Cookie services that transfer data to the USA may not be used / are illegal | Cookiebot judgment
At least the ruling (Ref.: 6 L 738/21.WI) applies to the RheinMain University of Applied Sciences, which used the CookieBot service on its website. Following a ruling by the Wiesbaden Administrative Court in summary proceedings, the university is no longer allowed to use the service on its own website. It is not yet clear when the university will comply. According to the current status (Privacy Shield 2.0 - the issue has been resolved in our opinion) Click here for the ruling.
Spectacular ruling for cookie services
The judgment is groundbreaking and, according to the applicant's lawyer Jonas Breyer, can be considered spectacular. We also agree with this assessment. If the ruling becomes legally binding, and this is currently assumed, all website operators who use services that transfer data to the USA will have a major problem.
"The cookie service processes the full IP address of the end user on the servers of a company whose headquarters are located in the USA. This creates a third country connection, namely to the USA, which is inadmissible in view of the so-called Schrems II decision of the European Court of Justice."
Which providers are still affected?
According to the current interpretation, this affects the following services, among others
- CookieBot
- Usercentrics
- SourcePoint
- OneTrust
- Didomi
- CookieFirst
- Iubenda
- CookieHub
- CookieYes
according to our tests, all of them use infrastructure from cloud providers based in the USA or whose parent company is based in the USA.
Solution - CCM19
The CCM19 service offers a solution - here, data is stored exclusively on servers that are
- are located within the scope of the GDPR, namely in Germany.
- are operated by companies that are based in Germany and have no headquarters or similar in the USA
- are not hosted by one of the major cloud providers offered by companies from the USA
CCM19 stores all data on its own cloud servers at OVH GmbH in Saarbrücken, the data centers and servers are physically located in Frankfurt, Limburg and are not transferred to insecure third countries, e.g. the USA. You can find more information about our policy on this topic here.
Your new Cookie Consent Tool - CCM19
The CCM19 cookie banner with which you can quickly and reliably check off the cookie topic! CCM19 is the perfect cookie consent tool that allows you to quickly, reliably and visually appealingly integrate a corresponding notice script into your site.
- Permanently free of charge in the FreeTariff
- Setup in under 5 minutes
- DSGVO / TDDDG compliant
- Customizable to CI in size, shape, color, font and content!
- Suitable for all store / CMS systems
- Automatically recognizes the most important 21,000+ cookies
- free, German-speaking support
- Hosting in Germany, no US providers
- 99.2% customer satisfaction according to Google, OMT and many more
The proven and reliable CCM19 is already used by 212.123 other German website operators!
Test for free - ready in 5 minutes.
Enter your e-mail address and password - and you're ready to go! During setup, your site is automatically scanned, cookies and scripts are recognized, the imprint and data protection notice are linked and other relevant data is entered correctly and fully automatically. After approx. 5 minutes, everything is ready for integration and you can tick off the topic. You can find all prices in our price table.
Start now for free
No credit card or payment information required.
Unique! The download version
On request, we offer the complete management interface with all the bells and whistles - including automatic scanning and setup - for download, with everything running on your server. Simply click on "Download" in the price table. There you will also find a complete list of functions.
Photo by Luke Michael on Unsplash