Frequently asked questions | CookieMan

Yes, self-learning is designed to ensure that your site meets the requirements of GDPR and other international regulations.

CookieMan ‘s self-learning uses intelligent cookie scanning to detect any changes in your site in real time.

Unlike traditional scanners, which are limited to static and periodic scanning, intelligent cookie scanning via self-learning performs continuous checks, ensuring accurate and up-to-date mapping of cookies and other functional features of your site. This functionality is critical to ensuring compliance with regulations such as GDPR, CCPA and other data protection laws.

The self-learning of CookieMan:

• Performs verification and learning activity from the client in asynchronous mode: thus, it is the activity of each visitor on your site that makes it possible to constantly and continuously monitor
• Has accessto all pages where a visitor, including by entering login credentials, can access
• It also has access to direct landing pages
• It integrates with the CookiePedia to define the complete way the cookies found
• Also note other aspects that may change on your site (e.g., Google Consent Mode activation, TCF 2.2 integration) by reporting them to help you keep your site secure and compliant

Scanning is an activity that allows the CMP (cookie banner) solution to check whether any components (e.g., plug-ins) have been installed on the site that have caused the installation of some new cookie that had not previously been surveyed.
Since it is mandatory to show the visitor the full list of cookies and let him or her choose which ones to give consent for, it is essential that the list of cookies is always up-to-date.
However, the scanning process is a process that has some critical issues, which by its nature, cannot be solved:

• although close, the scanning activity is performed in a scheduled process and, between scans, the information rendered to the visitor is not updated (among other things, CMP solutions often attribute a cost to the increased scanning frequency)
• pages that cannot be reached because they are not linked within the site will not be scanned by the process (e.g., landing pages)
• pages that cannot be reached because they are protected by login credentials will not be scanned by the process that cannot reach them
• dynamically constructed pages will not be scanned by the process
• pages that register cookies only when certain conditions occur (such as completing an online order) will not be scanned by the process

That is why CookieMan uses a different technique: the self-learning.
Find out how it works.

If you enable the auto-learning option, anyone who browses your site, on all pages, will help train your CookieMan, and every detected cookie will be cataloged.
This is the option we recommend. However, there may be circumstances where enabling this option results in the cataloging of unwanted cookies.
There are indeed some unofficial crawlers that, during their site verification activities, might install cookies for their own needs.
Official crawlers, such as Google’s, do not have this issue because they are recognized as such by CookieMan and do not impact the cookie inventory.
Unofficial crawlers could do so.
If you detect some cookies that you don’t recognize, we recommend enabling the option Limit cookie self-learning and adding the IP addresses allowed for detection.
IP addresses can be entered one below the other in the IP whitelist area.
You can enter as many IP addresses as you want, such as yours, your developer’s, your digital agency’s, etc.
In this way, only when users browsing from these IP addresses detect new cookies, CookieMan will accept the request for registration.
By enabling this option, you will see in the list of cookies those registered through the auto-learning process, marked with a symbol to indicate that they were detected from known IP addresses.

There are many cookies that are recorded with a variable part in their name, typically an identifier representing a user or a blog article, etc.
There are other cookies that have an identifying part in their name, but they are always registered with the same name.
Let’s look at some examples:

• the cookie et-saved-post-* is used by some WordPress site themes. The cookie is recorded with the name et-viewed-post- followed by a number that identifies the post code. For example, if you view one post, the cookie et-saved-post-123 might be saved on your PC. If you view another post, the cookie et-saved-post-456 will be recorded, and so on.
• the cookie _ga* is used for integration with Google Analytics. Each installation has its own identifier, so for a site, the cookie will always be recorded with a name like _ga_AS1554DD. There is a variable part, but it will always be the same for a given site. If there are multiple cookies, it’s because multiple Google Analytics accounts have been integrated, and it is correct for both to be added.

What we want to achieve is a different management approach for the two types of cookies:

• for the first type, we want only one cookie to be added, called et-saved-post-*, even though there will be multiple cookies recorded with different variable parts
• for the second type, we want a cookie to be added for each detection, such as _ga_AS1554DD and then _ga_BA16255

With CookieMan, you can easily manage this option:
In the cookie definition, enter the name with the asterisk, for example, et-saved-post-* or ga*.
Then, in the Options section, enable the option Make the variable part of the cookie dynamic only for the et-saved-post- cookie in our example.
The result will be as we described.

Remember: if the cookie is automatically added to your site by CookiePedia, it will be CookieMan that has defined it correctly.

All cookies can be processed in a compliant way or not, it depends on how you configure CMP.
There are different types of cookies: cookies that can be registered without asking the visitor for consent and cookies that can be registered only after asking for consent. If the visitor gives consent they can be registered with personal data, if not they cannot be registered or cannot contain personal data of the visitor.
Google Analytics (GA) cookies are no exception: they are cookies that can be registered and contain personal data of the visitor only if the visitor has given consent. If he or she does not, these cookies cannot be registered.
Google, with Consent Mode v2, has evolved its tools and even when the visitor does not give consent, through the use of modeling techniques and artificial intelligence, without processing personal data, it infer some characteristics and thus makes the statistics much more reliable and accurate.

