Product Updates

CNIL-compliant French banner

posted on September 1, 2021

Last year, the French Data Protection Authority (CNIL) changed its rules on cookies. While EU law binds companies as a baseline, member state laws can go above and beyond those rules, according to their perceptions of how to best protect consumers.

Per the new rules, Osano now provides a consent-banner configuration that applies to French users and complies with the CNIL’s rules.

When a user encounters a consent banner, there’s an order to operations. Under EU rules, you can disclose data uses on a tiered basis. In that way, users can choose how much information they need to make a decision on whether to consent. Typically, Osano’s Consent Manager discloses cookie practices within the consent banner’s “drawer,” or the second layer of notification. The CNIL dislikes that model and said sites gathering consent from French users should announce up-front, at the “first-layer,” what they plan to do with user data. 

In Osano’s French banner, then, the user is shown details about data collection and use at the first point-of-contact with the site.

Why does this matter?

In October 2020, the French Data Protection Authority (CNIL) published revised cookies guidelines on obtaining user consent to collect or store non-essential cookies -- cookies deployed for advertising purposes. 

The CNIL guidelines call for entities to give more information than previously required under GDPR guidelines to collect consent. Now, the minimum information described to users must include the identity of the data controller and the purpose of the cookies deployed. It must also tell users how they can withdraw consent and the potential consequences of either choice. 

The new guidelines also state that a user’s failure to opt-in to cookies must, by default, be considered non-consent. 

In addition, the rules no longer completely ban cookie walls. But the CNIL indicates it frowns upon it because it’s less representative of true “affirmative consent.” 

Previously, the CNIL allowed sites to collect user consent for a group of sites, provided they notified users. Now, the CNIL “strongly recommends” seeking consent for each site from each user if an entity other than the first-party website deploys non-essential cookies.

CNIL gave sites six months to comply with the new rules. That window closed in March 2021, and the regulator has since started auditing sites and issuing non-compliance letters. 

Now, Osano customers can provide the correct consent banner for CNIL compliance.

Product(s) Affected

Core Platform



Text Customization for Consent Manager

posted on August 16, 2021

Depending on the location where users are accessing your site and the language the browser is set to, users see a specific and localized version of Osano's Consent Manager. But we know that the language within that notice might impact your opt-in rates. Now, you can customize that message to the specific ways it fits your company's customer base.

It's important to note that Osano's default pop-up language is what we believe complies with applicable cookie laws, so companies modifying the language should check with legal counsel to be sure any changes don't impact your compliance status.

Why does this matter?

It’s a documented fact now that online users are starting to feel worried about the number of cookies sites deploy on them. Consumers are becoming more savvy on the ways sites are collecting their personal information. This is partly due to newsmaking privacy laws like the California Consumer Privacy Act, which requires a visible opt-out button for consumers to reject the sale of their personal information by the site collecting the information to third parties. 

So the more transparent you can be, the better. But it can be difficult to explain that in a very small box in a very succinct way. So communication is key. 

In a 2020 Deloitte study on cookies, researchers looked at 167 websites across 12 countries in the EU to take the pulse. How are companies deploying cookies? Which are doing so effectively? 

The study found that the “perception of an organization can be largely influenced by the way it handles its cookies. Implementing user-centric methods to manage cookies and adopting sophisticated tools to gather consent can be important and unique selling points and can grant organizations a relative competitive advantage.”  

That is, the way you communicate to users what it is you’re asking them for within your consent pop-up or banner will impact your opt-in rates. While there are certain requirements from which you can’t deviate (you have to notify users and obtain consent before you place cookies, period) there is some room to tailor that depending on the message you want to convey. You may have even conducted internal testing that indicates what kind of language, colors or fonts help customers feel comfortable clicking “yes.” For example, maybe your customers are more likely to click a cookie preferences button that says “Got It” versus a button that says “Save.”

Product(s) Affected

Core Platform



Legacy Browser Support

posted on May 10, 2021

The Osano consent management platform now includes a legacy browser support toggle.

Legacy Browser Toggle

Within a website’s code includes everything required for the site to function. That lump sum of code is called a “bundle.” The bigger the bundle, the slower a site will load.

Because very few sites use Internet Explorer 11, Osano now allows customers to disable Legacy Browser Support off, which will remove support for older browser such as IE11 from the bundle, decreasing the time it takes the page to load.

Why does this matter?

One element of SEO is page performance. Customers who don’t need to support IE 11 now have the ability to turn off support for end-of-life legacy browsers. Osano performance is improved when legacy browser support is disabled.

Product(s) Affected

Consent Management



The managed data privacy platform

Get started with Osano today

Explore Osano

What's New at Osano

Introducing Osano Privacy Legal Templates

Now, with Osano Privacy Legal Templates you can get started faster by leveraging templates generated by our global team of privacy experts.

Learn more

Introducing DSAR email intake

Capture data subject rights requests with the convenience of email and the efficiency of a dedicated intake form.

Learn more

New reworked DSAR and discovery

We've reworked and redesigned Osano Subject Rights Management and Data Discovery, unifying them into a single, seamless experience and creating automation to save you time.

Learn more

Stay GDPR compliant under new French ruling

Privacy regulators at the CNIL in France recently declared that Google Analytics violates GDPR. Osano’s new block list feature can disable Google Analytics in France to keep you compliant while allowing you to use Google Analytics in regions where it is still legal.


New in May 2022: DSAR conditional fields, 28 new integrations, and more!

Customize DSAR forms with conditional fields, serve consent banners in additional languages, use 28 new integrations for Data Discovery, and more! Check out our latest product announcement blog for demos, links, and more information.


View more product updates

Osano product & engineering teams have been hard at work. View the full list of all product updates.

View Product Updates