{"id":979,"date":"2020-11-09T12:29:00","date_gmt":"2020-11-09T12:29:00","guid":{"rendered":"https:\/\/www.cookiebot.com\/en\/?p=979"},"modified":"2026-03-12T08:19:17","modified_gmt":"2026-03-12T08:19:17","slug":"cookie-compliance","status":"publish","type":"post","link":"https:\/\/www.cookiebot.com\/us\/cookie-compliance\/","title":{"rendered":"What you need to know about cookie compliance globally and how to become compliant"},"content":{"rendered":"\n<p>When it comes to data privacy and compliance with privacy regulations, cookies are a crucial consideration because they are one of the most common methods of collecting user data.<\/p>\n\n\n\n<p>Cookies are small text files that websites store on users' devices. They enable various features and functions and also track preferences and behaviors to provide insights into users\u2019 activities.<\/p>\n\n\n\n<p>Typically, we don\u2019t even notice cookies are in use, as they power websites\u2019 critical functions. However, cookies can collect large amounts of data that can be used to identify users without their consent. They can track users not just on one website, but across websites throughout browsing sessions \u2014 on social platforms, ecommerce sites, and more. The data from cookies\u2019 tracking can enable personalized marketing campaigns and targeting of individuals with specific advertisements.<\/p>\n\n\n\n<p>Since cookies can collect personal information, privacy laws around the world require companies to ensure cookie compliance to meet regulatory requirements. Achieving cookie compliance can be fairly straightforward, but not necessarily easy to implement and maintain as technologies, business operations, and regulations change. Here\u2019s what you need to know.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-cookie-compliance\">What is cookie compliance?<\/h2>\n\n\n\n<p>Cookie compliance requires ensuring that your use of cookies on your website, and the collection of visitors\u2019 personal data that they\u2019re activated for, follows global and national data privacy laws.&nbsp;<\/p>\n\n\n\n<p>Each country or region\u2019s laws have unique definitions and requirements. But in most cases, cookie compliance starts with informing users of:<\/p>\n\n\n\n<ul style=\"background-color:#f2f7fe\" class=\"cb-rounded has-background wp-block-list\">\n<li>how your company will use cookies<\/li>\n\n\n\n<li>what data the cookies collect<\/li>\n\n\n\n<li>what the purpose(s) is for data collection<\/li>\n\n\n\n<li>legal basis for data processing (where required, e.g. under the GDPR)<\/li>\n\n\n\n<li>what parties will have access to the data, especially third parties&nbsp;<\/li>\n\n\n\n<li>how long the data will be retained\/stored<\/li>\n\n\n\n<li>what users\u2019 options and rights are regarding consent to data collection and use<\/li>\n\n\n\n<li>how users can withdraw consent<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-types-of-cookie-consent-compliance\">Types of cookie consent compliance<\/h2>\n\n\n\n<p>While privacy laws often don\u2019t explicitly refer to cookies or requirements for their use, data collection and processing via cookies is considered like any other processing of personal data \u2014 including data that can be individually identifying or even categorized as sensitive.<\/p>\n\n\n\n<p>Privacy laws therefore have various privacy-related requirements when it comes to website cookie compliance and what rules must be followed. Worldwide, one of the most common requirements for privacy compliance is to obtain consent from users before collecting or processing their personal data, including through the use of cookies. The most common way of obtaining this <a href=\"https:\/\/www.cookiebot.com\/en\/cookie-consent\/\">cookie consent<\/a> is via a website <a href=\"https:\/\/www.cookiebot.com\/en\/cookie-banner\/\">cookie banner<\/a> or pop-up.<\/p>\n\n\n\n<p>It is also a typical requirement that companies provide a cookie notice or policy, which outlines the information listed above regarding data collection and use and users\u2019 rights. Sometimes the cookie notice is a standalone document, but more commonly it\u2019s included as part of a privacy notice or policy. There are various types of <a href=\"https:\/\/www.cookiebot.com\/en\/cookie-notice\/\">cookie notices<\/a>, depending on the type of cookies a company uses, relevant privacy laws, and policies and guidelines from data protection authorities.