripts, not all scripts are added to the page source using the standard Drupal methods and can be altered through f.ex hook_js_alter in Drupal 7 (which is what the module attempts to do).

EU Cookie Compliance has for years had a method you can call to check if the user has agreed to store cookies and processing their personal data:

Drupal.eu_cookie_compliance.hasAgreed()

This function will return true when consent is given, and false when the user has declined processing of their data.

With the newly introduced categories, you can call the same function with a parameter:

Drupal.eu_cookie_compliance.hasAgreed(category)

Where ‘category’ is one of the category keys that you have defined on the EU Cookie Compliance module settings page, for example:

if (Drupal.eu_cookie_compliance.hasAgreed('performance')) {
  // Load scripts that deal with performance.
}


Conclusion

Many high profile sites allow visitors to choose among categories when the visitors give consent to the processing of private data through cookies in their browser. Now your site can do offer the same granularity if you use a recent version of the EU Cookie Compliance module.If you need help setting up your GDPR cookie banner, or have questions about how your site can become GDPR compliant, you can always get in touch with us at Ramsalt Lab through our contact page.


Latest news

Arrangement som samler webentusiaster, designere, prosjektledere og innholdsskapere for å utforske hvordan du kan bruke Drupal til å lage en enda bedre nettløsning.

Yngve W. Bergheim
Yngve W. Bergheim

20 employees from Ramsalt Lab had the opportunity to attend DrupalCon in the city of Barcelona. Read our top recommendations from the conference! 

Photo of Hansa Pandit
Hansa Pandit

Vi søker en visjonær og handlekraftig daglig leder som kan ta vårt utviklingsfirma til nye høyder! Er du en strategisk leder med solid forretningsforståelse og en sterk lidenskap for teknologi og innovasjon? Da vil vi høre fra deg!

Yngve W. Bergheim
Yngve W. Bergheim

The European AI Act came into force on 1 August 2024, bringing new rules and regulations for artificial intelligence within the EU. If you use AI on your website or for content-creation it is important to understand how these changes could have an impact. 

Nina
Nina Holzapfel