What is considered UK GDPR compliant consent?

Under the UK GDPR, consent must meet strict legal standards to be valid. It must be:

1. Freely given, meaning users should have a genuine choice without pressure or negative consequences for refusing
   
2. Specific, meaning consent must apply to a clearly defined purpose such as analytics or marketing
   
3. Informed, meaning users need to know who is collecting their data, why, and how it will be used
   
4. Unambiguous, meaning consent requires a clear affirmative action like ticking a box since pre-ticked boxes or inactivity do not count
   
5. Easy to withdraw, meaning users must be able to withdraw consent at any time as easily as it was given
   

For cookies, this requires showing a consent banner that explains categories of cookies, does not assume consent, and lets users accept, reject, or manage preferences.

Read more about UK GDPR.