GDPR and e-Privacy Regulation compliance

In this article we will discuss how GDPR (General Data Protection Regulation) and ePR (e-Privacy Regulation) affects cookie usage on your website and how Cookie-Script helps your website to get compliant with GDPR.

First things first, here are some quick FAQ about GDPR and ePR.

What is GDPR? 

GDPR stands for General Data Protection Regulation: new regulation that is created to improve data privacy


What is ePR?

ePR stands for e-Privacy Regulation: a regulation for electronic communications and the right of confidentiality


When is GDPR enforced?

25th of May 2018


When is ePR enforced?

Nobody knows yet


Will this affect my business?

Depends on what you do and what information you collect from your customers. Check out this nice infographics for more info.


What organizations do GDPR apply to? 

If your visitor/customer is from EU, GDPR is applied to your organization


Are there fines? 

Yes, but there are 3 more steps before you get a fine (see link above). Fines can go up to €20 million or 4% of global annual turnover (whichever is higher)

Regulation vs Directive

It is important to understand difference between directive and regulation.

  • Directive is a legal act of the European Union, which requires member states to achieve a particular result without dictating the means of achieving that result.
  • Regulations have binding legal force throughout every Member State and enter into force on a set date in all the Member States.

Regulation is same for all member states, while with e-Privacy Directive was created as a set of rules for every Members State to create its own laws. Previously we had Directives, now we are starting to follow Regulations.

It's not about cookies!

Main goal of GDPR is to regulate how personal information is collected, stored and erased. The e-Privacy Regulation isn’t just about cookies, it concerns electronic communications and the right of confidentiality, data/privacy protection and more.

In fact, cookies are mentioned in GDPR only once:

Natural persons may be associated with online identifiers […] such as internet protocol addresses, cookie identifiers or other identifiers […]. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.

In other words: if cookies can be used to identify an individual - they are considered personal data (before ePR is enforced).

  Cookies are only small part of personal data that is managed by organizations. This is why you should review how and what personal information you collect and store in order to comply with GDPR.

IMPORTANT: Using Cookie-Script (or any other cookie-related solution) does not mean your website is automatically compliant with GDPR. There are many other aspects of this GDPR, so please read through all of them. There are plenty of information online on how to comply with all GDPR points, we will only focus on cookies here.
Another important thing to note - not all cookies are considered as personal data. If you have a simple website, cookies that you set are not used to identify a person and you do not collect any personal information from your visitors - there is a high chance you do not need to worry about GDPR at all.

ePR and GDPR

Ok, so this one is pretty tricky and is usually not explained on other websites that offer cookie banner solutions.

The ePrivacy Regulation is lex specialis to the GDPR. That’s a legal principle, which essentially means that the  lex specialis, in this case the ePrivacy Regulation, overrides the lex generalis, in this case the GDPR, with the ePrivacy Regulation covering the mentioned specific areas. In other words, wherever ePR and GDPR overlap (for example, cookies) - ePR should be used.

Basically you only care about ePR when it comes to cookies since GDPR does not focus on cookies and digital communications. ePR is specifically designed to explain how privacy and cookies should work together. e-Privacy Regulation also replaces e-Privacy Directive that forces websites to show banners, also known as "Cookie Law".

Now comes the interesting part:

ePR and GDPR were both designed to get applied at the same date (25th of May 2018) since they both are designed to work together. However due to different reasons ePR got delayed and will not come in force on the same date as GDPR. So what we have after 25th of May is quite a tricky situation - regulation that is designed to control how cookies are used (e-Privacy Regulation) is still in development, old directive (e-Privacy Directive) is still in the air and we just use GDPR and consider cookies as private data (not all of them, only ones that can be treated as personal data). Not sure how strict regulators will look at this having in mind that GDPR is not designed to regulate cookies in the first place. Once ePR is enforced, new changes will apply and most of GDPR changes (see below) regarding cookies will no longer be valid.

So what exactly will change from 25th of May 2018 and until ePR is enforced?

Here are some key changes you should know when it comes to cookies:

1 Implied consent won't work anymore. This means you cannot set cookies (at least personalized cookies, which are now personal data) before user gave you permission. We will keep it as an option, but will show warning message if user selects this option.

