Title: Adding Cookie Compliance to Drupal Sites

Published: September 02, 2022
By Mya Schaefer, Senior Consultant, Berkshire Solutions LLC


Below is an instruction document that outlines the steps we took to explore, add, and configure cookies on a Drupal site using the EU Cookie Compliance module:

SOP: Managing Cookies on a Drupal Site Using EU Cookie Compliance Module

Purpose:

This SOP outlines the steps to install, configure, and manage cookies on a Drupal website using the EU Cookie Compliance module. It also includes guidance on cookie categories, ensuring GDPR and CCPA compliance, and enhancing user control over cookies.

Prerequisites:

Drupal Site Access: Administrator or developer access to your Drupal website.

Command-Line Access: Ability to run commands on your Drupal server (via SSH, Drush, etc.).

Composer: Installed on your Drupal environment for module installation.

Drush: Installed for Drupal management tasks.

Step 1: Install EU Cookie Compliance Module

  1. Access Your Drupal Directory:

• Navigate to your Drupal installation’s root directory using SSH:

cd /path/to/drupal

  1. Install the Module Using Composer:

• Run the following command to install the EU Cookie Compliance module:

composer require drupal/eu_cookie_compliance

  1. Enable the Module Using Drush:

• After installation, enable the module using Drush:

drush en eu_cookie_compliance -y

  1. Clear the Cache:

• Rebuild the cache to ensure all changes are applied:

drush cr

  1. Check for Database Updates:

• Ensure there are no pending database updates by running:

drush updb

Step 2: Configure EU Cookie Compliance Module

  1. Access the Module Settings:

• Log in to your Drupal admin interface.

• Navigate to Configuration > Web Services > EU Cookie Compliance.

  1. Customize Cookie Consent Banner:

• Configure the look and feel of the cookie banner, including its position (top, bottom, popup) and the message text.

  1. Define Consent Behavior:

• Choose whether you want opt-in or opt-out behavior for cookies.

• Ensure that cookies are only set after user consent for non-essential cookies.

Step 3: Set Up Cookie Categories

  1. Navigate to the Cookie Categories Tab:

• In the EU Cookie Compliance settings, go to the Cookie Categories tab.

  1. Add New Cookie Categories:

• Click + Add Cookie Categories and create categories based on your site’s needs:

Essential Cookies: Necessary for the basic operation of the site.

Analytics Cookies: Used for performance monitoring and analytics (e.g., Google Analytics).

Functionality Cookies: Store user preferences, such as language settings.

Marketing Cookies: Track user behavior for targeted advertising (e.g., Facebook Pixel).

Social Media Cookies: Allow social media interactions like shares and likes.

  1. Assign Cookies to Categories:

• In the Advanced Settings tab, assign specific cookies to their respective categories (e.g., Google Analytics cookies to “Analytics”).

Step 4: Ensure Compliance (GDPR, CCPA)

  1. Enable User Consent Logging:

• In the module settings, enable consent logging if required by law to maintain records of user consent actions.

  1. Provide a Cookie Policy:

• Link to your site’s Cookie Policy in the banner, explaining the types of cookies used and how users can change their preferences.

  1. Enable the Consent Banner:

• Configure the consent banner to appear to all users until they give consent or decline cookies.

Step 5: Test the Cookie Configuration

  1. Test the Banner in Incognito Mode:

• Open your website in a private/incognito browser window.

• Ensure that the banner displays correctly, and cookies are blocked or allowed based on the user’s consent.

  1. Verify Cookie Behavior:

• Check if cookies are set only after user consent for non-essential categories like analytics or marketing.

Step 6: Maintain and Monitor

  1. Regular Cookie Audits:

• Periodically review the cookies being set on your site to ensure they align with the configured categories and comply with evolving regulations.

  1. Update the Module:

• Keep the EU Cookie Compliance module up-to-date to ensure continued compliance with legal requirements and to access new features.

Summary of Cookie Categories

Category Description Example Cookies User Consent

Essential Necessary for core functionality (authentication, session management, etc.). Session cookies, security tokens No consent required

Analytics/Performance Track user behavior to improve site performance and usability. Google Analytics cookies Requires consent

Functionality Remember user preferences (e.g., language, login status) for a better user experience. Remember me, language settings Requires consent

Marketing/Targeting Used for advertising and tracking user behavior across websites for targeted ads. Facebook Pixel, Google Ads Requires explicit consent

Social Media Enable sharing and interaction with social media platforms (e.g., Facebook Like, Twitter Share buttons). Social media share cookies Requires consent

Conclusion

By following this SOP, you will have effectively managed the cookie consent process on your Drupal website, ensuring compliance with regulations such as GDPR and CCPA, while providing users with transparency and control over their data. Regularly review your settings and policies to stay up-to-date with best practices.

Please let us know if you need help with this addition to your Drupal site. We're happy to help!
 

Primary Category
Confidentiality
No