Logo Logo

Try our free compliance test to check if your website’s use of cookies and online tracking is GDPR/ePR compliant.

The test also shows what data your website collects and which third parties it shares with, a requirement under the CCPA.

Cookie checker: is your website compliant with the GDPR?

Updated April 1, 2020.

Cookies are regulated by both the European GDPR/ePR and the Californian CCPA, because they can be used to track personal data.

A cookie checker is a valuable tool for website owners to make sure that their use of cookies and trackers is compliant.

In this article, you can read how to do so, along with a general introduction to the different types of cookies on the internet.

Scan your website with Cookiebot’s cookie checker here.

Free website tracking audit: try Cookiebot's cookie checker

The EU legislations for data and privacy protection – General Data Protection Regulation (GDPR) and ePrivacy Directive – have a significant impact on how your website may use cookies and online tracking of your users.

They regulate the collection and processing of personal data of individuals inside the EU.

So does the California Consumer Privacy Act (CCPA) that regulates the collection, processing and selling of personal information of California residents.

Marketing cookies that track data falls under the category of personal data in the GDPR, as well as the definition of personal information in the CCPA.

Personal data in the GDPR is “any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data”, states the European Commission.

Personal information is defined in the CCPA as “information that identifies, relates to, describes or is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household”.

Cookies track information such as IP-addresses, geolocation, actions and preferences and browsing history, that can build up impressive user profiles for targeted marketing etc.

Scan your website for free with Cookiebot's cookie checker here.

Please accept marketing cookies to view this video

Accept cookies

Netflix' "The Great Hack" explains website tracking and its consequences in an easy-to-understand way.

Most modern websites set a great deal of cookies on their user’s browsers, and often, even the website owner does not have the full picture of the cookies in use on the site.

This is because cookies can be of both first- and third-party provenance, as we will explain later on in this article.

As owner of the website, however, you are responsible for all cookies set on your users’ browsers, whether you set them yourself or they are set by embedded content and tools etc. in use on your website.

Website tracking audit: what cookies does my website use?

To protect the privacy of your users, you need to be aware of not only what first party cookies are present on your domain, i.e. the cookies that your website uses, but also what third-party cookies and tracking are operating on your site.

A cookie checker will reveal these and empower you and your users to avoid data harvesting and abuse of personal information.

Find out which cookies your website uses and check if the use of cookies and online tracking is compliant with our cookie checker. 

The free online cookie audit tool scans up to five pages of your website and sends you a compliance report on all of the cookies and online tracking in use on these pages. We need your mail address to send you the report, but we don’t store or use the mail address, unless you check the box that you wish to receive Cookiebot’s newsletter.

Read more about our cookie scanner technology here.

Sign up with Cookiebot to get a full website tracking audit of all of the pages of your website and a cookie solution, that makes your website's use of cookies and online tracking GDPR and ePR compliant.

Cookie checker for GDPR compliant cookie use

For your use of cookies to be compliant, the keyword is prior consent

cookie audit

A non-compliant cookie consent banner.

A GDPR compliant cookie consent banner by Cookiebot.

Compliance checklist:

You can't empower your users with prior consent, unless you perform cookie checks or website tracking audits that reveal the cookies and tracking present on your domain.

Check out Cookiebot, the most used GDPR and ePR compliant cookie solution for websites on the market. We check cookies and enables prior consent as required by the law.

Cookie checker for CCPA compliant cookie use

To be compliant with the California Consumer Privacy Act (CCPA), your website must:

  • Inform users at or before the point of collection of the categories of personal information that it collects, the purposes for the collection and which third parties it shares it with.
  • Feature a Do Not Sell My Personal Information link for users to opt out of having their personal information sold to third parties.
  • Describe the consumer rights and how they can be exercised (right to opt out, right to deletion, right to be informed).

Cookiebot's cookie checker scans your website for compliance.

A CCPA compliant cookie declaration by Cookiebot.

Cookiebot enables compliance with both the GDPR/ePR and the CCPA through our highly customizable consent management platform.

Scan your website with our free cookie checker today.

What are website cookies?

What is a cookie and what does it do?

Essentially, a cookie is a small file of text that is dropped on a user’s browser by a website, when the user visits the site.

The cookie serves to give the website a “memory”, enabling it to retain information such as...

  • user settings and preferences, eg. language, font size and theme,
  • geographic location and currency,
  • the goods in their virtual shopping cart on e-commerce sites,
  • their browsing activity, eg. frequency of visits to the site and duration of the visit,
  • their password and invoice details,
  • their previous purchases,
  • their fields of interest

All in all, cookies are an important and often indispensable means of presenting a smooth and responsive digital experience for the users.

Interested in knowing how our Cookiebot cookie scripts work to protect privacy on your website? Click here.

The problem with cookies, however, is that they function out of sight (many don’t even really know what they are and what they do), and that they track personal data and can be used to create dauntingly rich and accurate user profiles.

Types of cookies

What cookies does my website use, you might ask?

