8 min read
As a photo product business owner, you are handling a lot of personal data and photos, it is highly important not to jeopardize your customer's trust, because this is what selling personalized photo products is build upon. In the following article, you can take a deeper insight into this very never ending debate of using cookies and have a better overview on the important aspects of their use in your photo business. In which cases is cookie consent required, and what criteria should the cookies comply with? What kind of stored data requires consent from your website visitors? Keep reading to find the answers!
Contents
- Why Does A Photo Business Need Cookies?
- General Use of Cookies
- When is the Cookies Consent Required?
- Why is Cookies Consent Crucial for Photo Commerce?
Why Does A Photo Business Need Cookies?
The single most important job of a cookie is to keep a user logged in as they browse from page to page. A user's browsing history becomes part of a database, which the website then uses to analyze the customer's experience.
General Use of Cookies
As defined by the European Commission, "Cookies are small text files that are stored on your computer or mobile device when you visit the Internet websites or online stores."
Almost everyone has encountered cookie banners (or cookie consent tools) and generally, website users are quite annoyed by them. Oftentimes people are so disturbed by yet another cookies consent pop up that they click ''Okay'' without giving any further thoughts.
| True | False |
| ✓ Cookies are small files with text information | x Only marketing cookies need consent |
| ✓ Cookies can contain personal information | |
| ✓ Cookies are not evil in themselves | |
| ✓ Cookies can be helpful | |
| ✓ Websites cannot function without cookies | |
| ✓ Information from cookies can be misused | |
| ✓ Not every cookie needs consent |
After reading these facts, you probably wonder why there is need for consent for certain cookies at all? Most people do not look deep into it because they simply believe that ''the law says so." In reality, the answer is not so trivial and depends on several factors. First, it considered whether the particular cookie allows personal data to be processed. Here, for example, one can cite recital 30 of the EU GDPR.: "[...] Individuals may be assigned online identifiers such as IP addresses and cookie identifiers. [...]"
When is the Cookies Consent Required?
Generally, all cookie releases are a sign of one of the internet's persistent and basic flaws in terms of online privacy and who may access and resell users' data, and hence who can track them throughout the internet and in real life.
It must be carefully checked whether the cookies on the website that uses them are indispensable and technically mandatory so that, for example, the page, the online store or the application functions. The differentiation of cookies between so-called first-party providers and third-party providers should also not be neglected. Here are a few examples of possible cookies:
| Mandatory Consent | Consent not Required |
| ! Cookie of a tracking or analysis service | o Cookie to consent to the use of cookies |
| ! Video content provider cookie | Cookie for load balancing and delivering the o page |
| ! Cookies from external social media and services | |
| ! Cookie to defend against CSRF attacks |
GDPR makes specific requirements in connection with consent as the legal basis for processing. These following requirements must be taken into account when using cookies that call for consent:
- Voluntary (without coercion and tying)
- Informed (which cookie and what purpose and reason it has)
- Actively & explicitly given (Yes, I want!)
- Granular (no general consents allowed)
- Prior (that is, before the cookie is set with an opt-in)
- Verifiable (a documented form for accountability)
- Revocable (revocable at any time as easily as consent)
You should provide information about cookies that do not require consent in accordance with the general information requirements under the GDPR. If you take this into account and inform your visitors and customers, trust is established and this is always conducive to business. Keep in mind that in all times, consumers trust a brand more when they are well-informed about privacy measures.
Why is Cookies Consent Crucial for Photo Commerce?
Privacy is not only a European topic, but relevant to all consumers. It is also important to note, that cookie consent is not damaging businesses, but quite the contrary- it can leverage consumers trust and inspire them to buy more. Photo commerce is not only sensitive when it comes to data protection, but even hyper sensitive in photo commerce business and in production site.
1. in photo commerce business
-
Data protection is important since users do upload (very) personal images, e.g. of their child, wedding, holidays
-
All system components must ensure a high level of data protection to avoid misuse of these images
-
Users do trust the provider that no misuse of their personal images will take place
-
Users do show already a lot of trust to the provider when just uploading their images to the editor to create a photo product and photo commerce business must show that they are trustworthy
2. in production site
-
In production site, data protection is also important to make sure no misuse of personal images will take place
-
All production site steps must ensure that the right product with the right images will be delivered to the right consumer
-
All employees at production site must be aware that they're handling very personal information and images. The general aim is to always limit the amount of individuals having access to these images (which limitation also plays a big role in photo commerce business)
-
All steps taken at production site should follow this approach and make sure that no personal image will be available for unauthorized parties
Now that you know how vital cookies and data protection are for the reliability and trustworthiness of your brand, contact us and ask for the ip.labs solution to handle cookies for your photo business!
Disclaimer: ip.labs GmbH does not provide legal advice. The content of this article is not legally binding. The article represents the opinion of ip.labs as of November 2022.
