cookie text banner image

Cookie Text Explained: What Is It and How To Use It?

Published on October 4, 2021

Cookies are pieces of data that websites store in your web browser to remember things such as your user name, your policy preferences, or your progress on a website. The GDPR’s full-force arrival in the European Union led websites scrambling to be compliant by the deadline, and that includes cookie script management. The most commonly used method for cookie compliance is by adding a cookie banner on the website. As per the EU cookie laws and the likes, your website must inform users about the use of cookies and their purpose before storing the cookies. However, this information must be created as per the law requirements, and that is exactly what we call a cookie text. We will cover all the essential details and the best practices for a legally compliant cookie text.

What is cookie text?

Cookie text is the message on a website to inform users about cookies and for what purpose they are used. Various data protection laws require websites to provide their users with this information to obtain voluntary consent for using cookies. This notification or message appears on a website’s consent banner. 

Cookie texts differ from the cookie policy statements, which is a detailed account of what cookies are deployed on the site, how they will be used, and how the users can manage them (especially the third-party settings). 

Website cookie consent text is usually the first thing the users will see when they visit a website. When the user visits a website for the first time, the website must ask for consent to use cookies before storing them on user devices. Therefore, a cookie banner or notice to inform them about cookies and to ask their permission is a mandatory requirement. 

Here is an example of a cookie text:

CookieYes cookie text example
Cookie text in CookieYes consent banner

The cookie text’s content may extend beyond just the first layer of message on the banner to the second layer, where you can see the explanation of different types of cookies used and settings to give consent to them.

GDPR cookie text requirements

The GDPR does not explicitly mention cookies in its official document. However, the scope of personal data identifiers in the regulation includes cookies. Any information that directly or indirectly links to a person is referred to as personal data in the GDPR. In that terms, cookies collect and use user data that can be used to identify the users. Therefore, cookie identifiers are considered personal data under GDPR, and using cookies is subject to the law. This only applies to cookies that collect and use personally identifiable information and share them with third parties. Therefore, cookies that are strictly necessary for a website to function are exempted from GDPR cookie consent.

As per the GDPR, a website must follow the following practices to make its use of cookies compliant.

  • Inform users about using cookies and their purpose when they visit the website.
  • Allow them to accept and reject cookies before storing them on their device. 
  • Keep cookies (except strictly necessary cookies) blocked until the user gives consent. 
  • Let users select what cookies they want the website to store on their device.
  • Allow users to withdraw cookie consent if necessary.
  • Keep a log of all the user consent.
  • Renew cookie consent every 6 months (depends on the local data protection authority guidelines).

Cookie text is all about informing the users about these details. Well, at least some of them.

The cookie text on the consent banner must convey in simple and plain language that the website uses cookies and what they do. It must clearly explain how the users can opt-in or opt out of it or use settings to choose their preferences. The text should also link to the privacy or cookie policy for detailed information on cookies.

The GDPR emphasizes using clear and easy-to-understand language for such information. The users must be able to make an informed decision after reading the text. Therefore, it is wise to avoid legal or technical jargon in the cookie text.

Here is an example of a GDPR compliant cookie text on a consent banner:

GDPR compliant cookie text
GDPR compliant cookie text

CCPA cookie text requirements

CCPA’s rules for regulating personal data resemble GDPR in many ways. However, one of the most striking differences is that US law does not demand businesses to obtain consent before collecting personal data. But if the users are not okay with the data collection, they must be able to opt out of it. Therefore, the CCPA requires businesses to adopt just the opt-out model rather than the opt-in and opt-out like GDPR.

Hence, a website that is subject to CCPA doesn’t have to get user consent to use cookies but the option to reject cookies. The point to remember here is that the website doesn’t have to let users opt out of all cookies but those that collect and sell their personally identifiable information to third parties. You can implement the opt-put via a “Do Not Sell My Personal Information” link, placed on the consent notice and the homepage. The DNSMPI page should explain how users can block the tracking technology that sells or shares their information with third parties.

for CCPA compliance, best practices for cookie notification are:

  • Inform users about cookies and their source and purpose.
  • Allow users to opt out of cookies (DNSMPI link) that sell personal information.
  • Link to privacy or cookie notice that explains what type of cookies the site uses, the source, the data collected, their purpose, and how users can control them.

Example of a CCPA compliant cookie text on a consent notice:

CCPA compliant cookie text
CCPA compliant cookie text

Best practices for a legally compliant cookie text

As we’ve seen, the GDPR and CCPA have similar requirements for cookie text. IT depends on which law applies to your website. In case, both the laws apply, you can follow the common practices that will ensure that you are on the right side of the two laws. Not only that, these guidelines will even help if your website will be subject to other major privacy laws in the world.

