ON THIS PAGE
Since the European Union's General Data Protection Regulation (GDPR) and the ePrivacy Directive (the EU cookie law) came into effect, users must give cookie consent before websites store cookies in their browsers. You can get Cookie Consent through a cookie consent banner. So, you need to have a Cookie Banner on your website if you have users from the European Economic Area (EEA). The EEA includes the EU plus Iceland, Norway, and Liechtenstein.
What is a Cookie Consent Banner?
A cookie consent banner is a cookie notification or a cookie text on a website that pops up when a user first visits the website. A Cookie Consent banner gives users the choice to consent or deny their cookie preferences.
According to the GDPR, users should give explicit cookie consent prior to setting cookies on their devices.
Use CookieScript CMP to create custom design and behavior Cookie Banner.
How Does Cookie Banner Work?
The scope of a Cookie Banner is to inform users about the use of cookies on the website and to collect their Cookie Consent. The Cookie Consent banner notifies the website users about the use of cookies, users’ rights regarding the use of cookies and their personal data management, and requests the users' consent to allow those cookies to collect their personal data.
The Cookie Banner should be presented to the website user when they first visit the website. Cookie Consent must be renewed every 6 to 12 months.
With CookieScript, you can automatically scan your website for cookies and add them to your site’s list of cookies.
Cookie Consent Banner Checklist
Cookie Banner requirements to be compliant with the GDPR
Use the following checklist while showing a GDPR-compliant Cookie Banner on your website:
Information about the cookies used on the website. Your Cookie Banner should inform website users that your website uses cookies or other trackers to collect users’ personal information, for what purposes, the expiry date of the listed cookies, and other related information.
Clear and concise language. Use simple language without technical jargon to explain the use of cookies and why you need Cookie Consent.
Link to your privacy policy. Your cookie banner must have a link to your Privacy Policy or Cookie Policy, where the user can find detailed information about the use of cookies and personal information, whether you share this information with third parties and other related data.
Prominence and visibility. Ensure that the Cookie Consent banner is clearly displayed on your website, and it could be easily noticed by users.
Responsiveness. Your cookie banner must be correctly displayed on all devices and platforms which can be used to access your website, including PCs, laptops, mobile phones, tablets, iPhones, iPads, etc.
Avoid cookie walls. The use of cookie walls is not allowed, so users can easily access your website even if they reject the use of cookies. Design the cookie banner in a way that it does not interfere with the user experience.
Consent mechanism. Use simple and straightforward language for consent options, such as the “Agree ” or “Accept ” buttons, a checkbox, or any other user-friendly method that indicates an affirmative action. Terms like “Okay ” are not valid consent since it does not provide unambiguous action. Present users with equal choices for giving or rejecting consent, and both options should be easily visible on the Cookie Banner, without pressing any additional buttons.
Granular cookie consent control. Users should be able to easily control their cookie preferences on the banner directly or on the second layer by using a “Cookie Settings” button or link that directs users to a dedicated page where they can customize their preferences. Users could enable just some categories of cookies and disable other categories. Use a checkbox for different types of cookies.
An example of a CookieScript Cookie Banner with a gradual consent of categories of cookies.
Delayed cookie placement. You must get cookie consent PRIOR to setting cookies on users’ devices. Only strictly necessary cookies could be set immediately. The setting of the non-essential cookies should be delayed until after users give their consent.
Multilingual banner. Cookie notices should be presented to users in all languages that your website has. This ensures that your users will make an informed decision about cookie consent.
Integration with Google Consent Mode. If your website uses Google Analytics or Google Ads, you must implement a cookie banner that is integrated with Google Consent Mode. This will ensure that your analytics and marketing data are collected having the user’s consent. This information will be sent to Google which then adapts the behavior of its tags and scripts.
IAB TCF cookie banner. The Transparency and Consent Framework (TCF) was created by the Interactive Advertising Bureau (IAB) to standardize how businesses run targeted advertisements while also remaining in compliance with the GDPR. The TCF is an industry-approved legal framework to communicate consent choices between users, website publishers (your website), and advertisers. Having a TCF-compliant banner allows you to comply with the GDPR while using advertising.