Well, there exists various types of cookies, and they can be grouped according to their purpose, their duration, and provenance.


Based on purpose, one may speak of the following five categories: 

  1. Strictly Necessary Cookies
  2. Preferences Cookies
  3. Statistics Cookies
  4. Marketing Cookies
  5. Other/Unknown Cookies
In this categorization, the cookies to be aware of are especially the marketing cookies, that are the ones most frequently tracking, storing and using personal data.


Based on duration, one may speak of session cookies and permanent cookies.

  • Session Cookies
  • Permanent Cookies

Session cookies disappear once the user closes the browser window. All permanent cookies have an expiration date written in their code. According to the ePrivacy Directive, the cookie should last no longer than 12 months, but in practice, many cookies have a much longer duration. Ordinary cookies can easily be viewed and deleted by the user, as we will explain later on in this article.


Based on provenance, one may distinguish between first party cookies and third-party cookies. Basically, first party cookies are set by the website itself, and third-party cookies are set by others than the website itself.

  • First-party cookies
  • Third-party cookies

Third parties present on your website can eg. be analytics, social sharing and advertisers.

A cookie checker can audit your site, perform a scan (also known as a website tracking audit) and reveal all these third parties, whether analytics or marketing.

Google is the most ubiquitous tracker on the internet, with a presence on 70 % of the top 1 million websites.

What does the GDPR mean for the use of cookies?

The GDPR and CCPA means strict rules for all cookies that track personal data.

Find out what cookies are in use on your website, where they come from and what they do.

In doubt about what cookies are in use on your website? Try our free cookie audit.

Clearly inform your users about the cookies and online tracking in use on your website, eg. in your cookie policy or privacy policy, along with instructions on how they can opt out of being tracked.

Implement a compliant cookie consent solution for your website.

Check out Cookiebot, the most popular GDPR and ePR compliant solution for websites. We check cookies and enable prior consent for your users.

Scan with Cookiebot's cookie checker for free.

What cookies do I have on my computer?

On average, a website stores about 20 cookies on your computer.

All cookies have an expiration date. However, this date may be set far off into the future.

For example, Google Ads permits for a cookie lifetime of 540 days.  

So if you never block or manually delete cookies, you probably have hundreds of cookies stored on your computer.

This is not necessarily an issue: cookies take up very little space and work in the background.

You may check, edit and delete the cookies on your computer.

However, before checking the “delete all cookies” box, it is worth keeping in mind that you probably will have to re-enter all of your information on your next visit to the various websites.

And also, that new cookies will be installed all over again upon your next visit.

Cookies are stored in the various browsers, so the method for checking your cookies depends on which browser you are using.

Where are cookies stored?

Cookies are stored on the computer hard disk, more specifically in your web browser folder, such as Internet Explorer, Firefox, Safari, Chrome, etc.

The browsers on your computer don’t communicate with one another.

This means, at least in theory, that if you browse for tickets for your next holiday in Safari, advertisements for hotels and car rentals won’t show up in Chrome.

However, with the tracking of IP addresses and device data, and the ubiquitousness of the largest trackers such as Google and Facebook, it is likely that targeted advertisement will find you anyways. 

To view and manage the cookies on your computer, you have to check separately for every browser in use on your computer.

View cookies in Chrome

To see the cookies stored in your chrome browser, type chrome://settings/content/cookies in the address bar.

Then, click “see all cookies and site data”.

Cookie checker Firefox

In your Firefox browser, write about:preferences#privacy in your address bar.

Click on “manage data” to see the cookies that are stored on your Firefox browser.

Wordpress cookie checker

To check if your WordPress website uses cookies, try our free cookie checker and get the report on the cookies in use on your site.

The free checker scans up to five pages of your website, and finds all of the cookies and other known tracking technologies in use on these pages.

Sign up to Cookiebot for full scans of all of the pages of your website. 

How long does a cookie last?

Each cookie has a name and an expiration date.

When a website sends a cookie, it asks your browser to keep that particular cookie until a certain date and time, as written in the text file.

According to the recommendation of the ePrivacy Directive, cookies should be deleted every 12 months at least, but some are stored for a much longer duration. In Google Ads, i.e., a cookie may last up to 540 days.

From a textual point of view, there is no limit to how long a cookie may be intended to last, and examples have been registered of cookies that were made to have a lifespan of +7000 years!

What information does a cookie store?

Being basically small files containing text, the content of a cookie is arbitrary.

Each application developer can choose to put any information they wish in a cookie.

That information can e.g. include your username and password, site preferences, or what you might have left in your shopping cart.

Cookies might hold a vast quantity of information on the user such as age group, gender, geographical location, language preferences, search history and the like.

Essentially, each cookie is a small lookup table containing pairs of (key, data) values - for example (firstname, John) (lastname, Smith).

Once the cookie has been read by the code on the server or client computer, data can be retrieved and used to customise the web page appropriately.

You can try and read the content of a cookie yourself by using the Notebook program on your PC.

