> You can avoid using banners with a 100% server-side solution that does not invade the privacy sphere or process identifiable personal information. Or with a solution that relies solely on HTTP-header uploads to servers, thus not reading client data with JavaScript.
I don't think that's correct. It may be good enough for ePrivacy if it specifically targets cookie or established browser-based methods such as local storage, but it's definitely not compliant with the GDPR - the GDPR doesn't care how you track users, if you collect any information that can be used to re-identify a user you must have a legal basis for doing so, no matter whether you use cookies or carrier pigeon to transmit the data.
I don't think that's correct. It may be good enough for ePrivacy if it specifically targets cookie or established browser-based methods such as local storage, but it's definitely not compliant with the GDPR - the GDPR doesn't care how you track users, if you collect any information that can be used to re-identify a user you must have a legal basis for doing so, no matter whether you use cookies or carrier pigeon to transmit the data.