2 An option to withdraw consent should be always available.

3 Consent not needed for "non-privacy intrusive cookies". Examples include e-commerce cookies, remembering shopping cart histories, cookies for Google Analytics and many others.

4 Consent should be unambiguous, which means a positive action by a visitor.

5 Strictly necessary cookies can be still set up in order for website to operate properly.

Changes we are making

We do our best to make sure Cookie-Script stays up to date with the latest EU Regulations. We also try to keep it nice and simple. Many solutions require you technical knowledge, others are simply overkill with some functionality leftovers from e-Privacy Directive which is not relevant after 25th of May 2018. We focus on simplicity and user-friendliness. Here are the key changes we are implementing to Cookie-Script in order to get it compliant with GDPR:

  • New design option that covers whole page (to make sure clear affirmative action was taken by user to navigate on the website).
  • Implied consent will remain, but will not be selected by default. Also a warning message will appear if Implied consent is selected.
  • New option - Show cookie icon - (allows user to withdraw consent at any time).
  • A button to decline all cookies - Saves user choice not to set any cookies except strictly necessary cookies.
  • New piece of code (checkbox) to use on privacy policy page - Withdraw consent (allows user to withdraw consent on cookie policy page).
  • New option - strictly necessary cookies (to keep website functioning even without user consent, like webshop cart cookie).
  • Functionality to record and store visitor consent in an encrypted way (this record is not considered a personal data).
  • A set of articles to better explain how and when new options should be used.
  • AWS cashing - we are switching to Amazon Web Services in order to provide you one of the fastest and most reliable code delivery available on the market.

Once every change is implemented - it will be posted in the news and Facebook page. You can follow Facebook page to stay updated with latest changes.

Disclaimer: The information on this webpage is for general information only and does not constitute legal advice. Please consult your own legal professionals if you seek advice on specific interpretations and requirements of any law.

How to block third-party cookies

If you don't know what third-party cookies are, consider reading our explanation first.

Important: Blocking third party cookies is only possible by blocking whole third-party functionality. This means Google Analytics / YouTube videos / Facebook buttons / AdSense or anything else that you block WILL NOT WORK until user agrees with cookie policy (manually or automatically). Our statistics show that only ~10% of visitors actively agree with cookie policy, so remaining 90% will not be able to use third-party functionality on your website.
Note: This update was introduced on 13th of June 2015. If you last saved your Cookie-Script item before that date and want to use functionality below, you have to re-save your Cookie-Script item.

Blocking JavaScript third-party cookies

To block third-party cookies, find a JavaScript code that is setting third-party cookies and:

  • change type attribute from text/javascript to text/plain (if type attribute missing, just add it)
  • add data-cookiescript attribute and set it to accepted

All JavaScript with such attribute changes will only execute if user agreed with Cookie Policy.

Note: JavaScript will be executed when user clicks "I agree" button, without page refresh.

Example of standard Google Analytics code

Change code from:

<script type="text/javascript">
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
ga('create', 'UA-XXXXXXXX-X', 'auto');
ga('send', 'pageview');

Change code to:

<script type="text/plain" data-cookiescript="accepted">
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
ga('create', 'UA-XXXXXXXX-X', 'auto');
ga('send', 'pageview');

Example of included JavaScript file

Change code from:

<script src="/js/myscript.js"></script>

Change code to:

<script type="text/plain" data-cookiescript="accepted" src="/js/myscript.js"></script>

Blocking iframe third-party cookies

To block third-party cookies set with iframe (like YouTube videos), find an iframe code that is setting third-party cookies and:

  • change src attribute name to data-src
  • add data-cookiescript attribute and set it to accepted

All iframes with such attribute changes will only show up if user agreed with Cookie Policy.

Note: Iframe will be updated when user clicks "I agree" button, without page refresh.

