惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hacker News: Ask HN
Hacker News: Ask HN
WordPress大学
WordPress大学
H
Help Net Security
小众软件
小众软件
N
Netflix TechBlog - Medium
C
Check Point Blog
量子位
Last Week in AI
Last Week in AI
GbyAI
GbyAI
Martin Fowler
Martin Fowler
M
MIT News - Artificial intelligence
博客园 - 聂微东
Engineering at Meta
Engineering at Meta
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
J
Java Code Geeks
D
DataBreaches.Net
Project Zero
Project Zero
P
Proofpoint News Feed
T
Threat Research - Cisco Blogs
Security Latest
Security Latest
Cisco Talos Blog
Cisco Talos Blog
Recorded Future
Recorded Future
I
Intezer
L
Lohrmann on Cybersecurity
Cyberwarzone
Cyberwarzone
博客园_首页
C
Cyber Attacks, Cyber Crime and Cyber Security
L
LangChain Blog
P
Palo Alto Networks Blog
V
V2EX
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
The Exploit Database - CXSecurity.com
The Hacker News
The Hacker News
Blog — PlanetScale
Blog — PlanetScale
G
GRAHAM CLULEY
T
The Blog of Author Tim Ferriss
C
Cisco Blogs
The Register - Security
The Register - Security
L
LINUX DO - 热门话题
P
Privacy & Cybersecurity Law Blog
Scott Helme
Scott Helme
F
Full Disclosure
博客园 - 司徒正美
Recent Announcements
Recent Announcements
IT之家
IT之家
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Attack and Defense Labs
Attack and Defense Labs
Cloudbric
Cloudbric
Help Net Security
Help Net Security
The Last Watchdog
The Last Watchdog