<\/p>\n\n\n\n<p>The type of consent banner and the implementation that is best for your organization will depend on what country-specific privacy regulations and guidelines require with regard to user notification and consent.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-information-only\">Information only<\/h3>\n\n\n\n<figure class=\"wp-block-image aligncenter size-large is-resized cb-rounded\"><img decoding=\"async\" src=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/information-only.svg\" alt=\"Information Only\" class=\"wp-image-14251\" width=\"770px\" height=\"auto\" srcset=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/information-only.svg?v=f1f6776241d6910d 150w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/information-only.svg?v=f1f6776241d6910d 300w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/information-only.svg?v=f1f6776241d6910d 768w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/information-only.svg?v=f1f6776241d6910d 1024w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/information-only.svg?v=f1f6776241d6910d 770w\" sizes=\"(max-width: 770px) 100vw, 770px\" \/><\/figure>\n\n\n\n<p>This type of cookie banner only informs users that cookies are being used. It does not provide an option to consent or opt out of data collection or use. This model is generally not compliant with most privacy regulations, including the GDPR.<\/p>\n\n\n\n<p>It is very rare for websites to only use necessary cookies (and for authorities to agree that all the cookies in use are, in fact, strictly necessary), so it is not at all recommended to employ an information-only cookie banner that does not include consent options.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-soft-opt-in\">Soft opt-in<\/h3>\n\n\n\n<figure class=\"wp-block-image aligncenter size-large is-resized cb-rounded\"><img decoding=\"async\" src=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2020\/11\/soft-opt-in.svg\" alt=\"Soft Opt-in\" class=\"wp-image-14252\" width=\"770px\" height=\"auto\" srcset=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2020\/11\/soft-opt-in.svg?v=2e0c870b4fbc342d 150w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2020\/11\/soft-opt-in.svg?v=2e0c870b4fbc342d 300w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2020\/11\/soft-opt-in.svg?v=2e0c870b4fbc342d 768w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2020\/11\/soft-opt-in.svg?v=2e0c870b4fbc342d 1024w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2020\/11\/soft-opt-in.svg?v=2e0c870b4fbc342d 770w\" sizes=\"(max-width: 770px) 100vw, 770px\" \/><\/figure>\n\n\n\n<p>When this type of banner is in use, cookies are initially blocked when the visitor arrives on the site. However, any action taken by a website visitor, such as clicking a link to another page, is viewed as consent to the website\u2019s cookies.<\/p>\n\n\n\n<p>The soft opt-in consent model can be used for \u201ccommunication over an electronic communications network\u201d, like email or SMS, under certain conditions (i.e. the sole purpose is to carry out those communications) outlined in the UK's Privacy and Electronic Communications Regulations (PECR).<\/p>\n\n\n\n<p>Soft opt-in is not compliant with many global or national privacy regulations, as it is not considered explicit consent because that requires an affirmative consenting action (like clicking an \u201cAccept\u201d button).&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-opt-out-consent\">Opt-out consent<\/h3>\n\n\n\n<figure class=\"wp-block-image aligncenter size-large is-resized cb-rounded\"><img decoding=\"async\" src=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optout-consent.svg\" alt=\"Opt-out Consent\" class=\"wp-image-14253\" width=\"770px\" height=\"auto\" srcset=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optout-consent.svg?v=9f56df7f06deafda 150w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optout-consent.svg?v=9f56df7f06deafda 300w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optout-consent.svg?v=9f56df7f06deafda 768w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optout-consent.svg?v=9f56df7f06deafda 1024w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optout-consent.svg?v=9f56df7f06deafda 770w\" sizes=\"(max-width: 770px) 100vw, 770px\" \/><\/figure>\n\n\n\n<p>The opt-out cookie consent model assumes website visitors agree to cookies unless they opt out. Or, under some specific state or national&nbsp; laws that use an opt-out model for consent, prior user consent for data collection is not required in many cases. Cookies are set by default, but users are provided an option to opt out or refuse cookies, which some laws do require. Some laws enable users to opt out of data collection and cookie use for specific purposes, like targeted advertising.