Example of standard YouTube video iframe

Change code from:

<iframe width="560" height="315" src="" frameborder="0" allowfullscreen></iframe>

Change code to:

<iframe width="560" height="315" data-src="" data-cookiescript="accepted" frameborder="0" allowfullscreen></iframe>

You can also add a text explaining user that he must accept cookie policy in order to see the video. Use "alt" attribute for thet:

<iframe width="560" height="315" data-src="" data-cookiescript="accepted" alt="Please accept cookie policy first" frameborder="0" allowfullscreen></iframe>

Blocking embed / object / link third-party cookies

In the same manner you can block embed / object / link elements from setting third-party cookies

Example of embed element

Change code from:

<embed src="somefile.swf">

Change code to:

<embed data-src="somefile.swf" data-cookiescript="accepted" >

Example of object element

Change code from:

<object src="somefile.swf"></object>

Change code to:

<object data-src="somefile.swf" data-cookiescript="accepted" ></object>

Example of link element

Change code from:

<link href="" rel="stylesheet" type="text/css">

Change code to:

<link data-href="" data-cookiescript="accepted" rel="stylesheet" type="text/css">

Example of image element

Change code from:

<img src="" />

Change code to:

<img data-src="" data-cookiescript="accepted" />

All you need to know about third-party cookies

third-partyThird-party cookies are cookies that are set by a website other than the one you are currently on. For example, you can have a "Like" button on your website which will store a cookie on visitor's computer, that cookie can later be accessed by Facebook to identify visitor and see which websites he visited. Such cookie is considered to be a third-party cookie.

Another example would be an advertising service (ex: AdSense) which also creates a third-party cookie to monitor which websites were visited by each user.

Identifying third-party cookies

You can check if website uses third-party cookies in any modern browser. Instructions vary in different browsers, here is how you can do it in Chrome:

  • Press F12 to open Developer Tools (or right click on the page and choose Inspect Element)
  • In Developer Tools choose "Resources tab"
  • On the left double click "Cookies" section to unfold it

You should see current website domain (or subdomain) here. If you can see any other domains in this list, this means website uses third-party cookies:


Blocking third-party cookies with Cookie Script until visitor accepts cookie policy

Follow the instructions to block any kind of third-party cookies

Italian Cookie Law explained


On 3rd of June 2014 Italian Data Protection Authority (DPA) have published official instructions for websites on how users should be informed about cookie usage (also known as "Cookie Law"). Deadline for implementation of those instructions is 12 month, which is 3rd of June 2015. Below you will find summary of those instructions and a checklist to make sure your website is compliant with Italian Cookie Law.

Summary of Italian Cookie Law

First-party cookies

First-party cookies are cookies that are installed by website publisher, in other words - it's cookies that are saved under same domain/subdomain as website itself. According to DPA, first-party cookies can be separated in two groups:

  • Technical cookies. Do not require user consent. Basically all cookies needed to show your website correctly: session cookies, analytics cookies, functionality cookies.
  • Profiling cookies. User consent is required. Cookies aimed to create user profiles (do not mix with user accounts). They are used to send ads messages targeted for this particular user or group of people where user belongs.

Third-party cookies

Third-party cookies are cookies that are placed by the managers of another website ("third-party") via the publisher's website. Due to technical reasons, website publisher (manager/owned/editor) is not responsible for any third-party cookies.  Website at this point acts as technical intermediary and must only provide a link to the information notices and consent forms of the third parties. Third-party cookies do not require user consent

Technical requirements

DPA requires to have two layers of user notification:

  • Banner with the short  information notice and consent request
  • Extended Privacy Policy page with detailed description of Cookie Policy and cookies used on the website

Banner (popup message) requirements

On accessing the home page (or any other landing page) of a website, the user must be shown immediately a suitably sized banner. The banner must include the following information:

  • That the website uses profiling cookies to send advertising messages in line with the user's online navigation preferences (if any profiling cookies are used)
  • That the website allows sending third-party cookies as well (if third-party cookies are used)
  • A clickable link to the extended information notice
  • That on the extended information notice page the user may refuse to consent to the installation of whatever cookies
  • That if the user continues browsing by accessing any other section or selecting any item on the website (e.g. by clicking a picture or a link), he or she signifies his or her consent to the use of cookies.
Note that Cookie Script is not responsible if your banner text does not meet the requirements above since it is website publisher who is required to create the text.

