Logo Logo

The EU's GDPR and California's CCPA both affect how your website is allowed to handle the personal data of users.

Try our free website scan to see how your website tracks and handles personal information.

Consent management platform like Cookiebot protects the privacy of users.

Updated September 7, 2020.

A consent management platform (CMP) is a piece of software that websites across the world can use to protect the privacy of their users from unwanted data collection and invasive third-party trackers.

A consent management platform like Cookiebot is the security guarantee for users that your website is in compliance with data protection laws like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).

A CMP lets users know that they are in control of their own data and privacy.

What is a consent management platform (CMP)?

Consent management platforms (CMPs) deal with – as their name implies – the control of user consent on websites regarding the collection and handling of personal information.

Most data privacy laws around the world regulate the way businesses, organizations, governments and the likes are allowed to collect and use the personal data of individuals.

The two most prominent examples are the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

There are many different consent management platforms for websites to use in order to obtain compliance with the data privacy laws, each with a different technology for managing user consent.

Test if your website is compliant with the GDPR by using Cookiebot’s free compliance test.

Try Cookiebot for free today… or forever if you have a small website.

What does Cookiebot do?

A consent management platform like Cookiebot gives you total control of all things cookies and trackers and consent and legal compliance.

At Cookiebot, we spend the better part of our days developing and fine-tuning the ground-breaking software that is unique and crafted specifically to protect the privacy of your end-users, making your website compliant with the GDPR’s consent requirements and the CCPA’s information and opt out requirements.

Automatic cookie control

Cutting-edge technology in the business of consent management allows Cookiebot to automatically control all the cookies and trackers on your website.

This is different from self-defense privacy tools like ad blockers and VPNs that can be employed by your end-users themselves (and often break the website).

A consent management provider doesn’t put the responsibility of protecting their privacy on the end-users’ shoulders – rather, as required by the GDPR, it helps websites make their own privacy framework compliant.

With Cookiebot as your consent management platform, you are in full control of which cookies are set on your website - instead of leaving it up to your users to opt in and out of hundreds of third-party cookie providers.

Try Cookiebot for free today… or forever if you have a small website.

Cookie consent banner for GDPR compliance

Using the cookie declaration that the scanner creates from its exhaustive findings, our consent management platform then creates a consent banner that pops up on any page of your website, when the user arrives for the first time.

Cookiebot consent management platform for GDPR compliance.

A GDPR compliant cookie consent banner by Cookiebot.

Cookiebot informs the users about the cookies and trackers, the make-up of first and third-party technology present, and empowers them with a choice between four categories (three are optional, one strictly necessary and mandatorily pre-checked).

Granular consent and detailed information on each cookie, its purpose, provider, duration and type, secures full GDPR compliance for your website, and true privacy protection for your users.

Cookie declaration and opt-out for CCPA compliance

To be compliant with the CCPA, websites must have an updated cookie declaration with a Do Not Sell My Personal Information link for users to opt out of third-party data sales.

Cookiebot consent management platform for CCPA compliance.

A CCPA compliant cookie declaration by Cookiebot.

Using a CMP with automatic geotargeting like Cookiebot, you can rest assured that your website presents its users with the right data privacy solution, whether they are from inside the EU or California.

Try Cookiebot for free today… or forever if you have a small website.

Google Consent Mode and Cookiebot

Google Consent Mode helps you find a balance for your website between data privacy compliance and analytics insights and advertisement optimization.

Google Consent Mode lets you run all your website’s Google-services (like Google Analytics and Google Ads) based on the consent state of your end-users.

If an end-user opts out of statistics and marketing cookies, Google Consent Mode ensures aggregate and non-identifying data for website optimization and conversion measurement, as well as being enabling you to display contextual ads to the user instead than targeted, personalized ads – respecting the user’s consent in GDPR compliance and securing important ads revenue for your domain.

Cookiebot integrates seamlessly with the Google Consent Mode!

Using Cookiebot to ask for and obtain the prior consent for processing personal data from users, your website can use this consent state to let the Google Consent Mode run all your website’s preferred Google-services in a simple, streamlined way.

Get started with Google Consent Mode

Try Cookiebot free for 30 days… or forever if you have a small website.

Scan your website for free to see what cookies and trackers you use

What is the GDPR?

The GDPR is the data protection law that is binding in all twenty-seven member states of the European Union.

GDPR came into effect in May 2018 and has since caused a fundamental change to the make-up of the commercial Internet - not just in the EU, but globally, since the GDPR applies to any company or website across the globe, if they have visitors from inside the EU (called “extraterritorial reach”).

GDPR regulates how data controllers (websites, companies, organizations, anyone who handles other people’s data) are allowed to collect and process personal data on individuals within the EU.

Consent management platform like Cookiebot enables GDPR compliance.

A consent management platform like Cookiebot enables GDPR compliance for your website, regardless of where in the world you might be based.

Of the various legal bases for processing, the first and most widely applied is the condition of consent. This means that to collect and process personal data, your website must first obtain the informed and unambiguous consent of the data subject in the EU.

EDPB guidelines on valid consent state that –

The European Data Protection Board (EDPB) is the leading supervisory authority in the EU on GDPR enforcement.

Cookiebot makes your website fully compliant with the GDPR and EDPB guidelines, as well as the CCPA and many other major data protection laws around the world.

Learn more about the GDPR here.

Learn more about EDPB guidelines on valid consent.

Try Cookiebot for free today… or forever if you have a small website.

What is the CCPA?

California Consumer Privacy Act (CCPA) is a statewide law that took effect on January 1, 2020 and regulates how the personal information of California residents are allowed to be collected, handled and sold by businesses all over the world.