<\/p>\n\n\n\n<p>The opt-out consent model is in use in the state-level data privacy laws in the United States, such as with the <a href=\"https:\/\/www.cookiebot.com\/en\/virginia-vcdpa\/\">Virginia Consumer Data Protection Act (VCDPA)<\/a> and the <a href=\"https:\/\/www.cookiebot.com\/en\/california-privacy-law-ccpa-ccpa-compliance-with-cookiebot-cmp\/\">California Consumer Privacy Act (CCPA)<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-opt-in-consent\">Opt-in consent<\/h3>\n\n\n\n<figure class=\"wp-block-image aligncenter size-large is-resized cb-rounded\"><img decoding=\"async\" src=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optin-consent.svg\" alt=\"Opt-in Consent\" class=\"wp-image-14254\" width=\"770px\" height=\"auto\" srcset=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optin-consent.svg?v=6feddc5d2b115d78 150w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optin-consent.svg?v=6feddc5d2b115d78 300w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optin-consent.svg?v=6feddc5d2b115d78 768w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optin-consent.svg?v=6feddc5d2b115d78 1024w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/optin-consent.svg?v=6feddc5d2b115d78 770w\" sizes=\"(max-width: 770px) 100vw, 770px\" \/><\/figure>\n\n\n\n<p>Opt-in consent, also known as explicit or prior consent, is when cookies are blocked until the user performs a specific action like ticking a checkbox or clicking an \"Accept\" button, giving explicit consent to a website\u2019s cookie usage. This type of consent is required under the <a href=\"https:\/\/www.cookiebot.com\/en\/gdpr\/\">General Data Protection Regulation (GDPR)<\/a>.<\/p>\n\n\n\n<p>A number of laws require individuals to be able to provide overall consent, i.e. to all data processing services in use, or granular consent, i.e. only to some services they choose. Regardless of granularity, the consent must be explicit. Individuals must also be able to deny all consent for data processing, or to be able to easily revoke previously granted consent.<\/p>\n\n\n\n<p>This type of consent is required for compliance with the<a href=\"https:\/\/www.cookiebot.com\/en\/gdpr\/\"> <\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-mixed-consent\">Mixed consent<\/h3>\n\n\n\n<figure class=\"wp-block-image aligncenter size-large is-resized cb-rounded\"><img decoding=\"async\" src=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/mixed-cosent.svg\" alt=\"Mixed consent\" class=\"wp-image-14255\" width=\"770px\" height=\"auto\" srcset=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/mixed-cosent.svg?v=76c1f445023761d5 150w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/mixed-cosent.svg?v=76c1f445023761d5 300w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/mixed-cosent.svg?v=76c1f445023761d5 768w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/mixed-cosent.svg?v=76c1f445023761d5 1024w, https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/mixed-cosent.svg?v=76c1f445023761d5 770w\" sizes=\"(max-width: 770px) 100vw, 770px\" \/><\/figure>\n\n\n\n<p>Mixed consent is when different types of cookies are treated differently based on their purpose. For example, implied consent for analytics cookies and explicit consent for advertising cookies.<\/p>\n\n\n\n<p>The <a href=\"https:\/\/www.cookiebot.com\/en\/cpra\/\">California Privacy Rights Act (CPRA)<\/a> takes a mixed approach to consent, requiring opt-in consent for certain types of data and activities (when data belongs to a child or is categorized as sensitive), while allowing opt-out consent for other uses.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-are-gdpr-cookie-compliance-requirements\">What are GDPR cookie compliance requirements?<\/h2>\n\n\n\n<p>GDPR cookie compliance refers to General Data Protection Regulation requirements for websites to obtain valid consent from users before activating cookies or other tracking technologies that collect and process personal data. The key aspects of GDPR cookie compliance are:<\/p>\n\n\n\n<ul style=\"background-color:#f2f7fe\" class=\"cb-rounded has-background wp-block-list\">\n<li>Websites must obtain \u201cfreely given, specific, informed and unambiguous\u201d consent from users before using non-essential cookies. This means no pre-ticked boxes or assuming consent if the user continues scrolling, closes the consent banner, or otherwise does not take explicit consent action.