Italian Cookie Law also describes a possibility to add "I disagree" button (not required), which will remember user's choice not to use cookies and will not show the banner anymore. We are currently working on adding this functionality. User consent can be saved as a technical cookie.

Extended Privacy Policy page

Extended Privacy Page should include:

  • all items required by Section 13 of the ITALIAN PERSONAL DATA PROTECTION CODE, that is (but not limited by) describe the detailed features and purposes of the cookies installed by the website
  • tools available to select the cookies to be enabled
  • possibility for the user to configure browser settings as a further mechanism to select the preferred use of cookies by the website, including at least a reference to the procedure to be followed to configure those  settings;
  • updated link to the information notices and consent forms of the third parties the publisher has agreed to let install cookies via his own website (if third-party cookies are used)

Extended Privacy Policy Page must be linked from a short notice and from all website pages as a link (possibly in the bottom of the page).

Notifying DPA

According to the instructions, profiling cookies, which are persistent in nature, have to be notified to the Italian Data Protection Authority. Technical cookies do not have to be notified to DPA.


Fines for not following the instructions:

  • failure to provide information about cookies as well as other parts of Section 13 of the ITALIAN PERSONAL DATA PROTECTION CODE : 6.000 - 36.000 EUR
  • installing cookies without users' prior consent (applies only for first-party profiling cookies): 10.000 - 120.000 EUR
  • failure to notify processing operations to the DPA or the provision of an incomplete notification to the DPA under the terms of Section 37(1), letter d) of the Code : 20.000 - 120.000 EUR

Full version of Italian Cookie Law

You can find full description of requirements here: English version / Italian version.

Italian Cookie Law and Cookie Script

Cookie Script is compliant with Italian Cookie Law if used properly. It is website manager's responsibility to make sure he used correct settings and that his website complies with Italian Cookie Law.

Consent mode (Explicit or Implied)

First of all, website manager/publisher has to find out what cookies are used on his website and choose Explicit or Implied mode. Depending on cookies used, Cookie Script can be configured to be used in Explicit or Implied mode:

  • Explicit : must be used if you have first-party profiling cookies. Also can be used if you are not sure about what cookies do you have (just to be on the safe side).
  • Implied : can be used if you don't have first-party profiling cookies, that is if you are only using technical and/or third-party cookies.
Note that cookie script is a simple user-friendly solution where you don't have to configure each individual cookie settings. This means that in case of explicit consent all first-party cookies will be blocked (both technical and profiling cookies) just to be sure website complies with Cookie Law requirements.

Banner settings

Depending on cookies used, website manager has to make sure he has proper text used in banner (see checklist below). Italian Cookie Law provides a possibility to use "I disagree" button (not required), which will be implemented in Cookie Script soon.

DPA instructions also describe possibility of automatic consent - meaning that clicking any link to another page on the website will make user automatically accept cookies. However, this is only mentioned in banner text requirements and doesn't say anywhere that it can actually be used. Cookie Script has this functionality implemented, but use it on your own risk.

Privacy Policy Page

Extended Privacy Policy Page is important and website manager must make sure it meets all requirements (see checklist below), otherwise a fine of 6.000-36.000 EUR might be issued. Privacy Policy page is individual for each website and Cookie Script is not involved in this part, however you can use some of the Cookie Policy templates we provide (note that Cookie Policy is only part of bigger Privacy Policy Page).

DPA requires to have "tools" to disable individual cookies on the website. Full integration of such tools into your website workflow is usually quite pricy and requires a solid technical knowledge in order to work properly, so obviously not everyone can afford them. In most cases it's an overkill and a waste of time.

Luckily, Italian Cookie Law does not describe exactly how "tools" should work, so providing any "Tools available to select the cookies to be enabled" would work, for example links to browser extensions that makes it possible to block individual cookies. We will soon make a list of such browser extensions which you can use on your Privacy Policy Page as a "Tools to select the cookies to be enabled".

