Product Updates

Updates to EU banners

posted on November 8, 2021

The regulatory landscape continues to shift as countries all over the globe continue to enact privacy laws. At the same time, regulators continue to issue guidance on how to best comply with the privacy rules those laws charge them with enforcing. 

Cookies, in particular, is a legal area that’s constantly in flux. Frequently, the debate is over when websites should be allowed to deploy tracking cookies on a website and for which purposes. Most importantly, how should websites deploying cookies communicate to end-users what’s happening with their data when they visit that site? That conversation is still evolving. 

The General Data Protection Regulation and the ePrivacy Directive are the governing laws here. But as companies experiment with different methods and designs to obtain consent to deploy cookies, regulators are getting more specific on rules for what the user interface should look like — at a minimum — to avoid regulatory scrutiny. 

Osano’s Consent Manager automatically displays a compliance pop-up to each end-user based on their geo-targeted location. Recently, EU regulators’ trending guidance indicates they want it to be as easy for an end-user to click “reject all” cookies as clicking “accept all.” And the Italian Data Protection Authority (known as the Garante) issued a requirement that goes a step further. The Garante has called for the presence of an “X” button within the cookie banner to symbolize the end-users’ ability to reject all but essential cookies.  

To ensure Osano customers can meet these new guidelines, the following will be added to the default banner experience in Belgium, Czech Republic, Denmark, Finland, Germany, Greece, Ireland, Italy, Netherlands, Spain and the U.K.:

 

  • An “X” allowing end-users to reject all tracking cookies. 
  • A “Reject All” button. 
  • A “Storage Preferences” link on the cookie banner’s first layer.

Here is what the Consent Banner for these countries looked like before:

Screen Shot 2021-11-05 at 3.15.24 PM

Here's what it looks like now: 

Screen Shot 2021-11-05 at 3.10.43 PM

 

 

Why does this matter?

Adding “Reject All” and an “X” to the consent banner in these EU jurisdictions and the U.K. positions Osano customers as compliant with the most recent compliance guidance from regulators. And including a link to more granular information about cookie deployment allows the privacy-focused end user to make a more informed decision on consent. 

Important: For customers using custom CSS to override the default banner experiences, we recommend testing this update on a staging site before publishing it to your production site to ensure there is no visual impact on your banner display.

Product(s) Affected

Core Platform

Availability

BusinessBusiness+Enterprise


Chinese banner update

posted on October 7, 2021

Compliance with privacy laws means always staying on top of changes at the legislative level. Recently, China enacted its privacy law, the Personal Information Protection Law of the People's Republic of China (PIPL). It comes into effect Nov. 1, 2021. It contains stricter provisions on data processing and relies mainly on end-user notice and consent. Penalties for violating the law include fines for nearly 50 million RMB (Chinese currency) or 5% of an organization's annual revenue, based on the previous year's total. 

The law now mandates end users' explicit consent for a website to collect personal information. Personal information, as defined under the Chinese law, is any information that relates to an “identified or identifiable natural person."

So here at Osano, we changed the default banner to help customers comply with the new rules. Now, users accessing Osano from China will see a banner that requires them to explicitly consent to the use of cookies for tracking, analytics, personalization or marketing.

This change requires a "re-publish." 

Why does this matter?

The Osano banner now provides the end-user more information to help them make an informed decision on whether they consent to cookies. Users can opt-in or opt-out, whereas previously, the default was opt-in. If users don't make a choice, the assumption is they don't want cookies deployed for tracking, analytics, personalization or marketing.  

The new Chinese banner ensures:

  • Compliance with China's law.
  • User empowerment to make their own choices.

Product(s) Affected

Core Platform

Availability

BusinessBusiness+Enterprise


Data Discovery

posted on September 22, 2021

A significant part of compliance is knowing what data you have and where it lives. Whether you need to perform a DPIA, provide evidence as part of an audit, or enhance security measures for data sources with higher risk, this can be a slow and painful process. Why? Because most companies have hundreds — if not thousands — of SaaS and on-premise systems where personal data is collected, transferred, shared, and stored.

That's why we've released Data Discovery. It uses artificial intelligence to discover and classify personal data, automate privacy rights fulfillment and demonstrate compliance. We launched this tool to save organizations hours of expensive manual labor and pain by automating the process. 

Here's how to get started:

  1. Connect Osano Data Discovery to your cloud-based or on-premise products, platforms and databases with a few clicks. Osano Data Discovery supports both structured and unstructured data. If we don't already support your data provider, open a support ticket, and Osano engineering will create the connector quickly and at no cost. Usually in as little as 72 hours.
  2. Osano's AI, which has been trained on billions of data points, will search for and find data stored across your organization, saving you from the monotony of manual classification.
  3. As Osano's AI discovers new systems, it will automatically classify the data it finds into more than 60 categories of personal, personally identifiable (PII) and sensitive data based on hundreds of data types.
  4. Once your data has been categorized, it is then easily accessible and searchable. 

Why does this matter?

Data Discovery is the foundation of a good privacy program. You can't be a responsible data steward if you don't know your data and where it lives.

Beyond wanting to do the right thing, several privacy and security laws require you to have your data mapped. That includes responding to data subject access requests or doing a privacy impact assessment. You can't do any of that without knowing where your data lives within the organization. Without automated data discovery, companies are often left to use systems like a manually built spreadsheet to track data. That makes you vulnerable to inefficiencies, human error and pain. And even then, oftentimes, data hiding in various systems and databases gets overlooked. Human error is real.

Data Discovery:

  • Automates data identification and classification.
  • Helps you comply with privacy and security obligations. 
  • Makes an inevitable process much less painful

Product(s) Affected

Core Platform

Availability

BusinessBusiness+DeveloperEnterprise

1 2 3 4
of 4
The managed data privacy platform

Get started with Osano today

Explore Osano

What's New at Osano

EU banner updates

Based on new guidance from EU regulators, the default banner experience has been updated with a "Reject All button," a "Storage Preferences" button and an "X" for the following countries: Belgium, Czech Republic, Denmark, Finland, Germany, Greece, Ireland, Italy, the Netherlands, Spain and the U.K.

Learn More

Chinese banner update

China passed a privacy law recently. The Personal Information Protection Law comes into effect in Nov.1 , 2021. It requires changes for obtaining consent from users for tracking, analytics, personalization and marketing. 

learn more

AI-powered Data Discovery, "No Fines, No Penalties" Pledge, $11M in funding

Today Osano is launching our AI-powered Data Discovery feature and introducing an industry-first "No Fines, No Penalties" Pledge. In addition, we're announcing $11 million in new funding. 

learn more

Global Privacy Control

Osano's Consent Management platform now understands and communicates Global Privacy Control signals.

Learn More

French banner consent configuration

In October 2020, the French Data Protection Authority changed its rules on cookies. This feature provides a consent-banner configuration that applies to French users and complies with the DPA's rules. 

Learn More