On the first appearance, the cookie banner/notice text must satisfy these requirements:

  • Use simple and easy-to-understand language.
  • Avoid technical and/or legal terms that would confuse a layperson. 
  • Make it clear that the users have the option to opt out of cookies or accept only certain categories of cookies.
  • Do not assume that the users are okay with cookies without giving them the option to opt out.
  • Mention it clearly in case you use only necessary cookies that do not require consent.
non compliant cookie text
This cookie text is not GDPR compliant if your website uses third-party cookies

  • Add conspicuous opt-in and opt-out options (users understand words like “accept all” and “reject all” more than other technical terms) and preferably of the same format level.
  • Add a link to the privacy policy and/or DNSMPI page (for CCPA) as part of the text to inform users about cookies in detail.

When they select cookie settings, the cookie text must explain:

  • What each category of cookies means.
  • Each category must have separate consent options., and this should be presented clearly.
  • Button to save the cookie preferences.

Customize cookie text with CookieYes

CookieYes is one of the leading cookie consent management platforms for GDPR and CCPA. One of the features that make it stand apart is how much control it gives its users to customize the consent banner. The default cookie text of the CookieYes consent banner is very easy to understand. However, it gives you all the freedom if you want to modify it for your website.

You can change the color of the text. Additionally, you can change the size and font using CSS customization to suit your website’s design. 

CookieYes banner text customization
CookieYes banner text customization
CookieYes banner cookie text editor
CookieYes banner text editor

When it comes to the requirements for a legally compliant cookie text, CookieYes is perfect for you. Other than adding an easy-to-understand message, you can also customize the accept and reject cookies button, from changing its labels to text color, border, and background.

CookieYes cookie banner button customization
CookieYes cookie banner button customization

CookieYes allows you to also edit the cookie audit table that gives a rundown of cookie details and their purpose. It also provides a separate consent option for each cookie category.

CookieYes cookie audit table customization
CookieYes cookie audit table customization

The users most often ignore cookie text as they just click accept all or reject all button to get rid of the banner. Therefore, making the cookie text with different formatting to attract them will help as you can convey the necessary information and persuade people to make an informed decision.

Other than these features mentioned, CookieYes also offers:

  • Easy integration with major CMS like WordPress, Wix, Squarespace, and Shopify
  • Complete website scan for cookies
  • Auto-categorization of cookies and auto-blocking of identified third-party cookies before consent
  • Easy management of cookie scripts to auto-block unidentified third-party cookies
  • Logging of cookie consents recorded via the banner
  • Auto-translation of cookie text to 30+ languages
  • Consent revisit (withdraw) widget
  • Geo-target to display cookie banner to the EU, UK, or US users only
  • Free and fast privacy and cookie policy text generator

In short, CookieYes is the complete cookie consent solution you’ve been looking for! Try it for free and make your website GDPR and CCPA compliant for cookies.

Frequently asked questions

Why do I keep getting cookie messages?

Laws like GDPR and CCPA require websites to inform their users about cookies and their purpose before using them. Cookie messages or texts are this information that lets users know what cookies will be stored on their device if they accept them and that they have the option to reject them. Over the last few years, these laws have come down on many businesses that violated these rules. So, the websites now are more serious about cookie messages.

Should you accept cookies?

Accepting cookies is a choice to be made based on the type of cookies. you can accept the cookies if they do not share your personal data with third parties or interpret with your privacy. But if these cookies are set by third parties and they will likely use your personal data to track you, you may want to rethink about accepting them. It is better to block cookies if you have to share private or sensitive information like bank details or medical data or if the website is not encrypted. 

What is the purpose of cookies?

Cookies are used to improve a website’s operation and services or perform additional services. The most common purposes are remembering login credentials, holding items in an online shopping cart, placing targeted advertisements, gathering analytics, and improving user experience. Therefore, the purpose of cookies varies depending on their type and source. Read more about cookies and how they work here.

Should I delete cookies?

Like accepting cookies, deleting cookies is a choice you need to make depending upon the type of cookies, website security, and the type of data shared.

It is ideal to delete cookies if:

  • the cookies collect and track your information; 
  • the website is not secure; or 
  • you have shared private or sensitive information wih the website.

You can find the option to delete or clear cookies in most web browser settings.

Learn how to manually check cookies in your web browser.

How to clear cookies in your web browser?

In Chrome:

  • Click the three dots in top right corner
  • Click More tools > Clear browsing data.
  • Check the Cookies and other site data checkbox and click Clear data to clear all cookies.
  • or you can go to Privacy and security in settings and select Cookies and other site data > sell all cookies and site data to selectively clear cookies.

In Firefox:

  • Click the three lines in top right corner and click Settings.
  • Select Privacy & Security and scroll down to Cookies and Site Data.
  • Click Clear Data and press the Clear button (ensure that the Cookies and Site Data checkbox is ticked) to clear cookies.
  • In the dialog box, Click Clear Now to confirm.

In Safari:

  • Select Preferences from the top left corner menu.
  • Select the Privacy tab.
  • Click the Remove All Website Data button.
  • Click Remove Now in the the popup window to clear cookies.

Start a 14-day free trial

Trials start with all our features enabled. Cancel anytime. No credit card required.