Compliance Solutions for Websites, Apps and Organizations | iubenda

AI can build your website. It can't manage your consent. | iubenda Browser signals and machine-readable consent: what they are and what the EU’s Digital Omnibus could change California Consumer Privacy Act (CCPA): Complete Guide How to increase your cookie banner opt-in rates: 5 mistakes to fix today | iubenda DPO Newsletter: Global Data Protection & Privacy News (issue #153) Why your consent management setup is a marketing performance question Everything you need to know about GDPR The redesigned cookie banner and configurator What nobody tells you about handing over the company you built European marketers are betting on retention. Privacy could be the edge they’re not using yet. The 5 best alternatives to Didomi in 2026: Pros, cons, pricing, and comparison Looking back on 15 years: what iubenda's founder would tell his 2011 self | iubenda The best cookie policy generator in 2026 DPO Newsletter: Global Data Protection & Privacy News (issue #152) | iubenda What publishers should expect from the EU’s Digital Omnibus proposal Uncertainty is the biggest blocker to AI adoption in marketing | iubenda Everything AI app builders need to know about vibecoding and privacy compliance | iubenda Introducing 1-Click Embedding for Google Tag Manager The Essential Small Business Terms and Conditions Template: What You Need to Know Terms of Use Template | iubenda IAB Europe Raises Concerns Over GDPR Procedural Regulation Draft Report | iubenda Learn from HelloFresh's Costly Mistake: Ensure Compliance with iubenda | iubenda Understanding the Spanish DPA Guide on Audience Measurement Cookies | iubenda The Austrian Data Protection Authority's FAQs on Cookies and Privacy | iubenda DPO Newsletter: Global Data Protection & Privacy News (issue #127) | iubenda Microsoft Ensuring European Data Stays Within the EU Cloud Boundary | iubenda Businesses Beware: ICO’s Record £14.3m in Fines for Data Misuse in 2023 Understanding the Risks and Responsibilities of Model-as-a-Service Companies in AI Development Facebook's New “Link History” Feature: A Blend of Convenience and Surveillance? | iubenda OpenAI’s Strategic Move in the EU: Aligning with Data Privacy Regulations TikTok Faces Lawsuit Over Tracking Non-Users What’s the Digital Markets Act (DMA) and how will it affect you? | iubenda Simplifying Cookie Consent: The European Commission's Approach | iubenda Google Settles Landmark Privacy Lawsuit for $5 Billion | iubenda Navigate GDPR Compliance with Confidence: Lessons from Recent Fines in Italy Simplifying the Commission's New Reporting Template for Digital Market Gatekeepers | iubenda Understanding the GDPR Complaint Against X (Twitter) for Illegal MicroTargeting | iubenda Spanish Media Giants Take On Meta in a Groundbreaking $600 Million Lawsuit | iubenda DPO Newsletter: Data Protection & Privacy News (issue #126) | iubenda Belgian DPA Mandates Cookie Banner Changes for Major Media Websites | iubenda UK's Top Websites Warned by ICO to Revise Cookie Practices | iubenda Understanding the European Union's Data Act | iubenda Google Announces Consent Mode v2 – here’s what it means for your business and advertising Noyb Challenges EU Commission Over Controversial Ad Campaign | iubenda OECD Updates AI Definition: A Step Forward in Shaping EU’s AI Law Firefox To Introduce Simplified Global Privacy Control Berlin Court Cracks Down on LinkedIn’s Privacy Violations The YouTube Ad Blocker Controversy: A Test of the ePrivacy Directive? | iubenda DPO Newsletter: Data Protection & Privacy News (issue #125) Facebook and Instagram Subscription: Meta adds a paywall | iubenda GDPR Violation: Lack of Transparency in Data Processing via Google Fonts Amazon Introduces AWS European Sovereign Cloud to Address EU Regulations | iubenda Texas New Data Privacy Law TDPSA: Everything you need to know How to Make Money with a Website Without Selling Anything Oregon Consumer Privacy Act: Overview | iubenda Google’s Move to Disable Third-Party Cookies: What Advertisers Need to Know IMY Fines H&M for GDPR Violations: A Closer Look EU Commission Requests Information from X Under Digital Services Act: What You Need to Know | iubenda Understanding California’s “Delete Act” and Data Broker Regulations TCF v 2.2 Initial Layer (Banner) Requirements | iubenda Grindr Faces €5.8 Million Fine: A Reminder on the Importance of GDPR Compliance | iubenda Newly Enacted Iowa Consumer Data Protection Act (ICDPA) | iubenda The Witch’s Brew of Privacy: A Halloween Tale of Compliance and Consequences IAB TCF 2.2 – What you need to do DPO Newsletter: Data Protection & Privacy News (issue #124) Blog Ideas That Make Money: How To Make Money From Your Blog + Examples | iubenda Maximize your Growth with Online Presence Management | iubenda Meta's New Pivot in Europe: To Pay or Not to Pay for an Ad-Free Experience? | iubenda Consumer Reports Launches Free ‘Permission Slip’ App to Protect Your Data | iubenda DAZN’s Access Request Saga Personal Brand Logo: How to Stand Out in a Crowded Marketplace UK-US Data Bridge: A New Era for Secure Data Transfers 7 Ways How to Promote Affiliate Links Effectively (And Boost Commissions) | iubenda Mastering LinkedIn Personal Branding: A Guide to More Opportunities Meta's New Approach: Pay for Your Privacy? | iubenda No Return, No Refund Policy Template & Guide GDPR in the US: a GDPR Checklist for US Companies Crafting a Niche with Branding and Identity Design | iubenda The Online Safety Bill: A Leap Towards a Safer Digital United Kingdom Understanding Google's $93m Settlement over Consumer Location Data Accusations | iubenda CCPA vs CPRA: Key Differences You Need to Know | iubenda How To Use Ecommerce Retargeting to Grow Your Business | iubenda PECR: Everything you need to know | iubenda How Mobile Apps Illegally Share Your Personal Data: A Deep Dive | iubenda Legal Spotlight: Privacy Concerns Surrounding OpenAI’s ChatGPT and Microsoft’s Involvement Legal Scrutiny Looms Over Transatlantic Data Deal: French MEP Takes Action Understanding the Digital Markets Act: A Comprehensive Guide Block AI Crawlers: Here’s How To Stop Your Site From Being Used for AI Training (OpenAI and Google Bard Irish Regulator Slaps $368M Fine on TikTok DPO Newsletter: Data Protection & Privacy News (issue #123) | iubenda The Privacy Pitfalls of Vehicle Data Collection: What You Need to Know | iubenda Twitter customer’s data on the menu for xAI models Update: Revised Swiss Privacy Law Takes Effect Fitbit and the GDPR Hurdle: What You Need to Know About Your Data Privacy | iubenda Terms of Service Template for your site | iubenda Senators Urge FTC to Investigate YouTube and Google for Violating Children's Privacy: What You Need to Google AdSense Requirements: Here's What You Need to Know | iubenda Users can’t opt out from marketing emails: FTC fines Experian $650,000 | iubenda DPO Newsletter: Data Protection & Privacy News (issue #122) | iubenda 7 Ways Business Process Automation Can Increase Your Profits
Cookie banner: What are Cookie Banners? And why do you need one + Examples | iubenda
Juan Ruiz · 2023-02-24 · via Compliance Solutions for Websites, Apps and Organizations | iubenda

