GDPR compliance: strategies for a cookieless future


A cookieless future may seem like a great threat to companies that have relied on online advertising to reach their target audience, but with the right tools it represents an opportunity to develop strategies more focused on proximity to customers.   

Increasing restrictions on the use of cookies for online tracking and advertising are partly due to regulations such as the GDPR, but it is also due to changes in browsers when using third-party data and growing concerns about customer privacy. 

In this article we will see the legislative changes that have led to the arrival of the cookieless world, how it can affect the marketing operations of companies, as well as new opportunities and technologies for a cookie-free world. 

🍪Don’t miss our webcast, “Cookieless: everything you need to know to adapt to the world without cookies” and learn how to redefine your strategies in this new era.

What is GDPR and how does it affect cookies?

The GDPR is the General Data Protection Regulation, which aims to protect the privacy and personal information of citizens of the European Union, forcing companies to report on how their data is collected, processed, and used. 

This regulation came into force in 2016 but it granted companies an extension of 2 years to adapt to their requirements, so in 2018 those who did not adhere to these guidelines began to be sanctioned 

Until the appearance of the RGPD, when a user visited a website, it collected self-installing cookies in their browsers without knowledge. After the regulation, specific rules are being developed that consider “cookies” as a personal data that must be protected 

This protection implies that at the time the user enters the web, he must be informed who is the owner of the cookie and its purpose, as well as obtain the explicit consent of the person for the installation of the cookie in the browser.  

The importance of this regulation is of such magnitude that in 2024 changes in the privacy policies of large companies will come into force, such as Apple’s Intelligent Tracking Prevention and Google’s restrictions on the use of third-party data. 

In inConcert, data is protected

The cookieless future is driven by a new paradigm around privacy: 84% of consumers are concerned about the use of their data and want to have more control over their trail on the internet. How do we address this need?  

InConcert has prepared for the change based on the European framework, given that the global trend is to match the GDPR as the most respectful of the fundamental rights of privacy of the interested parties. To this are added additional certifications such as the ISO 27001, an international compliance standard for information security. 

The GDPR sets out specific requirements for companies and organisations on the collection, storage, and management of personal data, with application to both European organisations that process personal data of citizens in the EU and organisations based outside the EU and whose activity targets individuals living in the EU. 

It should be noted that our datacenters are distributed between Spain and the United States, with three providers in four locations: Madrid, Barcelona, Miami, and Dallas. Although we operate in various locations around the world, inConcert always chooses to follow the most restrictive legislation to ensure the security of its customers’ and users‘ data. 

In addition, we carry out periodic and proactive checks, and apply controls that guarantee 3 fundamental points: 

  • Control of the integrity and confidentiality of all information contained on our servers through continuous monitoring. 
  • Management of user consent within the platform: in case of launching a campaign with our tool, the consent of users is guaranteed through collection forms and automatic unsubscribe systems. 
  • Organizational compliance, through training and awareness of employees, confidentiality agreements, supplier control and all kinds of measures related to the management of information within the company. 


🔐 Learn more about our security management in this interview with Francisco Salgueiro, VP of Engineering at inConcert.  

Goodbye to third party cookies!

Who hasn’t searched for information on a website and then found related advertising on other pages or apps? Until recently, when analyzing any website, it was common to find various tracking and analytics tools for different external data systems. This information facilitated retargeting strategies that are now invasive and unwanted 

Unlike first party cookies, which will remain in force and function normally, companies with contact strategies that rely on the exploitation of third-party data will have to adapt quickly to the paradigm shift. If you find yourself in this group, do not despair! As a first step, keep in mind the following considerations:  

  • Support strategies in customer data and not necessarily in navigation data. Implementing a customer data management (CDP) platform can help companies unify data from different sources and create a single, comprehensive view of each customer. This will allow us to offer personalized experiences without relying on cookies. 
  • Give greater relevance to contextual information, which depends on the content that is being viewed at the moment and not cookies in the person’s history. Add to this intent-based advertising and location-based advertising. Where am I geographically, what device am I connected from, etc. 

Undoubtedly, it is best to collect first-party data. Businesses can obtain information from users who visit or interact with their website through other channels, such as social media, or focus on SEO and search engine optimization to drive traffic to their website and deliver personalized experiences.  

🤖 Learn how to generate more and better leads with chatbots.


When it comes to analyzing the behavior of visitors on the web, third-party cookies and their own must be obtained after offering users a granular consent form. 

Our Marketing Automation & CRM technology provides a specific module for each web content. It is not only about accepting (or not) the use of cookies but clearly informing which ones will be used, where first parties may be necessary but those of third parties optional. 

As we have seen before, contextual advertising will become important in the future, not only because of the possible results they add to a company’s operations, but as a reliable and robust method to acquire zero- and first-party data in a sustained way. 

In turn, improving SEO and the type of words by which they find us allows us to obtain more own cookies and not depend on others. Our Marketing Automation & CRM solution  shows the journey and the keywords that customers use when searching for us, providing essential data to guide our strategic actions.  

This technology also allows you to perform an effective SEO tuning: any web page, microsite or pop-up built has specific sections to configure SEO parameters, control how they are displayed from search engines and how they are embedded in social networks, verify the relevance and match between content and titles, descriptions, and metatags, define if the page should be indexed, if it is a canonical page and much more. 

Knowing how to use the data we collect, both through cookies and the type of journey made by our client, allows us to achieve a more specific and appropriate contact to have an ideal relationship with our audiences. 


Three keys to success in the cookieless world

A future without third-party cookies will mean that most companies will need a software on which can bear the brunt of these tasks, optimizes CRM data, and is aimed at making the most of the available information. Como takeaway, aquí tres claves para triunfar en el mundo cookieless: 

Base your strategy on zero- and first-party data. The first refers to the information that the client provides voluntarily, for example, through a form, while the second is that which the company collects directly and is owned by it.   

Get granular insights into your customer journey. Our Marketing Automation & CRM solution allows you to know and analyze in detail the behavior, preferences, and difficulties of each one, from the first contact to the concretion.  

Segment and automate your campaigns efficiently. The strategies that arise from information we have in our systems allow us to generate tailored audiences and optimize service processes without depending on data on external platforms. 

By focusing on obtaining first-hand data, companies can better understand their customers and deliver content and experiences that meet their needs and wants. The first step is to understand that this regulation is designed to protect the most precious asset of any industry: people.  

 🧑💻  Relive our webcast, “Cookieless: Everything You Need to Know to Adapt to the Cookie-Free World” and learn how to redefine your strategies in this new era. 

📚Want more? Access exclusive resources,  where you will find eBooks, guides, webinars and articles to continue growing.