What is GDPR cookie compliance?

GDPR cookie compliance requires websites to obtain prior consent for dropping cookies on a user’s device. For the consent to be valid under the General Data Protection Regulation (GDPR), it should be a freely given, specific, informed and unambiguous indication of the user’s wish obtained through an affirmative action such as clicking on an ‘accept’ button. 

To be valid, GDPR lays down two additional conditions — withdrawal of consent and proof of consent. Users should be able to withdraw consent at any time after giving consent and websites should be able to demonstrate their cookie compliance i.e. record all user consents for proof.