Checklist to comply with Italian Cookie Law  

Banner text must include information:

  •   that website uses profiling cookies to send advertising messages (if first-party profiling cookies are used)
  •   that the website allows sending third-party cookies (if third-party cookies are used)
  •   a clickable link to the extended Privacy Policy Page (also known as "Read more" Button)
  •   that on the extended Privacy Policy Page the user may refuse to consent to the installation of whatever cookies
  •   that if the user continues browsing by accessing any other section or selecting any item on the website (e.g. by clicking a picture or a link), he or she signifies his or her consent to the use of cookies.

Extended Privacy Policy must be accessible from every website page and include:

  •   all items required by Section 13 of the ITALIAN PERSONAL DATA PROTECTION CODE, also describe the detailed features and purposes of the cookies installed by the website
  •   tools available to select the cookies to be enabled
  •   possibility for the user to configure browser settings as a further mechanism to select the preferred use of cookies by the website, including at least a reference to the procedure to be followed to configure those settings;
  •   updated link to the information notices and consent forms of the third parties the publisher has agreed to let install cookies via his own website (if third-party cookies are used)

Consent mode to use:

  •   Explicit : must be used if you have first-party profiling cookies. Also can be used if you are not sure about what cookies you are using (just to be on the safe side).
  •   Implied : can be used if you don't have first-party profiling cookies, that is if you are only using technical and/or third-party cookies.

10.000 cookie popups created

10000Happy times! We are excited to announce that our users have now created 10.000 cookie popups!

A lot of things were improved since we started thanks to a feedback and ideas from our users. We have changed few hosting companies and now Cookie Script is nice and fast as never before.

We will continue to improve Cookie Script to make sure more users will be thrilled by user-friendly functionality we offer. 

Cookie popup on multi-language website

worldlanguagesThe most common question from our users is how to set up a cookie popup on website with multiple languages. So here is an explanation on how to set up Cookie Script with multi-language website.

First, create a Cookie Script item for each language and fill all fields for each Cookie Script item in proper language. This allows you to show different text in each language.

Next, insert each Cookie Script popup in proper language of your website. Technical part of this part depends on the system your website uses.

Note: Cookie Script will remember if user agreed with cookie policy for all languages unless you have a separate domain name for each language (like

Cookie Policy page templates

cookie-policy-templatesShowing cookie pop-up message is just part of the deal. Each website must also have a Cookie Policy page in order to comply with EU Cookie Directive.

Luckily, Cookie Script users do not have to worry about this. We have published Cookie Policy page template and it is available in 23 languages. This is an official Cookie Policy template from European Commission website.

Make sure you change middle section according to your website cookies before publishing your Cookie Policy.

Hey, we have also updated our Terms and Conditions and Privacy Policy and Disclaimer, so it could be a good idea to through them.

Get my Cookie Policy page text

Server performance improvements

speedWe have recently received few reports about Cookie Script taking more time to load than usual. This might have caused slower website total page load speed. 

We are now happy to inform that those issues have been fixed. According to our tests, Cookie Script pop-up is now loaded within 100 miliseconds in 96% cases during peak hours. This means Cookie Script pop-up will not influence even fastest website performance.

Note that premium users can always download and host JavaScript files themeselves.

New option: Explicit or Implied cookie consent mode

In some countries cookie law is strict and requires that no cookies are set until user agrees with cookie policy. For those countries we have made a new option: Cookie consent mode.


It can be set to implied or explicit mode:

Implied: This option is used by default. All cookies are set at visitor’s computer as usual and visitor is just informed about cookies. We call it “the soft way”

Explicit: If this option is used, no cookies will be stored on visitor’s computer until visitor agrees with cookie policy. We call it “the hard way”.

Things to note when using explicit mode:

  • Removing cookies can influence workflow of your website. For example, visitor will not be able to login until he agrees with your cookie policy. If you have a webshop, it is not recommended to use explicit mode since visitors will not be able to make any purchases before they agree with cookie policy.
  • If you are using some analytics software (like Google Analytics), explicit cookie consent mode might mess up your analytics data since each pageview (even from same visitor) will be tracked as new and unique visitor.
  • In case you have a simple website without any analytics software installed, you should not have any problems using explicit cookie consent mode.

