When you hear the term “cookie notice,” what comes to your mind? One that pops up on your screen when you visit a new website and one that’s embedded in the footer of every page.
Well, we’re here to give you the lowdown on what “cookie notices” are and why they are important for GDPR and CCPA compliance.
What is a Cookie Notice?
The term cookie notice is interchangeable with the term cookie consent banner or pop-up. While it is quite a confusing term, we cannot completely disregard it as wrong. The US data protection law, California Consumer Privacy Act (CCPA) requires websites to display ‘notice at collection’ at or before the point of personal information collection. This requirement comes close to defining a cookie consent banner. However, even in this case, most examples of notice at collection are privacy notices rather than cookie consent pop-ups. Many websites that are subject to CCPA have a dedicated ‘notice at collection page linked on their homepage.
Cookie compliance made easy, and free!
Hassle-free cookie banner setup and cookie consent management for GDPR and CCPA compliance.Free Cookie Consent
Free foreverNo credit card required
Therefore, a cookie notice can be defined as a policy statement on a website that discloses details about cookies set by the site, its types, and their purposes. It gives information about how the users can opt out of non-necessary cookies and manage cookie preferences.
Do I need a cookie notice?
Furthermore, the CCPA also requires websites to disclose these details as well.
GDPR requirements for cookie notice
The GDPR and the ePrivacy Directive mandate that users are informed about how their data is collected and processed. Article 13 and Article 14 of the GDPR require that any information or communication relating to the processing of personal data is easily accessible and is available in clear and plain language. As cookies come under the scope of personal data, a cookie notice is required for websites in the EU, or websites that cater to users in the EU.
The cookie notice must be displayed on every page of a website where cookies are used, and it must include information about the cookies used by the website. This includes:
- a clear explanation of what cookies are used for;
- the purposes for which they will be used (e.g., to remember your login details, to analyse your use of an online service);
- the name(s) of any third party companies whose cookies are being used on the website; and
CCPA requirements for cookie notice
The policy page must include predominantly the following information :
- category of personal information the site collects or sells
- category of third parties where the information will be disclosed to
- rights of users
- opt-out options available to users
What should a cookie notice say?
At the outset, you have to keep in mind while creating the cookie notice for your website to use concise, clear, and plain language. You should avoid legal jargon that may confuse the readers.
The simpler the explanation, the better they will understand and trust you.
A GDPR and CCPA compliant cookie notice should include the following sections:
Many people visiting your website may have only a little or no knowledge of internet cookies. This part will be useful to them.
- Description of the types of cookies used by your site.
Now, this is the part where you have to list all the cookies that your website uses and what are their properties (type, primary function).
- An explanation of the purpose of these cookies.
You must provide what is the site’s purpose to use these cookies. It is a crucial part of the cookie notice, as it tells the users what happens to their data and how it is being processed by your site. This section could also explain who sets these cookies; if they are first-party or third-party cookies.
We recommend that you use a tabular format to list the different types of cookies and provide their details. E.g.
However, you can use your discretion to present the details in a format and template most convenient and that is compatible with your website’s design.
- Details on how users can opt out or set their cookie preferences.
Your visitors may want not to share their personal data or have their browsing activities tracked by you or third parties. You are liable to provide them with an option to opt out of such cookies.
In this part, you should mention various settings to manage or delete these cookies. The methods may include your website’s cookie consent settings, third-party website settings, and internet browser settings to block or remove such cookies.
Make sure your visitors are aware of their right to withdraw the cookie consent at any time.
Apart from these, the best practices also include adding the last updated or effective date of the policy so that the users are aware of recent changes. You can also add the contact information if not already done in your site’s privacy notice.
Watch how to add a cookie notice on a website using CookieYes:
Create your cookie notice in 2 minutes.
No coding required!
Free foreverNo credit card requiredAuto-updating
Cookie Notice Examples
Let us look at some good examples of cookie notices that are compliant with GDPR and CCPA.
Dow Jones’ cookie notice uses a tabular format to provide information about each type of cookie and its purposes.
Visa uses an accordion-style design for its cookie notice and specifically mentions that it does not collect any personally identifiable information. It also links to its privacy notice for further information.
CookieYes’ cookie notice has a dedicated section for details about managing cookie preferences.
Here, you will find a button Cookie Settings clicking on which will open the cookie consent banner and the users can then set or change their consent preferences as shown:
It also gives links to browser settings for managing or deleting cookies.
Honeywell also gives links to various browser settings for managing cookies and to manage cookie settings (Privacy Preference Center). It also lists links to the other website settings to opt-out of third-party cookies.
Frequently asked questions
Is cookie notice required?
Why am I getting all these cookie notices?
The reason you’re getting so many cookie notices is that privacy laws are being enforced.
How to add a cookie notice in WordPress?
You can add a cookie notice in WordPress the same way you add any new page. From Dashboard, select Pages > Add New and write the content and publish it. There are some plugins that will help you create one.