<\/li>\n\n\n\n<li>Users must be provided with accessible and clear information about the cookies being used, their purposes, legal basis for processing, third-party access to data, and more. This is usually provided in a cookie policy.<\/li>\n\n\n\n<li>Users must be able to easily withdraw their consent or change their cookie preferences at any time, and it should be as easy to withdraw as giving consent.<\/li>\n\n\n\n<li>Consent must be securely documented and stored as proof of compliance, ready to show authorities if needed, or provided with a data subject access request.<\/li>\n\n\n\n<li>Only essential cookies for basic website functions can be used without consent, however, users must still be notified about the purposes of essential cookies. All other cookies and trackers, like those for analytics and marketing, require explicit consent.<\/li>\n<\/ul>\n\n\n\n<p>To achieve GDPR cookie compliance, websites commonly use a <a href=\"https:\/\/www.cookiebot.com\/en\/best-consent-management-platforms\/\">consent management platform (CMP)<\/a>. The best CMPs can scan for all cookies and trackers present on a website, list and categorize them, block them until consent is given, provide the required information and consent options to users, and securely store consent records.<\/p>\n\n\n\n<figure class=\"wp-block-image aligncenter size-large is-resized cb-rounded\"><img decoding=\"async\" src=\"https:\/\/www.cookiebot.com\/en\/wp-content\/uploads\/sites\/7\/2024\/06\/CB-First-Layer-WIX-1024x650.png\" alt=\"CB First Layer\" class=\"wp-image-14256\" width=\"770px\" height=\"auto\" srcset=\"https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2024\/06\/CB-First-Layer-WIX-1024x650.png 1024w, https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2024\/06\/CB-First-Layer-WIX-300x191.png 300w, https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2024\/06\/CB-First-Layer-WIX-768x488.png 768w, https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2024\/06\/CB-First-Layer-WIX.png 1480w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n<div class=\"cta-block cta-block--size-s cta-block--only-buttons cb-ctx--blue\">\n        <div class=\"cta-block__glass\">\n        <div class=\"cta-block__inner\">\n            <div class=\"cta-block__left-column\">\n                                                    <h2 class=\"cta-block__title no-default-margin like-h4\">\n                        Scan your website for free to check cookies on your website and generate a detailed cookie audit report in minutes.                    <\/h2>\n                                                                                                                                                                        <\/div>\n                            <div class=\"cta-block__right-column\">\n                                                                <div class=\"cta-block__buttons\">\n                                                    <div class=\"cta-block__buttons__button-wp\">\n                                <a id=\"62c724bc-96cf-4464-acc6-9207f9040f39\" class=\"cb-button cb-button-size-l cb-button-contained  no-default-link-decoration cb-button-icon-right cta-block__buttons__button\" href=\"https:\/\/www.cookiebot.com\/en\/cookie-checker\/\" target=\"_blank\">\n<span>Scan now<\/span><\/a>\n                                                            <\/div>\n                                                                        <\/div>\n                                                        <\/div>\n                    <\/div>\n    <\/div>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-cpra-ccpa-cookie-compliance\">What is CPRA\/CCPA cookie compliance?<\/h2>\n\n\n\n<p>The California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) are data privacy laws in California that regulate how businesses handle the personal information of California residents. The CCPA was the first of the modern comprehensive data privacy laws passed in the United States, and the CPRA amended and expanded it. Here are the key requirements for CPRA\/CCPA cookie compliance:<\/p>\n\n\n\n<ul style=\"background-color:#f2f7fe\" class=\"cb-rounded has-background wp-block-list\">\n<li>Businesses should disclose in their <a href=\"https:\/\/www.cookiebot.com\/en\/cookie-policy\/\">cookie policy<\/a> what types of cookies and tracking technologies they use and for what purposes as a best practice and to ensure clear user notification.