Countries where cookie law requires EXPLICIT cookie consent mode *:

  • Croatia
  • France
  • The Netherlands
  • Poland

Countries where IMPLIED cookie consent mode can be used *:

  • Austria
  • Belgium
  • Bulgaria
  • Czech Republic
  • Denmark
  • Estonia
  • Finland
  • Germany
  • Greece
  • Hungary
  • Ireland
  • Italy
  • Latvia
  • Lithuania
  • Luxembourg
  • Malta
  • Norway
  • Portugal
  • Romania
  • Slovakia
  • Slovenia
  • Spain
  • Sweden
  • United Kingdom

* This country information might be outdated, so if you have any updates on the lists above, please let us know via our contact form and include a link to source of information.

Download and host JavaScript files

Sometimes it is faster and more reliable to store JavaScript files on your own server, usually same place as website itself. This also allows web developers to edit JavaScript files directly and make changes on the fly.

For this purpose we have created an option to download your generated JavaScript files, edit them and host it on your servers.

How to download a JavaScript file?

You can download JS file from your account page by clicking “Download” button next to a proper cookie script item.


Editable JS file – should be used if you want to edit file yourself before putting it on your website. It is written in a readable way, so a web developer could add necessary changes.

Minified JS file – should be used if you are not going to add any changes. This file takes slightly less space so it can be read by visitors faster.

Choose a proper file and it will start downloading:


How to upload a file to your server?

You can upload file to any folder on your website or to a root of web directory. This can be done using FTP client or any other method you use to upload files.

How to use file on your website?

Once you upload file to your server, you can include it on your website. You can include JS file in header or just before closing </body> tag. Here is an example of how to include JavaScript files to your website:

<script type="text/javascript" src="/903e0d0491c903e0d0491c903e0d0491c.js"></script>

If file is placed in root website directory. Change file name to the one you have uploaded. Or:

<script type="text/javascript" src="/includes/903e0d0491c903e0d0491c903e0d0491c.js"></script>

If file is placed in “includes” directory.

You can change file name to your own if you need.

Note that if you decide to download and host JavaScript file yourself, it can’t be updated automatically by cookie-script anymore. This means that no changes to cookie script item (ex. pop-up title, description or custom colors) will take effect by itself. In order to apply new changes, you have to re-download JavaScript file and re-upload it on your server.

Integration with Google Analytics

Google-AnalyticsOk, this one is pretty cool. It is now possible to integrate Cookie Script with Google Analytics!

Google Analytics is one of the most powerful tools to analyze visitor behavior on the website. If you are using Google Analytics, you can now easily connect it with Cookie Script pop-up on your website. This can be done in the new option “Enable Cookie Statistics”, set it to “Use Google Analytics”:


All statistics about visitor interaction with cookie pop-up box is saved as Events in Google Analytics. You can see it in Google Analytics > Behavior > Events. All events are saved under “Cookie Script” category. Here is what actions you can get:

  1. Show – triggered when cookie pop-up is displayed.
  2. Accept – triggered when user clicked “Accept” button in pop-up box. Note that if you set up automatic accept after some time (if set up in Cookie Script settings) will not trigger this event.
  3. Read more – triggered if user clicks “Read more” button.

This is both simple and powerful tool to analyze user behavior and optimize your cookie pop-up settings. Here is just a few of hundreds applications where you can use this data:

  • Show how many visitors are reading/accepting/ignoring you cookie policy.
  • Show how many purchases (or other goals) are done with/without accepting/reading cookie policy.
  • Show if foreign country visitors accept/ignore/read cookie policy.
  • Show how many mobile visitors accept/ignore/read cookie policy.
  • Export all kinds of reports or send them by email.
  • And much-much more.

Google Analytics also takes care of tracking Unique and non-Unique events. If you are not familiar with Google Analytics Events, you can read more about it on Google Help page.

You will also notice there are two more choices for “Enable Cookie Statistics” option:

  1. Enable – Uses Cookie Statistics tool to collect data about user behavior on the website. Not so advanced as Google Analytics, but can be used as alternative.
  2. Disable – Disables any Cookie Statistics. Use this option if you do not care about monitoring user behavior. This will reduce number of requests to our servers.

The best part about new Google Analytics integration: it is available for both free and premium accounts

New servers

hostingNew shiny servers! That's what we got to ensure best user experience and performance for all cookie consent pop-ups.