The introduction of Google Analytics version 4 is a response to comments that the Italian Data Protection Authority had raised about the previous version of Google’s tools.
The introduction of Google Consent Mode v2 is a further step toward compliant and informed management of visitor data by Google’s suite of tools.
There have been rulings by some European data protection authorities against Google Analytics, its operation and recommended or permitted use.

Google Consent Mode helps website owners obtain users’ consent to collect their data in compliance with the GDPR.
Just using Google’s Consent Mode is not enough to be compliant with the GDPR or other regulations.
A website’s compliance is achieved by applying a series of tricks to make it compliant with regulations.
Certainly, collecting consent is one of the most sensitive aspects, and Google Consent Mode is a valuable aid.
CookieMan helps you understand if your website is compliant by providing a real-time check of the various regulations depending on the configurations you make.

Conversion modeling is Google’s way of providing you with anonymous analytical data from users of your website who have not consented to the use of cookies.
The data of visitors who have not given consent would normally be lost, Google has introduced with the management of Consent Mode, the ability to reuse this visitor data, anonymously, thus maintaining compliance with privacy regulations.
Conversion modeling offers insights into the paths of users on your website who have opted out of cookies using observable data from people who have consented to the use of cookies, thus providing an estimate of that end user’s path on your website.

It’s very simple.
From the my.cookieman.net management platform go to the Settings menu item and select the Main Settings box.
You will find the Google Consent Mode v2 section and inside it the Google Consent Mode v2 option: enable it.
You will immediately see the preview of your banner change and integrate the components of this mode of operation.
If you want to disable it, proceed in reverse, disabling the Google Consent Mode v2 option.

If you are creating your first site and choose auto-configuration mode: CookieMan will detect for you during the initial auto-configuration steps, the presence or absence of Google Consent Mode on your site and automatically configure it in the correct way.
If you want to learn more click this link.

If you or your web team are unsure whether Google Consent Mode is implemented on your website, you can use Google Tag Assistant to verify it.
Here’s how:
browse your website in Tag Assistant as a visitor. In the Tag Assistant window, click on a page or message and switch to the Consent tab. If you see a Consent status for ad_storage and analytics_storage tags, then Google Consent Mode is implemented, otherwise you will see the message Consent not configured.

Absolutely!
Integrating CookieMan with Google Tag Manager is the easiest way you can choose. We have thought of everything: from the management platform my.cookieman.net choose this way of integration among those available and you can then download the template, once imported into GTM it will do everything. You can only think about any customization of your other TAGs and everything will be ready.

Adopting a CMP that conforms to Google’s Consent Mode framework is a necessity in order to make the best use of Google’s tools. Without this, it would be impossible to manage the collection of consents with all that follows, also from a regulatory point of view.
Choosing a Google-certified CMP is a guarantee for developers and site owners. Choosing a Google-certified CMP means choosing a solution that Google has vetted and verified as working.

CookieMan is certified by Google for Consent Mode v. 2. You can verify it by clicking on this link.

It is a set of techniques defined by Google to manage in compliance with privacy regulations the consents of visitors.
Google provides a number of tools to manage the statistics, advertising spaces , etc. of its website. All of these tools have a great impact on the visitor’s personal data and require careful management so that the site owner can process and use them in a way that complies with the regulations that many states have specifically to tutal visitors.
To help site developers and thus owners, Google created this framework, called Google Consent Mode, to better and more easily manage the collection of consents through its tools and in particular Google Tag Manager.
In July 2022 Google introduced version 2 of the framework. Version 2 introduced significant improvements in terms of consent management, regulatory compliance, and integration with Google tools such as Analytics and Ads.

Using a consent management platform (CMP) on your website can help you obtain the granular, GDPR-compliant consent your visitors need for your website to process personal data.
The cookie banner must comply with the applicable regulations on the handling of personal data but also with the Directives that define certain physical characteristics of the same.
Also, if your website uses Google tools, you might consider adopting a CMP certified for Google Consent Mode v2.
If you integrate advertising tools, such as Google Ads, you might consider adopting a CMP certified for IAB’s TCF v.2.2.

The EU General Data Protection Regulation (GDPR) stipulates that websites that have users in Europe must request and obtain their explicit consent before processing their personal data.
Cookies and trackers used for statistical and advertising purposes on your website process visitors’ personal data, such as unique IDs, IP addresses, search and browser history, which is why you are required to inform users and ask for their consent in order to activate them.

The Digital Markets Act (DMA) requires prior consent or opt-in consent from consumers before website operators can collect their personal data. Third-party companies using Google’s platforms and services can use Google Consent Mode to notify Google of users’ consent status so that Google’s services do not collect their data in the absence of explicit consent.

This helps achieve compliance with the DMA so that companies can enjoy uninterrupted access to Google’s platforms and services.

It is very simple.
From the my.cookieman.net management platform, go to the Settings menu item and select the Main Settings box.
You will find the IAB’s Transparency & Consent Framework section and inside the Transparency & Consent Framework option: enable it.
You will immediately see the preview of your banner change and integrate the components of this mode of operation.
You will also be able to enable the Select Active Providers option on your site, which will allow you to select which IAB and Google providers you want to make visible to your visitors, limiting the list and thus making it more manageable for them.
If you want to disable it, proceed in reverse, disabling the Transparency & Consent Framework option.

