We audited 15 banking websites in Portugal and Spain.15,000 pages. Real-world browser behaviour. Data observable by any user or regulator.What we observed raises questions that any DPO, CISO or compliance team should be asking their own organisation today. We won’t reveal the results here. But we can tell you that the questions this study raises are more uncomfortable than the answers.

Is your CMP present on 100% of your website’s pages?

‍

 When a user rejects all cookies, do you know exactly which technologies continue to run in their browser?

‍

 Do the cookies declared in your policy match what is actually written in your users’ browsers?

‍

‍