How to Comply With Italy’s Cookie Guidelines

Italy’s Data Protection Authority (the Garante) published a set of cookie guidelines that came into effect on January 10, 2022. The cookie consent rules are applicable to you if your website has users based in Italy. This guide will walk you through how you can implement Garante’s cookie guidelines on your website and stay compliant.

Note: Ensure that you have completed website scanning. To scan your website, head to CookieYes Dashboard and click on ‘Scan website for cookies’. Once scanning is complete, CookieYes will categorize and auto-update your list of cookies in the cookie audit table.

Steps to comply with Italy’s new cookie guidelines

Give granular control to users

You must allow users to give granular consent. This means in addition to the ‘Accept’ and ‘Reject’ buttons, users should be able to allow or deny the use of specific cookie categories.  

Step 1. In your Dashboard, select Consent Banner, then select Layout. Then click on Comply with select GDPR. Then, in the Consent type choose Explicit

Steps to comply with Italy's cookie guidelines

In the banner preview on the right side, you can see the ‘Preference’ button displayed on your banner. Your users can click on this button and choose to give consent to specific cookie categories. 

Allow users to close the banner

You must allow users to close the cookie banner and continue browsing your site without being tracked. In this case, only technical cookies (or strictly necessary cookies) will be set on a user’s browser.

Step 2. Under Consent Banner, select Content and then click on Cookie Notice. Now enable the Close [X] button.

Steps to comply with Italy's cookie guidelines

Provide a link to your privacy policy

You must link to the unabridged privacy policy which contains information as required under Articles 13-14 of the GDPR. 

Step 3. Under Cookie Notice, enable the Read More button. You can change the label text and add the URL to your site’s privacy policy page.

Steps to comply with Italy's cookie guidelines

Allow users to withdraw consent at any time

You must provide users with the right to withdraw or change their cookie preferences. This means after your user gives consent, they should be able to change their initial preferences easily at any time.

Step 4. Go to Behaviour and then enable Revisit consent button. You can also add a label that will appear on your website.

Steps to comply with Italy's cookie guidelines

Inform users about cookie categories

Your cookie banner must also include a disclosure about cookies, cookie categories and other tracking mechanisms used on your website. With CookieYes, you can display a multilayer banner i.e. a banner that can be expanded to showcase the full disclosure.

Step 5. Under Behaviour, enable Show audit table. You can click on ‘Preferences’ in your banner preview and see the cookie audit table with – Cookie, Type, Duration and Description.

After you have completed Steps 1-5. You can click on Save & Publish button and the changes will be reflected in your cookie banner.

Steps to comply with Italy's cookie guidelines

Keep a record of cookie consents

You must record cookie consents from your users and should also be able to demonstrate that valid consent has been obtained from users. 

Step 6. In your Dashboard, select Site Settings on the left panel and the toggle on Enable consent log. You can access the list of cookie consents recorded on your website under Consent log later.

Steps to comply with Italy's cookie guidelines

Additional points to remember

  • You must optimize the cookie banner for different devices. You can use the device preview option on CookieYes to see how your banner looks on different screens (desktop, mobile and tablet).
  • The cookie banner can displayed again to a user only after at least 6 months have passed since consent was collected the last time. CookieYes sets 1 year as the default for consent expiration. This means only after 1 year, the user will be requested consent again. 
  • Scrolling a website or inactivity by the usee does not constitute valid consent. CookieYes, by default, does not set cookies if the user scrolls or browses the website without giving consent.
  • Cookie walls which force users to give consent to access a website are not permitted. We recommend that you avoid using popup cookie banner on your website.
  • You may include a cookie policy on your website. You can head to the Dashboard > Cookie Policy and generate a custom cookie policy with a detailed cookie audit table. You can add this to your privacy policy or as a separate cookie policy page.
  • If you have a multilingual website, you can use the auto-translation feature to display banner in the user’s preferred language. (Available only for Basic, Pro, Ultimate plans). For instructions, check Add cookie banner on a multilingual website