If you are creating your first site and choose the auto-configuration mode: CookieMan will detect for you during the initial auto-configuration steps, the presence or absence of the Transparency & Consent Framework on your site and automatically configure it in the correct way.
If you want to learn more click this link.

CookieMan is certified by IAB on the use of the Transparency & Consent Framework (TCF) v2.2.
This means that IAB constantly verifies that CookieMan complies with the defined rules. You can verify this by clicking on this link.
This is a guarantee for the owner that the management of advertising partners is always compliant (updated weekly by IAB) and that the framework is always working properly from a technical point of view.

IAB TCF v2.2 requires publishers to obtain explicit user consent for data use in ads and personalized content, enhancing user rights and privacy.

Requires the cookie consent banner to show the full number of providers in advance, providing greater transparency. Publishers must also make it easier for users to manage their consent preferences, including revoking or changing consent options via CMP. In addition, publishers must keep accurate and detailed records of each user’s consent decisions, emphasizing accountability and accurate tracking of user preferences.

Adopting a CMP that complies with IAB’s TCF framework is a necessity when using advertising tools such as Google Ads.
Choosing a CMP certified by IAB, the Association that defined the TCF framework is a guarantee for developers and site owners. Choosing an IAB-certified CMP means choosing a solution that IAB has vetted and verified as working.

CookieMan Is certified by the IAB for the Transparency & Consent Framework (TCF) v2.2. You can verify it by clicking on this link.

TCF is a framework that enables publishers (site owners) and advertisers to comply with data privacy laws, such as GDPR and the ePrivacy Directive in their promotion activities on websites.
The visitor, as with cookie management, has the right to express his or her preferences, to provide consent or not in relation to his or her personal data. In the case of online advertisements, visitors’ personal data can be used to offer them targeted, profiled advertising.
The visitor therefore has the right to be profiled or not.
The use of a CMP that integrates with IAB TCF v2.2 can help achieve compliant management of all these aspects.
If you want to learn more click this link

A CMP is registered by IAB when it is recognized and validated for use of the Transparency & Consent Framework (TCF) v2.2
CookieMan is certified by IAB for the Transparency & Consent Framework (TCF) v2.2. You can verify it by clicking on this link.

The IAB TCF v2.2 updates the Transparency and Consent Framework to improve user privacy and choice in digital advertising by providing clearer consent options, greater transparency, and improved compliance with evolving data privacy regulations such as the GDPR.

Includes guidelines for publishers and advertisers to manage user data more responsibly and facilitates better communication between all parties in the digital advertising ecosystem, ensuring a more user-centric approach to data processing and advertising practices.

It is a framework developed by IAB to ensure transparency and compliance in consent management, complying with regulations such as GDPR and CCPA for those sites that intend to integrate advertising tools such as Google Ads.

The ePrivacy Regulation was adopted in 2017 but for reasons of waiting for entry into force it has been postponed several times and is currently still awaiting entry into force.
The ePrivacy Directive (2002/58/EC, amended in 2009) is still in force.

The ePrivacy Directive continues to regulate the use of cookies, electronic communication, and other privacy issues until the Regulation comes into force
The ePrivacy Regulation is expected to supplement and replace the ePrivacy Directive, but the delay in coming into force causes a regulatory situation in transition.

No, there are several legal bases that make the processing of personal and special data of the data subject lawful. Consent is one of the legal bases.
The data controller should first look for other legal bases for which the processing it is implementing is possible. Lacking the support of other bases, it can rest the processing on consent.
The acquisition of consent must respond to precise rules because only then is it lawful.
For this reason, it is essential to have a CMP that can manage the acquisition of consents in a lawful and compliant manner.

Maintaining a compliant and always easily searchable Consent Log can be a difficult task.
Indeed, it must be considered that visitors can express their consents not only in relation to cookies but also when they decide to subscribe to a newsletter by filling out a form, they are expressing consent.
The Consent Log should contain all of the visitor’s consents, however they have expressed them, in all of the forms they have filled out.
CookieMan makes the Consent Log available automatically.
The Cookie Consent Log is automatically created and made available.
The Registry for forms is easily implemented: you create the forms with whatever tool you want and then integrate a line of code that CookieMan provides and you’re done.

The adoption of the consent log is part of a broader need on the part of the data controller to be able to provide evidence of having received consent from the data subject.
In order to document the choices made by the visitor, a consent log is needed, a list in essence indicating the visitor’s reference and his or her choice regarding a consent that he or she could provide or withhold.
The log should include at least this information:

• who provided consent
• When and how the individual user’s consent was acquired
• The context in which consent was given (e.g., for cookies, newsletter subscription, etc.).
• A reference to the legal documents and conditions in place at the time consent was acquired (if applicable)

At CookieMan consulting the Consent Log is very simple: select the Consent item from the top menu.
The list shows:

• Visitor ID (unique to the visitor found on their cookie banner)
• Info (date and time of collection and information about the form if consent given in a form)
• Consents (consent status by cookie categories or by check boxes in forms)

If you want to learn more click the link.