Cookie-Script is growing fast and soon one server will not be able to handle all requests. That's why we got some extra power to split server load between several machines. 


New option: Auto accept cookie policy

Some of our Spanish users have requested a new functionality which can be used according to Spanish cookie law. In Spain the law provides that after a certain time since the pop-up is displayed the acceptance of cookies is considered implicit.

We have implemented a new feature where after a certain time the pop-up disappears and all the cookies are accepted without press the button. This means your visitors will not see cookie pop-up warning on other pages, unlike with "Auto hide" option.

Please note that both "Auto accept" and "Auto hide" options stop displaying cookie pop-up warning after a certain time, so if using both - smallest value will be used to hide the pop-up. If "Auto accept" option is smaller than "Auto hide", "Auto accept" overwrites "Auto hide" value.


Two new options added

We are getting a lot of warm and thankful words from our users. Some of them are also very constructive and people ask us to implement new functionality.

Today we are happy to announce that two new options requested by our users have been implemented.

Apply for subdomains.

This option will be useful for websites where same pop-up box is shown on many subdomains. Let’s say you have a website with some subdomains:

You can use this new option to remember user agreement for cookie usage and only show pop-up box once. In this case you need to place same Cookie Script code in all subdomain pages. You can find new option in the list of options for each Cookie Script:


If you do not have subdomains on your website or you are not sure about this option, just keep it set to “No”. Misuse of this option will not make any problems with displaying your pop-up box.

Hide pop-up automatically.

This option can be used if you don’t want to annoy your visitors with pop-up box too much. You can now hide cookie pop-up box automatically after a certain number of seconds. It will hide smoothly, so your visitors will have a great experience browsing website.

Auto hide option can be left blank if you do not want to hide pop-up box automatically.



We are trying our best to keep Cookie Script both user friendly and functional solution. If you have any wishes or functionality requests, please let us know and we will do our best to implement it. You can contact us on contact page or via facebook page.

HTTPS (secure) connection

Some users are not aware of what secure connection is and how it is related to Cookie Script, so we decided to give a little explanation on this. 

In few words, secure connection enables a more secured way of user interaction with website. That's why major websites like and use secure connection. You can see it as a green lock in a browser address bar (looks differently in different browsers):


Secure connection is often used in web-shops during checkout in order to protect customer personal and credit cart information. If you don't have secure connection (green lock) on your website, then you can use regular HTTP connection.

If your website has a page where secure connection is used, all scripts and elements on that page must be attached using a secure connection as well. Otherwise green lock will become grey and users will see a warning:



Cookie Script can support secure connection, which means all your secured pages will remain fully secured and will show green lock without warnings (unless you have some other unsecured content).

You can choose either to use HTTP or HTTPS connection in your cookie-script item > Use item:



  • If you don't know which one to choose, just use HTTP
  • If you have both pages with and without HTTPS, use HTTPS. It will automatically switch back to HTTP if needed.
  • Secure connection is available for premium membership users.

Copyright text in pop-up

We now show a small copyright text in a cookie pop-up box. This copyright text is only shown in free membership plan and looks like this:



This text is not shown in premium membership plan.

Copyright text does not make any influence on website SEO and is shown after the whole website is loaded.

  Go Premium

Lifetime "Premium" membership

No more subscriptions! From now on our Premium plan is lifetime. Yes, lifetime. No more monthly subscriptions or expired accounts. Lifetime Premium membership price is 29.90 EUR and we will never charge you anything extra.

With our premium membership you will get:

  • Premium support
  • Copyrights removed from cookie pop-up box
  • Configurable colors to customize pop-up according to your website design
  • Unlimited Cookie Statistics tool

You can compare membership plans here.

  Go Premium

All users that ever purchased subscriptions will get lifetime memberships too!

1000 cookie scripts created


Happy birthday to cookie-script! Today we got 1000-th cookie script created by our users.

We would like to thank everyone who is using cookie script, it’s all thanks to you!

“Special thanks” goes to people who gave us feedback and helped to improve our solution.

We are proud to say that our cookie script pop-ups are shown more than 600.000 times per day! And more than 35.000 users accept with cookie policy every day.

