GDPR Cookie Consent Banner Examples

Cookie consent banners are small pop-up notifications that appear on the first visit to a web page. It displays information about the cookies the page will load and takes user consent before loading them. In this article, you will find some examples of GDPR cookie consent examples. Before that, let's look at the types of commonly used cookie consent banners and also, why you need them in the first place and GDPR’s role in it.

Types of Cookie Consent Banners

There are different types of cookie consent banners that you can use on your website. It depends on if or what user data you collect and how you seek consent from users. Broadly they can be classified as:

Informational

This type of banner is used only to notify the website users about the cookies that are in use. However, they do not ask for user consent.

 

Implicit

This type of banner notifies the users about the cookies the site will use and only loads them if they accept. The users can choose what cookies they do not want the site to load. If the users select accept without making any choice, the page will load all the cookies by default.

 

Explicit

This type of banner provides users the option to set their cookie preference, i.e., they can explicitly choose the type of cookies the site should load. Only the cookies that the users have selected will load upon their confirmation. Some of them have a reject button, choosing which will load only the necessary cookies.

Why You Need Cookie Consent Banners?

The need for cookie consent banners is not a recent development. The ePrivacy Directive (ePD), introduced in 2002 and known as the EU Cookie Law, requires websites to display cookie banners to let users know of the cookie usage. However, with the introduction of the General Data Protection Regulation (GDPR), consent became a hot topic. It mandated that the organizations (or websites) should obtain prior consent from the users before collecting and using their personal data.

GDPR only mentions cookie once. However, it states that a website must have a clear and concise consent policy, and the user must be aware of what and how the site will use their personal data. Websites must obtain explicit consent from them in such cases, and a secure opt-in and opt-out options should be available.

Under GDPR, consent must be freely given, specific, informed, unambiguous, and revocable. If you fail to acknowledge any of these conditions, then the consent will be considered invalid, and you have violated GDPR. Learn more about GDPR consent requirements here.

Moreover, the 2009 amendments in ePD (the reason for the label 'cookie law') require the website that uses cookies to:

  • Take prior consent from users before loading them;
  • Give precise information about the intended purpose;
  • Provide an option to deny consent to use them;
  • Provide user-friendly opt-in and opt-out options;
  • Allow access to website content that may not use the cookies that the users denied.

ePD exempts strictly necessary cookies as they are essential for improving user experience and website functioning.

Note: In July 2019, ICO released its guidance on cookies and similar technologies. They explained the cookies that meet the strictly necessary exemption:

ICO necessary cookies

 

So, to comply with the data protection laws and avoid any legal trouble, it is mandatory to use cookie consent banners on your website.

GDPR Cookie Consent Banner Requirements

To comply with GDPR and ePD, you should keep in mind the following points for your cookie consent banner:

  • Use clear and understandable language.
  • Include a link to Cookie Policy or Privacy Policy (that has a cookie clause).
  • Explain what types of cookies are used or will be used.
  • If the website uses cookies, especially third-party, that collect user data, then let the users know.
  • Provide an opt-out option for such cookies.
  • Clearly explain what their actions, such as setting changes, opt-in, and opt-out, will mean.
  • The banner should be readily available any time the users want to change their cookie preference or withdraw consent.

GDPR Cookie Consent Banner Examples

Many websites strictly follow the GDPR (and ePD) standards for the usage of their cookies. Here are some of the GDPR cookie consent examples:

The Times UK

the times gdpr cookie consent examples

The Times UK uses a detailed footer banner that provides links to its policies and a 'Purposes/Features' button to manage the cookie consent. It lists the type of cookies the site will use. Each one has a toggle switch that you can activate if you wish. 

 

BBC

BBC GDPR cookie consent examples

BBC header banner will link you to the cookie policy and settings. Agreeing will load all the cookies. Settings let you manage the cookies that you want the site to use.

 

The Guardian 

Guardian GDPR cookie consent examples

The Guardian's banner pops up at the bottom of the website. It includes links to the policies and provides a 'My options' link to change your cookie preferences.

 

F C Barcelona

FCB GDPR cookie consent examples

FCB has a simple footer banner where you can accept all cookies or click 'FIND OUT MORE,' to go to the cookie policy. From there, you can decline the use of Analytics cookies.

 

CookieYes

CookieYes GDPR cookie consent examples

CookieYes' website uses a footer banner that links you to its privacy policy. You can click 'Accept,' and it will load only necessary cookies. Click on 'Cookie Settings' to set your preferences. Activate only the cookies you want the site to use and save the changes. 

CookieYes is a cloud-based solution to make your website comply with GDPR for the usage of cookies. You can implement cookie banners on your website in minutes! There are fully customizable banners, and you can choose between various consent types. You can also manage user consent for loading cookies and block scripts to implement prior consent before loading cookies. All it takes is to create a free account. This setup guide will walk you through the installation process.

 

Disclaimer

The article is not written by a lawyer, and therefore, it should not be treated as legal advice. The purpose of the article is to share information with the readers. Hence, for any consultancy, please get in touch with a professional in the area.