The adoption of the consent log is part of a broader need on the part of the data controller to be able to provide evidence of having received consent from the data subject.
In a website, the data controller is the owner or rather publisher of the site and the data subject is the visitor.
The visitor can give or not give consents to allow or disallow the handling of his or her personal data. He does so through the cookie banner and not only. He or she can also do so through filling out a form, for example, in which the check box to subscribe to a newsletter might be included.
All such consents, or non-consents, expressed by the visitor must be documented in case someone (entitled to do so) comes asking for proof.
To document the choices made by the visitor, a consent log is needed, a list in essence indicating the visitor’s reference and his or her choice regarding a consent he or she could provide or withhold.
Not having a tool to give evidence of the visitor’s choices does not meet many regulations, including the European Regulation (GDPR).

To learn more use this link.

Absolutely.
The log is designed to comply with regulatory requirements related to the European Regulation (GDPR) and other regulations.
You can use this link to learn more.

The adoption of the consent logis part of a broader need on the part of the data controller to be able to provide proof of having received consent from the data subject.
In a website, the data controller is the owner or rather publisher of the site and the data subject is the visitor.
The visitor can give or not give consents to allow or disallow the handling of his or her personal data. He does so through the cookie banner and not only. He or she can also do so through filling out a form, for example, in which the check box to subscribe to a newsletter might be included.
All such consents, or non-consents, expressed by the visitor must be documented in case someone (entitled to do so) comes asking for proof.
To document the choices made by the visitor, a consent log is needed, a list in essence indicating the visitor’s reference and his or her choice regarding a consent he or she could provide or withhold.
Not having a tool to give evidence of the visitor’s choices does not meet many regulations, including the European Regulation (GDPR).

Yes, thanks to multilingual management, everyone can understand key information in their own language, ensuring smooth communication.
If there are people within the team who speak different languages, CookieMan, in addition to showing them the appropriate management interface, when it needs to send communications via e-mail, it will do so in their language.

There is no maximum number of accounts you can create. With CookieMan you have no limits!

Yes, with CookieMan you can customize permissions for each account, ensuring that each team member accesses only relevant information.

Yes, all interactions are tracked in a privacy-compliant manner.

You can integrate WhatsApp, Instagram, Facebook, LinkedIn, Twitter/X, TikTok, YouTube, and many others.
You can also create your own social media: if you can’t find the one you want in the list at CookieMan, you can upload your own logo and thus customize the link.

Of course, you can easily do it.
You might need to activate a block of code following the consent expressed by visitors to your site.
Imagine, for example, that you want to activate a SCRIPT only if the visitor gives consent to a specific cookie. This could be useful, for instance, to display the Facebook like button on one of your posts only if the visitor consents to a cookie, and to hide the button if they don’t.
Doing this is very simple: define the cookie that will act as the trigger for the button. You can use one of your choosing or one already used for other purposes (as long as they are relevant to what you are managing).
In the cookie definition, under the “General data” section of the cookie, you will find the Content Activation Selector field.
Enter the name of the selector you want in this field — for our example, you can use FB_like_button.
On your page, you will have a script that inserts the Facebook button, something like this:
<script type="text/javascript" async>
codice
</script>
Now modify the first line of this code like this:
<script type="text/plain" CookieMan_Selector=FB_like_button async>
and leave everything else unchanged.
In this way, the SCRIPT will be activated only if the selected cookie receives consent from the visitor, and the button will remain invisible if consent is not given.

Further note: You can go even further. If you want, you can make it so another block of code is activated when the cookie does not receive consent.
In the example we saw, if the selected cookie does not receive consent, the Facebook like button is not displayed.
If you prefer, you can display something else instead of the button in this case — so the space doesn’t remain empty — or you could encourage the visitor to give consent with a message.
To do this with CookieMan, you don’t have to do anything special. You just need to insert in your page the
<script type="text/plain" CookieMan_Selector=FB_like_button_off async>
code
</script>
As you can see, we used the same selector you defined in the cookie, but with _off added: FB_like_button_off.
All scripts with this selector will be activated if the cookie is not accepted.

If you have enabled multiple languages on your site (learn more), you need to inform your visitors about cookies with all the details translated into the active languages.
CookieMan performs this check for you: every time you publish a new version, a verification is done on all the cookies on your site, and you will be notified in the notification center if any cookie is not correctly translated into all active languages.
You can then manage this by modifying the cookie tabs and adding the text for each cookie in all languages.

By inserting a new cookie manually or through self-learning, you will be able to access all the information about that cookie in CookiePedia.
For CookieMan all cookies must be fully described, so that there is no risk to the site owner.
If the self-learning activity detects a cookie that is not in CookiePedia, it will report it to you. You will then have the option of registering the cookie yourself, because perhaps it is a cookie created by you or your developers, or you can request it to be censored by CookieMan.
If it is a known cookie, from a commercial solution, CookieMan will register it for you, with all the necessary information, and you will find it complete in your site definition.

Yes, the database is constantly updated with information about cookies detected on the sites. This ensures compliant and uninterrupted management.

