“Why am I getting all these cookie notices?” At least some of us have asked this question over the last few years. In 2018, some of our inboxes were filled with updates from websites about their new privacy and cookie notices. Thanks to Europe’s General Data Protection Regulation (GDPR), data privacy has become a mandatory aspect that a business cannot afford to ignore. Cookie notices and pop-ups now have become a norm for almost all websites in the world and a must to gain users’ trust. We will discuss cookie notice in detail and what you need to do for a GDPR and CCPA compliant cookie notice on your website.
What is a Cookie Notice?
And to answer the question, a cookie notice is a policy statement on a website that discloses details about cookies set by the site, its types, and their purposes. It gives information about how the users can opt-out of non-necessary cookies and manage cookie preferences.
Do I need a cookie notice on my website?
Moreover, the CCPA also requires websites to disclose these details.
It’s more like a means of open communication with your users about how you will use their data.
GDPR and CCPA requirements for Cookie Notice
Both the laws require businesses to disclose their data collection and processing practices, which will include cookie pop-ups in the USThege.
The GDPR and the ePrivacy Directive mandate that users are informed about how their data is collected and processed. Article 13 and Article 14 of the GDPR require that any information or communication relating to the processing of personal data is easily accessible and is available in clear and plain language. As cookies come under the scope of personal data, a cookie notice is required for websites in the EU, or websites that cater to users in the EU.
However, the US does not require a separate cookie notice page. Generally, businesses in the US include a cookie usage section within their privacy notice.
What do I write in a cookie notice?
At the outset, you have to keep in mind while creating the cookie notice for your website to use concise, clear, and plain language. You should avoid legal jargon that may confuse the readers.
The simpler the explanation, the better they will understand and trust you.
Many people visiting your website may have only a little or no knowledge of internet cookies. This part will be useful to them.
- Description of the types of cookies used by your site.
Now, this is the part where you have to list all the cookies that your website uses and what are their properties (type, primary function).
- An explanation of purpose of these cookies.
You must provide what is the site’s purpose to use these cookies. It is a crucial part of the cookie notice, as it tells the users what happens to their data and how it is being processed by your site. This section could also explain who sets these cookies; if they are first-party or third-party.
We recommend that you use a tabular format to list the different types of cookies and provide their details. E.g.,
However, you can use your discretion to present the details in a format and template most convenient for and that is compatible with your website’s design.
- Details on how users can opt-out or set their cookie preferences.
Your visitors may want not to share their personal data or have their browsing activities tracked by you or third parties. You are liable to provide them with an option to opt-out of such cookies.
In this part, you should mention various settings to manage or delete these cookies. The methods may include your website’s cookie consent settings, third-party website settings, and internet browser settings to block or remove such cookies.
Make sure your visitors are aware of their right to withdraw the cookie consent at any time.
Apart from these, the best practices also include adding the last updated or effective date of the policy so that the users are aware of recent changes. You can also add the contact information if not already done in your site’s privacy notice.
Cookie Notice Examples
Let us look at some good examples of cookie notices that are compliant with GDPR and CCPA.
Dow Jones’ cookie notice uses a tabular format to provide information about each type of cookie and its purposes.
Visa uses an accordion-style design for its cookie notice and specifically mentions that it does not collect any personally identifiable information. It also links to its privacy notice for further information.
CookieYes’ cookie notice has a dedicated section for details about managing cookie preferences.
Here, you will find a button Cookie Settings clicking on which will open the cookie consent banner and the users can then set or change their consent preferences as shown:
It also gives links to browser settings for managing or deleting cookies.
Honeywell also gives links to various browser settings for managing cookies and to manage cookie settings (Privacy Preference Center). It also lists links to the other website settings to opt-out of third-party cookies.
How to add a cookie notice to my website?
Creating a cookie notice requires you to identify the cookies on your website and create the content accordingly.
Identify the cookies your website uses
Identify all the cookies your website uses and what each cookie does including the different categories of cookies such as first-party cookies, third-party cookies, etc.
You also must look into the cookies notices of all third parties such as advertisers and web analytics services that are using cookies on your website.
Plan the content of your cookie notice
As we’ve already seen, a comprehensive cookie notice should include certain mandatory details. It should also be made available in plain and intelligible language. To do it manually is difficult and would require legal assistance.
Just sign up on CookieYes, scan your website for cookies and activate the cookie consent banner. Watch how to set up CookieYes on your website:
You can show the cookie audit table (list of cookies identified from the scan with their details) and it automatically updates the audit table after every new scan and cookies identified from it.
Since CookieYes performs a deep cookie scan of your website, rest assured that it will identify most third-party cookies and add them to the cookie audit table. It auto-blocks these cookies until the users give their consent to use them.
You can add a consent revisit widget on the cookie notice so that users can revisit the cookie banner to change cookie settings or withdraw consent.
You can customize the description for cookie opt-out and management for different browsers and third-party websites.
CookieYes supports all major website CMS. So, whether it is a WordPress cookie notice or Shopify cookie notice, you can generate it quickly and easily
Sign up on CookieYes for free and be GDPR and CCPA compliant.