In today’s digital landscape, websites collect and use data to provide personalized experiences and targeted advertising. However, with the increasing awareness of data privacy, regulations have been put in place to ensure that user data is protected. This is where the cookie banner comes in.

In this article, we’ll discuss everything you need to know about cookie banners, from what they are and how they work, to why you need one and how to design an effective cookie banner for your website.

At a glance ⬇️

  • What is a Cookie Banner?
  • Why Do You Need a Cookie Banner?
  • Who needs to show a cookie banner?
  • Guidelines for Each Global Privacy Regulation
  • How to Design an Effective Cookie Banner
  • Cookie Banner Examples
  • What do you need to do to legally comply?

Important news On May 17, 2023, the German Data Protection Authority of Lower Saxony (LfD) made a decision regarding the use of a consent banner as a cookie pay wall on the popular German-language tech news site, heise.de. The authority found that this practice infringed several articles of the GDPR. For more details on this case, please see here →

A cookie banner is a notification that pops up on a website to inform users about the use of cookies. It typically contains a message that explains what cookies are, why they are used, and what types of cookies the website is using. This is essential for informing users about their privacy and providing them with control over their data.

In a nutshell, it informs visitors about the use of cookies and other tracking technologies and provides users with the option to accept, reject, or personalize the use of cookies.

Not only is it a legal requirement for websites to obtain user consent for the use of cookies, but it also ensures transparency and trust between the website and its visitors.

Cookie banners help businesses and website owners in general to obtain user consent for the use of cookies, which is a legal requirement in many countries, including the EU under the General Data Protection Regulation (GDPR) and  the ePrivacy Directive, while in the US under state laws it is based only on opt-out for certain categories of personal data processing, including sale, sharing, and targeted advertising.

👉 A cookie banner is the most commonly used way to help comply with these requirements by providing users with clear information about the use of cookies and obtaining their consent to their use. Non-compliance with these requirements can lead to hefty fines and legal consequences.

For example, in 2019, the online fashion retailer ASOS was fined £250,000 by the UK’s data protection watchdog for failing to obtain proper user consent for the use of cookies. The company implemented a cookie banner to address this issue and has since been able to comply with privacy regulations.

🚀 Here are 5 things you need to do now to comply with the GDPR

If you run a website or app that uses non-exempt cookies or scripts and have Europe-based users, you need to display a cookie banner. This applies to any website that is not actively blocking Europe-based users or any website or app belonging to an EU-based entity, such as a company, sole trader, or public institution, regardless of where their users are based.

Note

If you are doing business in the US or targeting US-based users, you must comply with the requirement of different state laws to inform your users for certain categories of personal data processing, including sale, sharing, and targeted advertising, and to allow them to opt-out.

This means you may need to display things like a collection notice and/or a “Do not sell my personal data” (DNSMPI) link. And a privacy banner may be the best way to deal with all these requirements.