Of course, you can easily do it.
You might need to activate a block of code following the consent expressed by visitors to your site.
Imagine, for example, that you want to activate a SCRIPT only if the visitor gives consent to a specific cookie. This could be useful, for instance, to display the Facebook like button on one of your posts only if the visitor consents to a cookie, and to hide the button if they don’t.
Doing this is very simple: define the cookie that will act as the trigger for the button. You can use one of your choosing or one already used for other purposes (as long as they are relevant to what you are managing).
In the cookie definition, under the “General data” section of the cookie, you will find the Content Activation Selector field.
Enter the name of the selector you want in this field — for our example, you can use FB_like_button.
On your page, you will have a script that inserts the Facebook button, something like this:
<script type="text/javascript" async>
codice
</script>
Now modify the first line of this code like this:
<script type="text/plain" CookieMan_Selector=FB_like_button async>
and leave everything else unchanged.
In this way, the SCRIPT will be activated only if the selected cookie receives consent from the visitor, and the button will remain invisible if consent is not given.

Further note: You can go even further. If you want, you can make it so another block of code is activated when the cookie does not receive consent.
In the example we saw, if the selected cookie does not receive consent, the Facebook like button is not displayed.
If you prefer, you can display something else instead of the button in this case — so the space doesn’t remain empty — or you could encourage the visitor to give consent with a message.
To do this with CookieMan, you don’t have to do anything special. You just need to insert in your page the
<script type="text/plain" CookieMan_Selector=FB_like_button_off async>
code
</script>
As you can see, we used the same selector you defined in the cookie, but with _off added: FB_like_button_off.
All scripts with this selector will be activated if the cookie is not accepted.

Unlike other solutions, CookieMan adopts the advanced technology CookieMan Fence, which ensures continuous protection of consents, even after the page is first loaded.
Therefore, you do not risk that cookies involving consent are recorded on the site without first acquiring it from your visitors.
If this happens, the cookie is not recorded anyway but the self-learning system will notify you immediately.

The statistics accessible by selecting Statistics from the top menu are updated daily.
The statistics you have available to you from the site dashboard (top menu Banners, My Site side menu) are real time.
These statistics report active and new users and page views for the last 60 minutes; graphs are updated every minute.

The available statistics can be accessed by selecting the Statistics item from the top menu.
You will then be able to select from the side menu the type of statistics you wish to consult.

Site Statistics: shows two graphs, one for new and active users and the other for Page Views.
New users are first time users visiting your site in the chosen period (Start Date – End Date).
Active users are all users who visited your site in the chosen period.
Page Views are all pages viewed by visitors (not unique).
You can select the chart type, period (hours, days, months), rating period.
You can display the mean and median lines.

Consent statistics: shows statistics of consents collected
The Recorded Consents graph shows the percentages of consents in the four different modes of expression: accepted, Implicit accepted, Rejected, Implicit rejected.
The Recorded Consent Percentages graph, shows three indexes with reported for each the percentages of the four different modes of expression.
The cakes show the total situation for the site, the last thirty days, and the last seven days.
You can choose whether to display statistics for new or active users (which includes new ones), the chart type, and the evaluation period.
You can display the trend line.

The cookie policy and privacy policy must be understandable by all users who visit your site. With CookieMan, you have the ability to choose which languages to activate automatic translation of documents for, and it will be the visitor who chooses which language to display them in.

CookieMan uses an advanced artificial intelligence system to analyze and translate content, maintaining the original meaning and ensuring that it complies with each country’s regulations.

Yes, you can do it very easily!
The activation tag allows CookieMan to be automatically displayed in a specific language. Language recognition is done by analyzing the URL and based on the tag defined for each language.
For example, with the activation tag /en/, the URL: https://cookieman.net/en/ will display CookieMan in English automatically.
But if your site handles languages differently, you can use the JavaScript function CookieMan.init() already prepared for you.
This function can be used to change the language of all CookieMan components. You can call it with these parameters:
italian: CookieMan.init("it-IT")
english: CookieMan.init("en-US")
spanish: CookieMan.init("es-ES")
french: CookieMan.init("fr-FR")
german: CookieMan.init("de-DE")
romanian: CookieMan.init("ro-RO")
portuguese: CookieMan.init("pt-PT")
You can then integrate your language-switching function into your site by also calling the appropriate CookieMan.init() function.

Yes, CookieMan supports many languages. Artificial intelligence ensures high quality translations adapted to local regulations.

Sure, you can customize the banner as many times as you wish!
Once CookieMan is integrated on your site, you can make any changes you want, whenever you want.
The changes will not be visible immediately, you can do as many tests as you want and see with thereal-time preview, the effect the change has on the desktop, tablet and mobile version.
Only when you have decided that you like everything, you can publish with one click and your changes will be online in a second.
But don’t worry: if you want to retrace your steps once you are published, you can republish an earlier version, bringing in a configuration of CookieMan that you perhaps like better.

You will be amazed!
The creation wizard will only ask you for the essential data and then you can choose from the available templates, which one represents the best choice for your site.
Don’t know which one to choose? Don’t worry.
Once again CookieMan helps you: you can choose the Beginner template and CookieMan will do everything for you in the best way.
It will activate a configuration and self-learning mode that will automatically retrieve all the information from your site and configure it in the best way.

If you want to learn more click the link.

