Since the European Union's General Data Protection Regulation (GDPR) and the ePrivacy Directive (the EU cookie law) came into effect, users must give cookie consent before websites store cookies in their browsers. You can get Cookie Consent through a cookie consent banner. So, you need to have a Cookie Banner on your website if you have users from the European Economic Area (EEA). The EEA includes the EU plus Iceland, Norway, and Liechtenstein.
What is a Cookie Consent Banner?
A cookie consent banner is a cookie notification or a cookie text on a website that pops up when a user first visits the website. A Cookie Consent banner gives users the choice to consent or deny their cookie preferences.
According to the GDPR, users should give explicit cookie consent prior to setting cookies on their devices.
How Does Cookie Banner Work?
With CookieScript, you can automatically scan your website for cookies and add them to your site’s list of cookies.
Cookie Consent Banner Checklist
Cookie Banner requirements to be compliant with the GDPR
Use the following checklist while showing a GDPR-compliant Cookie Banner on your website:
Prominence and visibility. Ensure that the Cookie Consent banner is clearly displayed on your website, and it could be easily noticed by users.
Responsiveness. Your cookie banner must be correctly displayed on all devices and platforms which can be used to access your website, including PCs, laptops, mobile phones, tablets, iPhones, iPads, etc.
Consent mechanism. Use simple and straightforward language for consent options, such as the “Agree ” or “Accept ” buttons, a checkbox, or any other user-friendly method that indicates an affirmative action. Terms like “Okay ” are not valid consent since it does not provide unambiguous action. Present users with equal choices for giving or rejecting consent, and both options should be easily visible on the Cookie Banner, without pressing any additional buttons.
Granular cookie consent control. Users should be able to easily control their cookie preferences on the banner directly or on the second layer by using a “Cookie Settings” button or link that directs users to a dedicated page where they can customize their preferences. Users could enable just some categories of cookies and disable other categories. Use a checkbox for different types of cookies.
An example of a CookieScript Cookie Banner with a gradual consent of categories of cookies.
Delayed cookie placement. You must get cookie consent PRIOR to setting cookies on users’ devices. Only strictly necessary cookies could be set immediately. The setting of the non-essential cookies should be delayed until after users give their consent.
Multilingual banner. Cookie notices should be presented to users in all languages that your website has. This ensures that your users will make an informed decision about cookie consent.
Integration with Google Consent Mode. If your website uses Google Analytics or Google Ads, you must implement a cookie banner that is integrated with Google Consent Mode. This will ensure that your analytics and marketing data are collected having the user’s consent. This information will be sent to Google which then adapts the behavior of its tags and scripts.
IAB TCF cookie banner. The Transparency and Consent Framework (TCF) was created by the Interactive Advertising Bureau (IAB) to standardize how businesses run targeted advertisements while also remaining in compliance with the GDPR. The TCF is an industry-approved legal framework to communicate consent choices between users, website publishers (your website), and advertisers. Having a TCF-compliant banner allows you to comply with the GDPR while using advertising.
Google-Certified CMP. From 2023, publishers must use a Google-certified Consent Management Platform (CMP) integrated with IAB’s TCF for the delivery of the cookie banner and cookie consent management. In order to use Google advertisement products like Google AdSense, Ad Manager, or AdMob. If you are using a CMP that is not present in the list of Google-certified CMPs, you can't use Google advertisement products.
Explicit cookie consent. The cookie banner should collect explicit cookie consent. Don’t use pre-ticked boxes. Cookie consent by scrolling or by continued browsing is not considered GDPR-valid consent. Read more about the GDPR-compliance checklist.
User consent recordings. Record user consents for proof of compliance.
Advantageous cookie banner features
The following cookie banner features are not obliged, but are definitely advantageous to have:
Geo-targeting. Your website could have users from different countries with different privacy laws. You can prepare several cookie banners for different privacy laws. The geo-targeting feature determines your website user’s location and automatically presents the correct cookie banner.
Custom design and behavior. Some Consent Management Platforms like CookieScript allows you to create a custom design of your cookie banner that fits your company’s design or create custom behavior for your cookie banner.
How to Get a GDPR-Compliant Cookie Consent banner?
CookieScript is a Google-certified CMP, present in Google's list of Google-certified CMPs. It is certified for both Google Ads and Google Consent Mode, so with CookieScript you can use Google advertisement products like Google AdSense, Ad Manager, or AdMob.
Our Cookie Scanner scans your website for cookies and other tracking technologies and provides a detailed scan report including details about your website’s cookies with their provider, duration, and third parties if any.
With CookieScript, you can be sure your website is 100% compliant.
Frequently Asked Questions
How does a cookie banner work?
Is a cookie banner required in the EU?
Is a cookie banner required in the US?
What are cookie banner requirements to be compliant with the GDPR?