Configure your HubSpot cookies tool correctly for compliance.
Cookies are becoming a complex and fast-changing area of running a website. If you use HubSpot’s Cookies functionality on your website, you need to run a quick check to ensure you are not just offering visitors to accept or decline, and to make sure all cookies used are held back until acceptance.
For a quick start, if your website displays the HubSpot cookies banner shown above, we would suggest you are not fully compliant and certainly not working in the spirit of privacy regulations.
What’s happening with tracking?
This is particularly focused on providing data to third parties who have some role in the provision and measurement of your website. The most common types of tracking include analytics tracking, ads tracking and video usage – where the video content is stored on a third-party platform like YouTube or Vimeo.
Cookies generally are categorised as:
- Necessary: the website won’t work properly unless accepted
- Analytics: measuring activity and behaviour flows
- Functionality: features on the website that need a cookie to offer full functionality. An example may be pre-filling forms with your data if you filled in one before.
- Advertisement: how website traffic feeds into adverts that you are presented with on this or any other website or platform you visit
It’s customary to offer visitors the choice of accepting or rejecting each or all of these categories and, most importantly, you must offer this choice before you begin collecting cookies from the visitor. This is a second area where you may think you are covered but are not.
Giving visitors the choice of cookies before tracking
If you are using the standard version of the HubSpot Cookies Tool (found in settings: Privacy & Consent: Cookies), then you need to be aware that this only covers the choice of cookies before tracking if:
- You only use HubSpot CMS and no third-party apps, such as video players
- You use the native google analytics integration rather than pasting Google tracking code in your page headers
If you are using any other cookies on your website, then strictly speaking, you are not covered by the standard HubSpot Cookie tool implementation and need to take action now, or you will be at risk of prosecution if someone chooses to make it an issue.
Do I have to use a third-party cookie tool instead of HubSpot’s?
The good news is that the answer is no, you don’t. HubSpot has released, via Public Beta, a new Cookies Scanning and Blocking upgrade that will provide you with everything you need to cover your website.
In addition to properly configuring the cookies tool to add the “display cookies by category” component (the first box in the three choices image), you will need to configure the following components in the new upgraded tool:
- Cookie scanner: this tool regularly scans your website for cookies and attempts to categorise them into the four main categories listed above
- Categorising the Cookies: you will then need to review the tool’s suggested categorisation of all cookies and make sure they are in the correct category
- Update your Cookies Policy: your cookies policy should identify all cookies used by the category so these can be reviewed by website visitors
Audit & implement
If this is all sounding confusing and complex, then you can work with BabelQuest to get on the correct side of privacy compliance. We can make all the configuration changes and run the scanning tool for you.
All we will need is access to whoever in your organisation is responsible for data and possibly a legal professional (whether inside or external). This is to agree upon the text that is shown within the cookies tool and on your website’s privacy page.
Once set up, the scanning tool will conduct regular scans of your website to ensure that all added content and functionality is covered by the new tool and by website documentation.
One less thing to worry about in an ever-changing online world!