Sure! Integrating CookieMan into a WordPress site is very simple:
Create your new site in CookieMan and make sure you’ve entered your site’s address in the appropriate section of CookieMan when you’re setting it up. This will help make everything automatic.
Download the CookieMan integration plugin for WordPress (you can find it by clicking on this link) and save it to your computer.
Alternatively, you can download the plugin through the WordPress marketplace by searching for CookieMan – Consent Management Platform in the search bar, or from CookieMan’s showcase website.
Follow the steps provided to enable the plugin on WordPress:

• Log in to WordPress with your account
• From the main menu, go to Plugins and select Add New Plugin
• Click on Upload Plugin
• Upload the .zip file you previously downloaded by searching for it among your files, then click Install Now
• In the plugin installation screen, once the process is complete, click Activate Now

In the main menu, you will find CookieMan. Next to this option, select Dashboard.
If you have previously entered your site’s URL as I suggested at the beginning, CookieMan has successfully detected your site: you can then proceed with the instructions provided on the site my.cookieman.net/.
If you haven’t entered your site’s URL in CookieMan previously, copy the token provided by CookieMan in the integration section and paste it into the appropriate field in WordPress after selecting Settings from the menu.

Remember: all this information and much more is available on the site my.cookieman.net in the Integration section by selecting the WordPress box.

Sure! Integrating CookieMan into a site developed with Joomla is very simple:
Download the CookieMan integration plugin for Joomla (you can find it by clicking on this link) and save it to your computer.
Alternatively, you can download the plugin through the Joomla marketplace by searching for CookieMan – Consent Management Platform in the search bar, or from CookieMan’s showcase website.
Follow the steps provided to enable the plugin on Joomla:

• Log in to Joomla with your account
• Select System from the main menu
• In the Install section, select Extensions
• Upload the .zip file you previously downloaded by either dragging it into the appropriate section or by searching for it among your files
• After a few moments, you will see a notification indicating that the installation was successful
• Select Control Panel from the main menu
• In the Site section, select Plugins
• Using the search bar, type CookieMan for Cookie Management
• Click on the icon of the circle with an “X” inside (in the Status column) next to CookieMan – Consent Management Platform to enable the plugin. You will see a notification indicating that the plugin has been enabled

Then go back to my.cookieman.net and proceed as follows:

• Copy the token that you find in the Integration section
• Go back to Joomla, and click on Settings
• Paste the token you previously copied into the dedicated text box
• Click on Save & Close

Finally, follow the steps provided on my.cookieman.net

You can find the CookieMan plugin for Joomla in the Joomla! Extensions Directory™ at the following address: https://extensions.joomla.org/extension/cookieman-consent-management-platform/

Remember: all this information and much more is available on the my.cookieman.net website in the Integration section by selecting the Joomla box.

Sure, you can also automatically translate the text into all the languages you have activated in CookieMan.

There is no limit to the number of preferences you can collect per individual form.

You can integrate as many registers as you wish. No limits with CookieMan!

Yes, our solution meets European and many global standards and is constantly being updated.

Using a consent management platform (CMP) on your website can help you obtain the granular, GDPR-compliant consent your visitors need for your website to process personal data.
The cookie banner must comply with the applicable regulations on the handling of personal data but also with the Directives that define certain physical characteristics of the same.
Also, if your website uses Google tools, you might consider adopting a CMP certified for Google Consent Mode v2.
If you integrate advertising tools, such as Google Ads, you might consider adopting a CMP certified for IAB’s TCF v.2.2.

Companies with visitors in the European Union must already obtain valid consent from users under the GDPR before collecting their data. The DMA (which covers users from the EU and the European Economic Area) strengthens the definition of consent under the GDPR. It imposes strict obligations on gatekeepers-who will set the rules for third-party companies to continue using their services-to achieve compliance.

Companies using gatekeeper platforms will need to follow these rules and align their data privacy policies with the DMA in order to continue using them.

The Digital Markets Act (DMA) requires prior consent or opt-in consent from consumers before website operators can collect their personal data. Third-party companies using Google’s platforms and services can use Google Consent Mode to notify Google of users’ consent status so that Google’s services do not collect their data in the absence of explicit consent.

This helps achieve compliance with the DMA so that companies can enjoy uninterrupted access to Google’s platforms and services.

Certainly! Website owners based in the USA or anywhere else in the world, even outside the European Community, who offer goods or services to users located in the European Union, must comply with the GDPR and therefore must implement a compliant CMP (Consent Management Platform).
The GDPR and all other applicable data processing regulations for websites apply not only to companies based in Europe but also to those outside the EU that:

• offer goods or services to individuals in the EU (even if free of charge),
• or monitor the behavior of users in the EU (e.g., through cookies, analytics, tracking, profiling).

This is defined in Article 3, Paragraph 2 of the GDPR.
So, what should the owner of a U.S. website operating in Europe do?
If a U.S. company (or any other non-EU country):

• sells products or services to European customers,
• has a website in a European language (e.g., Italian, German, etc.),
• accepts orders or ships to the EU,
• displays prices in euros,
• uses cookies or tracking technologies for European users (Google Analytics, Facebook Pixel, etc.)

then it falls under the scope of the GDPR and must display a GDPR-compliant CMP, including:

• preemptive blocking of non-essential cookies,
• granular consent collection and recording (consent log),
• option to withdraw/modify consent (easily),
• clear, transparent and compliant banner.