CCPA empowers California users with a right to know what personal information a business has collected from them, a right to have that data deleted, and a right to opt out of having their data sold to third parties.

CCPA compliance through a consent management platform with Cookiebot

A consent management platform like Cookiebot ensures CCPA compliance for businesses all over the world.

In order to be in compliance with the CCPA, a website has to inform its users of the categories of personal information it collects (at or before the point of collection), feature a Do Not Sell My Personal Information (DNSMPI) link on the website and provide information on how users can exercise their rights to deletion.

Cookiebot enables CCPA compliance for websites with a CCPA specific configuration, which detects when a user is from California and then presents them with a CCPA compliant cookie declaration featuring the legally required DNSMPI link.

Learn more about the CCPA here.

Try Cookiebot for free today... or forever if you have a small website.

Why should I use a consent management platform?

Most websites in the world have third-party cookies imbedded, even if the website owner or controller is not aware of it.

Everything from social media plugins to embedded videos will typically bring dozens of invasive third-party trackers with them that harvest data from your visitors and sell these to other companies, unbeknownst and unconsented by the users themselves.

Unless you have a website with only strictly necessary cookies (which, frankly, is very unlikely), you are legally obligated to not only inform your users about what tracking technologies are present on your website, you must also obtain their explicit consent for the activation of these.

It requires substantial time, work and technical insight to not only become aware of the extent of cookies and trackers on your domain, but also to control them in compliance with the EU’s GDPR and California’s CCPA.

It’s a lot of work to keep up with the constantly changing landscape of data privacy compliance and the ever-evolving specs of online tracking, which is exactly why a consent management platform like Cookiebot exists.

It’s not just to make things easier for websites, it’s also to ensure real and thorough compliance for true data privacy protection.

This drives Cookiebot every day.

What are the benefits of using a consent management platform?

Besides ensuring compliance with the GDPR and CCPA, a consent management platform provides you with a real difference when it comes to privacy and security.

The Internet has changed a lot since the early 2000s – behavioral advertisement based on profiling and data abuse proliferate the commercial Internet and a great privacy awakening has been rolling across the world since the scandalous revelations about Cambridge Analytica.

We are all becoming critical users, just like we have become critical consumers when it comes to organic foods and recycling.

A consent management platform is an effective weapon against the rampant surveillance capitalism.

Surveillance on the Internet is real and pervasive – using a consent management platform can make your website a safe private space.

Privacy is not a trend.

This much is confirmed by the global data protection laws emerging across the world (CCPA // LGPD // GDPR), and the readiness of great scholars, like Shoshana Zuboff, to put into words the very real dangers that we face as a democratic society if we don’t act on the threat of data abuse now.

By using a consent management platform like Cookiebot on your website, you choose not only to comply with global privacy laws, you also make your website – your tiny corner of the endless Internet – a safe space from malicious ad tech giants who otherwise collect and sell intimate details of personal information for profit.

You effectively opt-out of the surveillance markets that power massive data abuse, breaches, misinformation and algorithmically controlled echo chambers.

You cut the ties between your website and the black data markets.

Yeah, but don't I also lose all of my Google Analytics by using a consent management platform?

Using a consent management provider like Cookiebot will not break your website, that’s the whole point of our product. We have developed a unique piece of technology that balances strong, genuine data protection with nuanced integration that takes care to not compromise the operation of your domain.

However, when it comes to the EU, the GDPR and EDPB guidelines on valid consent in the EU are very clear: you must obtain the explicit consent of your users, if your process any data.

This will have some implications on your analytics, but on the other hand, not using a consent management platform can have even worse implications, such as heavy fines, bans from processing data and the abuse of your visitors’ data.

There is no way around protecting the privacy of your user, and no way around dealing with the content – first or third party regardless – of your website.

Using Cookiebot as your consent magement platform can make both as easy and effortless as locking your front door.


What is a consent management platform?

A consent management platform – or “CMP” – is a technology that websites use to obtain the legal consents from users to process their personal data, typically through cookies and trackers in operation on the domain. Consent management platforms help websites be in compliance with data protection laws like the EU’s GDPR, which requires user consent prior to any activation of cookies that process personal data.

Try Cookiebot free for 30 days or forever if you have a small website

What is personal data?

Personal data or personal information is information that can be used to identify a living individual. Different data protection laws, like the GDPR and the CCPA, define personal data differently, but broadly they all agree on the fact that if data can be used to identify – directly or by indirectly by inference – a human being, that data is personal data.

Learn more about the GDPR and the CCPA.

What are cookies?

Cookies are small text files that websites use to identify and remember users, serve targeted advertisement, generate analytics and statistics on performance and more. Cookies come in many different types, some are necessary for the basic functions of a website, others are marketing cookies that are often placed on websites by third parties like social media platforms or big tech companies.

Learn more about GDPR and cookies

Learn more about CCPA and cookies

How do cookies collect personal data?

Cookies are stored on a user’s browser when they visit a website. Cookies will often contain personal data like IP addresses or Unique IDs that make it possible for websites to identify and recall users upon repeated visits. Once on the browser, cookies are able to monitor the user's activity on the website or across websites. Some cookies, like third-party marketing cookies, will share personal data with other commercial entities that utilize it to serve behavioral advertisement back at the user, when they land on websites.

Learn more about website tracking and cookies.


What is the GDPR?

What do I need to know about GDPR and cookies?

EDPB guidelines on valid consent in the EU

What is the CCPA?

What is the LGPD?

Shoshana Zuboff on surveillance capitalism 

What is behavioral advertisement? 

Cambridge Analytica and the Great Privacy Awakening

We are becoming critical users

New Google Consent Mode 

Cookiebot integrates perfectly with the new Google Consent Mode.

Make your website’s use of cookies and online tracking compliant today

Try for free