Google-Certified CMP. From 2023, publishers must use a Google-certified Consent Management Platform (CMP) integrated with IAB’s TCF for the delivery of the cookie banner and cookie consent management. In order to use Google advertisement products like Google AdSense, Ad Manager, or AdMob. If you are using a CMP that is not present in the list of Google-certified CMPs, you can't use Google advertisement products.
Explicit cookie consent. The cookie banner should collect explicit cookie consent. Don’t use pre-ticked boxes. Cookie consent by scrolling or by continued browsing is not considered GDPR-valid consent. Read more about the GDPR-compliance checklist.
User consent recordings. Record user consents for proof of compliance.
Advantageous cookie banner features
The following cookie banner features are not obliged, but are definitely advantageous to have:
Geo-targeting. Your website could have users from different countries with different privacy laws. You can prepare several cookie banners for different privacy laws. The geo-targeting feature determines your website user’s location and automatically presents the correct cookie banner.
Custom design and behavior. Some Consent Management Platforms like CookieScript allows you to create a custom design of your cookie banner that fits your company’s design or create custom behavior for your cookie banner.
How to Get a GDPR-Compliant Cookie Consent banner?
Remember, that only a 100% correct cookie banner is a GDPR-compliant cookie banner. The most reliable solution for a valid Cookie Consent banner is to use a Consent Management Platform (CMP).
CookieScript CMP is an optimal solution for creating a valid Cookie Banner and being compliant with the GDPR and other privacy laws.
CookieScript is a Google-certified CMP, present in Google's list of Google-certified CMPs. It is certified for both Google Ads and Google Consent Mode, so with CookieScript you can use Google advertisement products like Google AdSense, Ad Manager, or AdMob.
CookieScript CMP Privacy Policy Generator helps you to create a GDPR-compliant Privacy Policy for your company or website.
Our Cookie Scanner scans your website for cookies and other tracking technologies and provides a detailed scan report including details about your website’s cookies with their provider, duration, and third parties if any.
The CMP allows you to create a cookie banner in 30+ languages, has a geo-targeting functionality, collects granular cookie consent, and maintains a full history of consent for proof of compliance.
CookieScript CMP allows you to create a fully customizable and configurable Cookie Banner. You can personalize colors, fonts, text, and style, and adjust the banner to your website's design.
With CookieScript, you can be sure your website is 100% compliant.
Frequently Asked Questions
How does a cookie banner work?
The cookie consent banner presents a cookie notice to inform website users about the use of cookies, users’ rights regarding the use of cookies and their personal data management and requests the users' consent to allow those cookies to collect their personal data. The cookie banner should be presented to the website user when they first visit the website. Cookie consent must be renewed every 6 to 12 months. Use CookieScript CMP to create a GDPR and other privacy laws-compliant cookie banner.
Is a cookie banner required in the EU?
If your company is based in the EU or your site has users from the European Economic Area (EEA), you must have a cookie banner to comply with GDPR. A Cookie Consent banner gives users the choice to consent or deny the usage of cookies. The scope of a cookie banner is to inform users about the use of cookies on the website and to collect their cookie consent.
Is a cookie banner required in the US?
Firstly, GDPR could also apply to US websites. Even if your website is not based in the EU, but has users from the EU, you will have to comply with the GDPR. Secondly, while the US does not have a general federal data privacy law regulating the usage of cookies, state-level privacy laws like CCPA, CPRA, VCDPA, and others in the US require to have a cookie banner. Use CookieScript CMP to create a GDPR and other US privacy laws-compliant cookie banner.
What are cookie banner requirements to be compliant with the GDPR?
To be compliant with the GDPR, your cookie banner must provide information about the cookies used on the website, use clear and concise language, link to your Privacy Policy, be responsive, provide granular cookie consent control, and do not diminish the user experience. Your website should collect cookie consent for proof of compliance. Do not place cookies prior to getting cookie consent. Use CookieScript CMP to create a privacy laws-compliant cookie banner and collect and manage cookie consent for proof of compliance.