Use CookieMan for your websites, no matter where you are or what you do online, and you’ll be sure to do the right thing!

No, there are several legal bases that make the processing of personal and special data of the data subject lawful. Consent is one of the legal bases.
The data controller should first look for other legal bases for which the processing it is implementing is possible. Lacking the support of other bases, it can rest the processing on consent.
The acquisition of consent must respond to precise rules because only then is it lawful.
For this reason, it is essential to have a CMP that can manage the acquisition of consents in a lawful and compliant manner.

All cookies can be processed in a compliant way or not, it depends on how you configure CMP.
There are different types of cookies: cookies that can be registered without asking the visitor for consent and cookies that can be registered only after asking for consent. If the visitor gives consent they can be registered with personal data, if not they cannot be registered or cannot contain personal data of the visitor.
Google Analytics (GA) cookies are no exception: they are cookies that can be registered and contain personal data of the visitor only if the visitor has given consent. If he or she does not, these cookies cannot be registered.
Google, with Consent Mode v2, has evolved its tools and even when the visitor does not give consent, through the use of modeling techniques and artificial intelligence, without processing personal data, it infer some characteristics and thus makes the statistics much more reliable and accurate.

The ePrivacy Regulation was adopted in 2017 but for reasons of waiting for entry into force it has been postponed several times and is currently still awaiting entry into force.
The ePrivacy Directive (2002/58/EC, amended in 2009) is still in force.

The ePrivacy Directive continues to regulate the use of cookies, electronic communication, and other privacy issues until the Regulation comes into force
The ePrivacy Regulation is expected to supplement and replace the ePrivacy Directive, but the delay in coming into force causes a regulatory situation in transition.

The EU General Data Protection Regulation (GDPR) stipulates that websites that have users in Europe must request and obtain their explicit consent before processing their personal data.
Cookies and trackers used for statistical and advertising purposes on your website process visitors’ personal data, such as unique IDs, IP addresses, search and browser history, which is why you are required to inform users and ask for their consent in order to activate them.

The right to be informed

Organizations must provide users with information about their data processing activities. Such information can be provided in writing, including electronically, through a privacy policy. The information should be concise, transparent, understandable, easily accessible, written in clear and simple language (especially when directed to a child), and free of charge.

If the data is collected from the actual user to whom it relates, then it must be provided with privacy information at the time the data is obtained. However, if the personal data is obtained from a source other than the individual user, the individual user must receive privacy information within a “reasonable period” from the data obtained. This period can be no later than one month in general, or at the latest when the first communication occurs (if you use the data to communicate with the user).

The right of access

Users have the right to access their personal data and information about how it is processed. At the user’s request, data controllers must provide an overview of the categories of data processed, a copy of the actual data collected, and a description of how the data are processed. It is also necessary to clarify the purposes of the processing, how the data were acquired, and with whom the data were shared, if any.

Finally, the organization must provide the requesting individual with a copy of his or her personal data free of charge (should the individual request multiple copies, a reasonable fee may be charged). The requested data must be provided to the individual without undue delay and no later than one month after receipt of the request; the exact number of days in which the organization must honor a request depends on the month in which it was made.

The right of access is closely related to the right to data portability, although these two rights are not identical. It is therefore important that there is a clear distinction between these two rights in the privacy policy.

The right of rectification

Users have the right to request rectification of their personal data if they are inaccurate or incomplete. This right also implies that rectification must be communicated to all third parties involved in the processing of the data in question, unless this is impossible or particularly difficult. If requested by the user, the organization must also inform the user of the identity of such third parties.

Requests may be extended for an additional two months if the request is complex or if numerous requests have been received from the individual. The individual must be notified within one month of receipt of the request with an explanation of why the extension is necessary. Requests must be honored without undue delay and no later than one month after receipt.

In most cases, organizations must comply with a request for rectification without charging a fee. However, if a request is found to be “manifestly unfounded or excessive,” a “reasonable fee” may be charged to satisfy it or refused to address it. In either scenario, the decision must be legitimately justified. If a request is denied, the individual must be informed (along with the justification) without unnecessary delay and within one month of receiving it.

The right to object

Under the GDPR, users have the right to object to certain processing activities of their personal data carried out by the data controller (also known as Controller). In summary, users may object to the processing of their data whenever it is based on a legitimate interest or the performance of a task of public interest/exercise of public authority or for the purpose of scientific/historical research and statistics. Users must give reasons for their objection, unless the processing is for direct marketing purposes. In the latter case, in fact, no justification is required to exercise this right

If an objection to the processing of personal data is received and there are no grounds for refusal, the processing activity must cease. While the processing activity (including storage) must be stopped for the particular processing activities objected to, deletion may not be necessary if the data are processed for other purposes (including fulfilling legal or contractual obligations), as the data will have to be retained for these purposes.

Requests must be honored without undue delay and no later than one month after their receipt. Requests may be extended for an additional two months if the request is complex or if numerous requests have been received from the individual. The individual must be notified within one month of receipt of the request with an explanation of why the extension is necessary.

