Monlex Logo Blue

Adaptation of Cookies to the Latest Criteria of the AEPD

Supercookie privacidad de los usuarios

The recent update to the guide on the use of cookies by the Spanish Data Protection Agency (AEPD) has created a need for adaptation by companies operating online. This update, driven by the European Data Protection Board’s (EDPB) Guidelines 03/2022, establishes new requirements that had to be implemented before last Thursday, January 11, 2024.

Changes and Innovations in Cookie Adaptation The update introduces positive changes that contribute to strengthening the protection of online users’ privacy. Among the main obligations that companies must comply with are:

Cookie Banner

  • Inclusion of the option to reject all cookies in the banner, along with the “ACCEPT” and “CONFIGURE COOKIES” options.
  • Clear, transparent, and non-misleading presentation of the options to accept and reject cookies in the banner

Cookie Policy

  • Review of the cookie policy to ensure it is clear, transparent, and concise.
  • Inclusion of detailed information about the use of cookies, including their function, type, purpose, owner, instructions for accepting, rejecting, and revoking consent, international data transfers, use for profiling and making automated decisions. Personalization Cookies
  • Distinction between personalization cookies decided by the user and their use for other purposes, such as customizing advertising content or creating user profiles.

Possibility of Demanding Payment for Not Accepting Cookies

  • The alternative offered in case of not accepting cookies does not necessarily have to be free, allowing to some extent paywalls. Implications and Conclusions

These changes represent an advancement in protecting online users’ privacy, demanding greater transparency from data controllers. However, companies must prepare to modify their processes and systems to comply with the new obligations, avoiding exposure to sanctions that could amount to up to 300,000 euros.

It is crucial for website and application owners to adapt to these changes before the deadline set by the AEPD. Adapting to these changes not only ensures legal compliance but also strengthens online users’ trust.

Elimination of Cookies by Google

In a related context, Google has announced the elimination of cookies for millions of Chrome users as part of its new system called ‘Privacy Sandbox’. This measure aims to protect users’ privacy while allowing advertisers to show personalized ads. Although this initiative has received criticism, Google claims to have found a balance between privacy and revenue.

Google’s elimination of cookies represents a significant change in the digital landscape and is expected to impact how user information is collected and used online. This move reflects the growing importance of privacy and data protection in today’s digital environment.

In summary, adapting to the new AEPD criteria and Google’s elimination of cookies marks a milestone in the evolution of online privacy protection. Companies and users must be prepared for these changes and their implications in data use in the digital environment.

With these changes, it is expected that online privacy protection will be strengthened, while promoting transparency and trust in data processing by companies and digital platforms.

Related reading:
Share this article


Lawyer specialized in New Technologies and Regulatory Compliance. He develops and implements effective compliance programs, simplifying complex technical and legal issues into pragmatic strategies to help his clients successfully navigate the evolving legal and technological landscape.
Related keywords

Mantente informado con consejos legales de Monlex

No hay spam, sólo enviamos actualizaciones sobre nuestras áreas de práctica

Do you require legal assistance?

Receive personalized advice from our experts at MONLEX.