📌 Guidelines for Each Global Privacy Regulation

Different global privacy regulations have specific guidelines for obtaining user consent for cookies. For example:

  • 🇪🇺 🇬🇧 For Europe, the General Data Protection Regulation (GDPR) requires that users provide “specific, informed, and unambiguous” consent before cookies are placed on their devices.And specifically, the ePrivacy Directive, also known as the Cookie Law, is a European Union directive that regulates the use of cookies and similar technologies for storing and accessing information on users’ devices, requires website owners to obtain user consent before using cookies or similar technologies, unless the cookies are strictly necessary for the operation of the website.
    • The ePrivacy Directive applies to all websites that are based in Europe or that are targeted to EU residents. It requires website owners to provide clear and comprehensive information about the types of cookies used on the website, the purpose of the cookies, and how users can opt out of cookies.
  • 🇺🇸 For the US, state privacy legislations do not regulate cookies and other trackers and the mechanism is mainly based on opt-out. This means that the processing of personal data (sale, sharing, targeted advertising) can generally be performed right away without the user’s prior consent and up until the moment in which the user actively denies its consent. It is therefore necessary to provide ways to do so according to the requirements by the various laws in force in the US.
    • In this sense, a cookie banner may be the most effective and simple option where users can find all their privacy options, based on the type of processing made by the website.

👉 Cookie banners and privacy banners are an effective way to accomplish these goals and demonstrate a website’s commitment to user privacy.

Remember that cookie banners are just one part of the requirements of the Cookie Law and GDPR. In order to be fully compliant, you must also link to an accurate cookie policy and block cookies prior to user consent.

Cookie policy for website owners: what should it include?

As the website owner, you need to collect users’ consent before cookies are installed on the user’s device. In order to give consent, users must be informed of data collection activities and choose whether or not to consent to the installation of cookies.

You must then set up a cookie policy in which you:

  • define which cookies you use (e.g. technical, statistical, profiling, etc.) and for what purposes;
  • list the categories and purposes of third party cookies that are installed.

When designing a cookie banner, there are certain best practices that should be followed to ensure that it is effective in obtaining user consent while also being user-friendly.

  • First, make sure that the banner is prominently displayed on the website and is easy to understand.
  • It should link to a cookie policy and clearly explain what cookies are being used, their purposes and any related third-party processing involved.
  • Additionally, it should provide users with a clear option to accept or reject cookies, as well as an option to change their preferences at a later time.
  • When obtaining user consent, it is important to ensure that it is freely given, specific, informed, and unambiguous. This means that users should be given a clear and concise explanation of what they are consenting to.
  • To make the cookie banner feel like a natural part of your website, use brand colors and design elements that match the overall aesthetic. This approach can help to improve usability and create a seamless user experience.

By following these guidelines, website owners can design an effective and user-friendly cookie banner that helps them meet their legal obligations

Here are some excellent cookie banner examples that are legally compliant – once implemented in accordance with the law.

  1. This one belongs to The Spectator:
  2. cookie banner
  3. When you visit MaxMara’s website, this one will greet you:
  4. Adding a service

    This banner, properly informs users about data collection to obtain their consent, and provides information about data processing with a link to privacy and cookie policy, is readable, and easy to understand and doesn’t mislead the user to provide consent.

  5. In this example from lastminute.com, the visual design reflects the company’s branding:
cookie banner example

In conclusion, cookie banners are an important tool for website owners to comply with privacy regulations and protect user privacy.

By providing users with clear information about the use of cookies and obtaining their consent, website owners can avoid fines and legal action. Remember, when implementing a cookie banner, one of the most important aspects is to ensure that users can make informed choices about the use of cookies.

What do you need to do to legally comply?

To ensure that your cookie banner is legally compliant, there are several requirements you must follow:

  • Clearly state the types of cookies used on your website and their purpose.
  • Give users the option to consent to the use of cookies, either through an opt-in or opt-out mechanism. According to the laws that apply to you.
  • Ensure that your cookie consent banner is easily accessible and visible to users.
  • Regularly review and update your cookie policy to ensure it reflects any changes in your website’s use of cookies or changes to privacy regulations.

This can be quite challenging to implement!

But don’t worry! Compliance doesn’t have to be difficult.

🚀 Our Privacy Controls and Cookie Solution allows you to manage all aspects of cookies, in particular:

  • easily inform users via cookie banner and a dedicated cookie policy page;
  • obtain and save cookie consent settings;
  • preventively block cookies prior to consent; and
  • keep track of consent and save consent settings for each user for up to 12 months from the last site visit.

About us

iubenda

Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.

www.iubenda.com