Need to learn more about the ePrivacy Directive, the EU cookie law?

    Achieve ePrivacy Directive compliance easily

    The ePrivacy Directive provides instructions for how users need to be informed and have consent choices for their electronic data. Cookiebot CMP enables this with three powerful and automatic core functions.

    • Monitoring: stay up to date on the cookies and tracking technologies your website uses, enabling user notification and consent
    • Control: When required, prevent cookies from being used unless user consent has been obtained
    • Consent: Obtain and store informed, granular consent from users to be aligned with the ePrivacy Directive
    Cookie checker

    Frequently asked questions

    Yes. The ePrivacy Directive (officially Privacy and Electronic Communications Directive 2002/58/EC) was passed earlier, in 2002. The GDPR came into effect in 2018. While often called the "cookie law", it is not technically a law. It is a set of instructions to EU member states (and those processing data of EU residents), rather than a binding law. It is intended to direct EU member states in creating their own laws that align with the Directive. The ePrivacy Directive will be replaced by the ePrivacy Regulation, which will be a binding law. This is expected in 2023, with a 24-month transition period.

    The "EU cookie law" or "ePD" as it's often called, regulates the use of cookies on websites, email marketing, data minimization, and other aspects of data privacy. Its focus is the protection of electronic communications content and metadata. These are not categorized the same as "personal data", which the GDPR focuses on protecting, though they can contain personal data. All electronic communications data falls under the scope of the ePrivacy Directive. If electronic communications data that is collected and processed also includes personal data, it falls under the scope of the GDPR as well as the ePD.

    The GDPR is a binding law that covers all EU member states and its residents, and in addition to the functions that the ePrivacy Directive covers, the GDPR provides principles to govern data collection and processing, as well as regulate data privacy more broadly, and is not limited to just electronic communications or data.

    The ePrivacy Directive requires obtaining GDPR-compliant consent for data collection and processing from cookie usage on websites. This can be accomplished with a consent management solution like a cookie banner.

    The exceptions to this requirement are if the cookies are solely used to transmit communications over an electronic communications network, or are strictly necessary to provide an information society service that the subscriber or user has explicity requested. Some excluded functions requiring cookies could include authentication, shopping carts, security (with duration limits), social media plugins or UI customization.

    To achieve ePrivacy Directive (or GDPR) compliance, companies must:

    • obtain users' valid consent before any cookies, except strictly necessary ones, are used
    • provide specific, accurate information about the cookies used, what data they track, and their purposes, before consent is obtained
    • securely document and store user consent
    • enable users to access your website (or other service) even if they refuse to allow the use of some or all cookies that are not strictly necessary
    • enable users to change or withdraw their consent as easily as it is to give it

    Installing a Consent Management Platform (CMP) like Cookiebot CMP is easy and setup is user-friendly. It enables companies to provide data privacy information and obtain and store valid consent from users. The CMP will also scan websites to determine what cookies and tracking technologies are in use, and block their usage until user consent for them is obtained, thus helping with privacy compliance. With Geolocation features, the CMP can customize messaging and functions based on where the user is located, to enable specific compliance with the ePrivacy Directive, for example. Thanks to automated consent management, the CMP will also stay up to date with the legal landscape and technology to help maintain compliance.

    Show more

    Learn how easy it is to get your website privacy-compliant

    If you want to get your website compliant with the ePrivacy Directive (and soon ePrivacy Regulation), Cookiebot CMP is easy to set up, user-friendly to customize and uses powerful scanning technology to help you achieve and maintain privacy compliance for cookie use with the cookie law. Best of all, you can get started for free. Here's how.

    Trackpad icon - Cookiebot
    Icon shield
    Pepco
    rural-king
    orbico
    credit-exchange
    canon
    bauhaus
    Cookiebot bg shield