New design added

We got several requests to make a new minimalistic design, similar to the one used by website.

We are now happy to announce that new design has been implemented and available when creating new cookie script item. In order to use it, select the following design option:

minimalistic design

As a result, you will have the following pop-up box on your website:


Similar to other designs, this one can be placed top/bottom and left/right.

New design is not usual since there is no “I agree” button. Instead, it was replaced by a close button marked with “x”. Closing button is colored same way as “I agree” button, so users with premium subscription can change background color of circle and color of “x” inside.

Link to your cookie policy is placed right after the description, therefore you can end your description with something like “in accordance with our” and then make cookie policy title “Cookie Policy”. You will get similar result as on the screenshot above.

Go ahead and try new design in action. If you have any comments, please let us know.

New feature - Agreement Expiration

New feature has been added in cookie-script edit box: "Agreement Expiration". It is designed to set a number of days for user's cookie agreement.

Previously used default cookie agreement expiration date was set to 30 days, now you can change it yourself for each cookie-script: 


In order to change this setting, you have to :

  1. Login to your account
  2. Edit cookie-script settings for desired website
  3. Save 

That's it!

New feature - Custom colors

We are finally done developing new major functionality - custom colors for cookie pop-up box. This is a new step towards customizing cookie pop-up box. You are now able to style pop-up box your own way to match your website design.

Custom colors can be changed in cookie-script item editing window > Custom colors tab: 


Custom colors are selected using a handy tool similar to the ones used in graphical design programs like Adobe Photoshop: 


Custom colors tool allows you to specify all colors used in cookie pop-up box allowing you to create thousands of design variations. Here are some of them: 


Note: Custom colors are available for "Premium" subscribers only. You can play with them in free version, but they will not be applied when showing pop-up box. You can subscribe to "Premium" plan here.

Update to version 1.2

Cookie Script has been updated to version 1.2 . List of improvements:

  • Fixed - Cookie Script copyrights link have been added to "Slim line" template. According to list of features, copyrights link will be shown in free version. You can always upgrade to "Premium" plan to remove copyright link from your cookie pop-up.
  • Fixed - Cookie Statistics was not working for few clients for the last 2 days.
  • Updated - Some styles for pop-up box have been updated to be shown correctly on all sites.

As always, feel free to contact us in case you have any problems with updated Cookie Script.

Preview of your cookie pop-up

We have added new preview button to make creating and editing of cookie pop-up even easier. Click it and see your changes right away on the same page. New button looks like this:


You will find it when editing cookie script for one of your websites.

Cookie Statistics Tool

Finally Cookie Statistics is out of beta version. Now it is stable and presents all necessary data to monitor user behaviour. Cookie Statistics tool is a useful feature which helps to analize how often users accept or ignore cookie warning and if they actually read cookie policy. Change your cookie pop-up and see how it reflects on user behavior.

Improved Cookie Statistics tool features: 

  1. Date range
  2. Graphs control
  3. Improved color design
  4. Responsive design

Cookie Statistics tool comes together with free subscription, so go ahead and try it on your website, it's free. Here is a quick view on our improved Cookie Statistics tool: 


Version 1.1 released

We are proud to inform you that Cookie Script has been updated to version 1.1 . Here is a list of improvements:

  • Fixed - cookie pop-up showing on all pages even if agreed in some IE and Opera versions. 
  • Fixed - not showing some pages correctly in IE 7 and 8. 
  • Fixed - demo page changing widht on IE 9 when trying to view demo result.
  • Tested - cookie pop-up was tested on all versions of Opera, Chrome, FireFox, Safari and IE. Special thanks to 
  • Tested - website (also responsiveness) tested on all versions of Opera, Chrome, FireFox, Safari and IE.

We would like to thank all users for their input and feedback on issues with Cookie Script.

There is still a big To-do list waiting to be implemented. As always, we will keep you posted on all updates and changes. As for now - have fun using! 

News section is live and ready to go

It is always a good idea to keep your clients informed. That is why we are starting this "News" or "Blog" section where you will find all the latest news about and EU Cookie Law. Have fun reading!