How secure are cookies?

From a purely technical point of view, cookies do not represent any threat to your data or computer.

They are neither programs nor spyware.

They are small, passive text files, and can as such not of themselves do anything.

However, cookies hold sensible information, and they do enable third parties to keep track of your digital actions.

The GDPR and CCPA has made it easier for the user to understand what information is being released, to whom, and for what purpose.

But for the time being, the transparency on how the information gathered from the cookies is being used and shared with third parties is, mildly put, limited.

Should I delete cookies?

Cookies operate in the background, so they're not likely to cause much obvious trouble.

However, there are some instances where you should delete them.

The stored data in cookies can sometimes conflict with the website they refer to, if the page has been updated, resulting in errors when you attempt to load the page again.

Also, since cookies are actually files on your hard drive, they do end up taking up some space on your computer.

Although each file is only a few KB in size, they can conceivably add up if left untouched for long enough.

Lastly, cookies are storing your user data and enabling for servers to track your activity.

To secure your privacy, it is thus a good idea to keep a critical eye on what cookies get stored on your computer.

Are computer cookies bad?

From a technical point of view, cookies are harmless.

They are simple text files that are stored passively, and cannot be used i.e. to view data on your hard disk or capture other information from your computer.

However, websites and search engines increasingly use them to track users as they browse the web, collecting highly personal information and often surreptitiously transferring that information to other websites without permission or warning.

Tracking data is also being used to give users and site owners more targeted information or to make recommendations on purchases, content, or services to users.

On the one hand, this is a feature many users appreciate.

For example, one of the most popular features of Amazon.com is the You-Might-Also-like section, which presents targeted recommendations for new merchandise based on your past viewing and purchase history.

At the same time, they can and do gather sensitive personal information and put it to use by e.g. displaying intrusive advertisements targeted to a highly segmented range of users.

What are website cookies, cache and temporary Internet files?

A cookie is a text file created by a website and stored on your computer for future reference.

Cache on the other hand, is a copy of the files or images that you access on the internet.

Each time you access a file through your web browser (Internet Explorer, Firefox, Chrome, etc.), the browser caches (i.e., stores) it.

That way, it doesn't have to keep retrieving the same files or images from the remote web site each time you click Back or Forward.

In some browsers, the cache of the files is stored in Temporary Internet Files.

Temporary Internet files is a folder which serves as the browsers’ storage place to cache pages and other multimedia content from the websites.

You should periodically clear the cache to allow your browser to function more efficiently.

Summing up on Cookies and the Internet

All in all, cookies are one of several instruments in a general pattern, where the Internet is becoming more and more sophisticated as we speak.

This development holds the potential for constantly better browsing experiences.

At the same time, it becomes more and more difficult to understand what is actually going on behind the scenes.

Therefore, a high degree of critical consciousness amongst consumers is increasingly important, as well as an adequate and up to date legislation regarding personal data, data tracking and sharing of data.

To check the cookies and tracking of any website, scan with Cookiebot's cookie checker for free today.


What are website cookies?

Website cookies are small text files that among other things help your website remember users and their preferences upon repeated visits. Most cookies on your website will be either preference cookies, statistics cookies or marketing cookies, all with different purposes. Most cookies will also come from third parties, like Google, Facebook or other tech companies, when you implement social media plugins or analytics tools on your website.

Learn more about cookies and website tracking

How do website cookies work?

Most cookies are set on a user’s browser, when they visit your website. Some cookies – especially third-party cookies – will assign unique identifiers to the individual user so that your website is able to recognize them upon repeated visits, including information about their preferences, settings and behavior.

Learn more about GDPR and cookies

Do cookies collect personal data from users?

Yes, most cookies process personal data of some kind from website users. Personal data is defined under the GDPR as anything that can directly or indirectly identify a living individual, like names, addresses, location data, information about health, genetics, biometrics, appearance, political convictions, religious beliefs and so on. Personal data also includes IP addresses, search and browser history.

Try Cookiebot free for 30 days for GDPR compliance

How can I check my website’s cookies?

You can use a consent management platform that can scan and detect all cookies and similar tracking technology in operation on your website. Cookiebot performs deep-scans on your website with our free GDPR compliance test and will find all cookies and trackers present.

Scan your website for free with Cookiebot


General Data Protection Regulation (GDPR)

California Consumer Privacy Act (CCPA)

ePrivacy Directive

European Commission’s FAQ

Comprehensive introduction to cookies

An article by The Guardian about how DoubleClick and other digital adservices work

An article on Lifewire about how to protect your user privacy on Google

An overview of types of cookies used by Google

A general description of cookies on Lifewire

An introduction to web tracking by The Guardian

A fun introduction to third-party cookies

YouTube video on cookies by The Guardian

Trailer for Netflix' The Great Hack

New Google Consent Mode 

Cookiebot™ CMP integrates perfectly with the new Google Consent Mode.

Make your website’s use of cookies and online tracking compliant today

Try for free