Requirements
- SecuTix customers create their own web site, that will be called institutional web site in this article for sake of clarity. At one stage, the internet user will be redirected from this institutional web site to the SecuTix Ticket Shop. The border between both web sites may vary from one customer to the other. The institutional web site isn't only used to sell tickets. As a result, it may use a variable number of cookies, totally unknown to SecuTix whereas the set of cookies used by the Ticket Shop is limited.
- The institutional web site and the Ticket Shop may belong to the same domain or two different domains.
- The internet user generally accesses the institutional web site first, but may reach the Ticket Shop directly, especially if he targets a specific event with Google or another search engine.
- In order to ensure a good user experience, a single cookie banner should be displayed, covering the consent for all cookies involved. This cookie banner needs to be tailored according to customer's needs.
- The cookie banner has to be displayed when the internet user enters the web site (either institutional web site or Ticket Shop) the first time.
- Since the internet user may revoke or modify his consent at any time, a link or a button allowing to display the banner must be available on each page.
Getting started
- SecuTix provides a description of the Ticket Shop cookies (available here).
- As a customer, you should prepare and host a page describing the cookies used on your institutional web site and on the Ticket Shop. This description may also be added to his data privacy policy page.
Usage of the SecuTix cookie banner
- SecuTix provides a cookie banner managing the consent to store the cookies used by the SecuTix Ticket Shop
- This cookie banner may be enabled through a service request
- You should display a cookie banner managing the cookies used by your institutional web site. Please ensure that your cookie banner is compliant with the GDPR rules and possible national laws.
- For a better user experience (displaying a cookie banner only once), the cookie banner of your web site should inform the SecuTix Ticket Shop about the internet user’s cookie preferences. This will be the case if your cookie banner is based on One Trust tool (but you still have to inform us to set-up the Ticket Shop accordingly). Otherwise, you should either adapt your cookie banner (see the technical specifications below) or ask SecuTix for an integration of both cookie banners. In this case, the SecuTix cookie banner will only be displayed if the internet user reaches directly the Ticket Shop, meaning that your own cookie banner wasn't displayed and couldn't provide the information on user's consent to the Ticket Shop.
Usage of a common One Trust cookie banner
Using a single cookie banner managing simultaneously the cookies used by your institutional web site and those used by the SecuTix Ticket Shop will provide the best user experience because:
- The internet user will see the same cookie banner, regardless if he starts navigating from your institutional web site or reaches the Ticket Shop directly, for instance after performing a research in a search engine
- A cookie banner will be displayed only once
The easiest way to do so is to base your cookie banner on the One Trust cookie management tool because the SecuTix banner is compatible with the way One Trust stores the cookie consent. However, you will have to pay a license for One Trust.
- Please create your own cookie banner based on One Trust taking into account the categories of cookies used by SecuTix Ticket Shop. Make sure that your cookie banner complies with the GDPR rules and possible national laws. The cookie banner allows to manage the consent for all the cookies concerned (institutional web site and Ticket Shop) except, of course, the essential cookies that just have to be mentioned.
- Please provide SecuTix the script needed to display the cookie banner if the internet user hasn't given his consent yet.
- Please provide the script needed to display the cookie banner on request (to allow the internet user to revoke or modify his consent).
- SecuTix injects the scripts mentioned above to the Ticket Shop through Google Tag Manager.
Usage of a common cookie banner based on another tool
The cookie banner gets the user consent for each cookie category, except for the essential cookies. It stores the internet user's consent in a special cookie, called consent cookie in this article for sake of clarity. This consent cookie stores the consent for each cookie category. Your banner must store the consent in such a way that the Ticket Shop knows which cookies it's allowed to store. SecuTix sets up the mapping between each Ticket Shop non essential cookie and a category, so that the Ticket Shop can check the consent for a given cookie before storing it. Of course, this mapping must match the cookie classification described in the cookie banner or cookie description page. You may define as many categories as you want.
This mapping is defined at point of sales level by means of additional label keys:
| KEY | VALUE (insert for all available languages) |
|---|---|
| privacy.consent.cartSummary.controlcookie.name | OptanonConsent |
| privacy.consent.cartSummary.controlcookie.value | 3:1 |
| privacy.consent.contact.controlcookie.name | OptanonConsent |
| privacy.consent.contact.controlcookie.value | 3:1 |
| privacy.consent.rememberMe.controlcookie.name | OptanonConsent |
| privacy.consent.rememberMe.controlcookie.value | 3:1 |
| privacy.consent.sampTracker.controlcookie.name | OptanonConsent |
| privacy.consent.sampTracker.controlcookie.value | 2:1 |
| privacy.consent.sampUrl.controlcookie.name | OptanonConsent |
| privacy.consent.sampUrl.controlcookie.value | 2:1 |
| privacy.consent.controlCookie.groupCategories.keyName | groups |
| privacy.consent.onetrusturl | some dummy value |
In this example, the consent cookie is named OptanonConsent which is the consent cookie managed by OneTrust. The cookie content starts with the key name groups. The cookies have been assigned to categories 2 and 3, category 1 being used for the essential cookies. For example, cartSummary has been assigned to category 3.
The mapping above matches following cookie content:
OptanonConsent:groups=1:1,2:1,3:1
The value after the ':' (0 or 1) indicates whether the category considered has been accepted or not.
The last key (privacy.consent.onetrusturl) isn't used anymore because our current policy is to inject the script through Google Tag Manager for increased flexibility. However, setting this key is still necessary for legacy technical reasons.
If the tool you have selected to create a cookie banner doesn't provide enough flexibility (to define the way the consent is stored), SecuTix is open to analyse the integration of your cookie banner. Some (paid) development will probably be needed in this case.