If there are no grounds for refusal, in most cases organizations must comply with the request without charging a fee. However, if a request is found to be “manifestly unfounded or excessive,” a “reasonable fee” may be charged to fulfill it or refuse to deal with it. In either scenario, the decision must be legitimately justified. If a request is denied, the individual must be informed (along with the justification) without unnecessary delay and within one month of receiving it.

The right to data portability

You have the right to obtain (in a readable electronic format) your personal data for the purpose of transferring it to another data controller, without the current data controller creating any obstacles. Both data “provided” by the user and data “observed” fall under this provision. This right applies only to personal data and as such does not apply to genuinely anonymous data (data that cannot be traced back to the individual).

Requests must be honored without undue delay and no later than one month after their receipt. Requests may be extended for an additional two months if the request is complex or if numerous requests have been received from the individual. The individual must be notified within one month of receipt of the request with an explanation of why the extension is necessary.

In most cases, organizations must comply with the request without charging a fee. However, if a request is found to be “manifestly unfounded or excessive,” a “reasonable fee” may be charged to satisfy it or refused to address it. In either scenario, the decision must be legitimately justified. If a request is denied, the individual must be informed (along with the justification) without unnecessary delay and within one month of receiving it.

The right to cancellation

When the data are no longer useful for the purposes for which they were collected, if the user withdraws consent, or when the personal data have been processed unlawfully, the user has the right to request their deletion as well as the cessation of all other forms of dissemination.

Requests must be honored without undue delay and no later than one month after their receipt. Requests may be extended for an additional two months if the request is complex or if numerous requests have been received from the individual. The individual must be notified within one month of receipt of the request with an explanation of why the extension is necessary.

The right to cancellation can be denied:

• When personal data are processed for a public interest (such as scientific research);
• when the data is necessary for defense in court or to fulfill a legal obligation;
• For the performance of a task in the public interest;
• for the exercise of public authority vested in the data controller;
• when the data are necessary to exercise the right to freedom of expression;
• When processed for health and public interest purposes.

The right to restrict treatment

You have the right to request restriction of the processing of your personal data if:

• challenged their accuracy;
• objected to the treatment, and the organization is considering whether there is a legitimate reason to exclude him;
• processing is unlawful, but the user requests restriction rather than deletion;
• data is no longer needed, but the user needs it to establish, exercise, or defend a legal claim.

The restriction must be communicated to all third parties involved in the processing of the data in question, unless this is impossible or particularly difficult. If requested by the user, the organization must also inform the user of the identity of such third parties.

Requests must be honored without undue delay and no later than one month after their receipt. Requests may be extended for an additional two months if the request is complex or if numerous requests have been received from the individual. The individual must be notified within one month of receipt of the request with an explanation of why the extension is necessary.

In most cases, organizations must comply with the request without charging a fee. However, if a request is found to be “manifestly unfounded or excessive,” a “reasonable fee” may be charged to satisfy it or refused to address it. In either scenario, the decision must be legitimately justified. If a request is denied, the individual must be informed (along with the justification) without unnecessary delay and within one month of receiving it.

Rights related to automated decision making and profiling

Users have the right not to be subjected to decision-making processes that are based on automated processing or profiling and that produce a legal effect, or an equally significant effect.

Organizations may make automated decisions only if they are necessary for the performance of a contract, authorized by the legislation of the EU country applicable to the data controller, have no legal effect or similar relevance to the user, or are based on the explicit consent of the data subject. Automated decisions involving special categories of data may be made only with the explicit consent of the user or for reasons of important public interest.

Adopting a CMP that conforms to Google’s Consent Mode framework is a necessity in order to make the best use of Google’s tools. Without this, it would be impossible to manage the collection of consents with all that follows, also from a regulatory point of view.
Choosing a Google-certified CMP is a guarantee for developers and site owners. Choosing a Google-certified CMP means choosing a solution that Google has vetted and verified as working.

CookieMan is certified by Google for Consent Mode v. 2. You can verify it by clicking on this link.

VAT at 22% is applied to private customers and customers with a valid VAT number located in Italy.
For customers with a VAT number located in the European Union (outside of Italy), VAT is not applied.
For private customers and customers with a VAT number located outside the European Union, VAT is not applied.
Private customers and customers with a VAT number located outside the European Union may incur additional administrative fees.
At checkout, the cost breakdown will be displayed.

CookieMan offers some complementary services to help you configure or integrate it properly into your site. The costs of the services are charged only at the first license activation (one-time).

See the Pricing page to view details of complementary services.

If you purchase the license (for the desired period) during the free trial, the license will be activated at the end of the trial period and will remain valid for the chosen duration. Licenses are not automatically renewed upon expiration.

If the license is not purchased during the free trial, CookieMan will stop working, and no charges will be applied.

For some agreed payment methods, automatic renewal may be activated.

No worries! Your trial period will remain unaffected: the license you purchase before the trial ends will only start after the trial period concludes.
For example, if your trial starts on 05/02, it will end on 19/02. If you activate a one-year license on 10/02, it will begin on 20/02 and last one full year from that date.
Go ahead—don’t waste time!

We accept payments through the following credit cards: Visa, Mastercard and American Express. We also accept payments through PayPal and, for some markets, Bank Transfer.

All online payments make the purchased license immediately active.