<\/li>\n\n\n\n<li>Businesses must provide a \"Do Not Sell or Share My Personal Information\" link that enables California residents to opt out of the sale or sharing of their personal information collected via cookies and other tracking technologies.<\/li>\n\n\n\n<li>Companies must obtain prior opt-in consent for sensitive types of personal information collection or data belonging to children (consent must be obtained from a parent or guardian)<\/li>\n<\/ul>\n\n\n\n<p>While the CCPA did not explicitly require cookie consent banners, the CPRA's opt-in consent requirements for non-essential cookies make consent banners a best practice for compliance.<\/p>\n\n\n\n<p>Learn more about similarities and differences between <a href=\"https:\/\/www.cookiebot.com\/en\/ccpa-vs-gdpr\/\">the CCPA vs the GDPR<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-other-privacy-laws-related-to-cookie-compliance\">Other privacy laws related to cookie compliance<\/h2>\n\n\n\n<p>Although frequently mentioned, the GDPR and the CPRA are not the only privacy regulations requiring cookie consent. More and more <a href=\"https:\/\/www.cookiebot.com\/en\/cookie-law\/\">cookie laws<\/a> and regulations that cover cookie use are coming into effect, such as:<\/p>\n\n\n\n<ul style=\"background-color:#f2f7fe\" class=\"cb-rounded has-background wp-block-list\">\n<li><a href=\"https:\/\/www.cookiebot.com\/en\/florida-digital-bill-of-rights-fdbr\/\">Florida\u2019s Digital Bill of Rights (FBDR)&nbsp;<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.cookiebot.com\/en\/lgpd\/\">Brazil's LGPD<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.cookiebot.com\/en\/popia\/\">South Africa's Protection of Personal Information Act (POPIA)<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.cookiebot.com\/en\/personal-information-protection-law-pipl\/\">China\u2019s Personal Information Protection Law (PIPL)<\/a><\/li>\n<\/ul>\n\n\n\n<p>These laws show a global trend towards stricter data privacy rules, making it important to get proper cookie consent from users to comply with different legal requirements. Even when prior consent is not required by law, transparency with users and requesting consent are best practices and are a good way to improve customer experience and build trust.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-are-the-consequences-of-cookie-noncompliance\">What are the consequences of cookie noncompliance?<\/h2>\n\n\n\n<p>The consequences of noncompliance with cookie consent laws like the GDPR, CPRA, and other data privacy regulations can be severe.<\/p>\n\n\n\n<p>Monetary fines are a common consequence. Under the GDPR, companies can face fines of up to EUR 20 million or 4 percent of their global annual revenue, whichever is higher, for serious violations. CPRA violations can result in fines of up to USD 7,500 per intentional violation or violations involving minors.<\/p>\n\n\n\n<p>Legal action is another consequence. In some jurisdictions data protection authorities can take legal action against noncompliant companies. This can include levying temporary bans on data processing activities and requiring deletion of data, which can cause serious issues for maintaining business operations. Class-action lawsuits from consumers (private right of action) are also a risk in some regions.<\/p>\n\n\n\n<p>Lastly, reputational damage is another consequence. News of fines and legal actions can severely damage a company's reputation and consumer trust. Consumers are increasingly aware of privacy issues and may leave or avoid businesses they don\u2019t trust with their data or privacy.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-how-to-become-cookie-compliant\">How to become cookie compliant?<\/h2>\n\n\n\n<p>No matter the location of your company, there are certain steps you can take to implement best practices and become cookie-compliant.&nbsp;<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Start by identifying the cookies and trackers in use on your website. You cannot achieve cookie compliance without knowing what cookies your website sets on users\u2019 devices. Be aware that some third-party ones can be more difficult to detect. The first step is to conduct a cookie audit to identify all the cookies and trackers used on your site.<\/li>\n\n\n\n<li>Have a clear and accessible cookie policy that explains what cookies you use, their purposes, and how long they last, and other required information. This policy should be linked to your cookie banner. Ensure that it\u2019s kept up to date.<\/li>\n\n\n\n<li>Have a privacy policy that outlines how you process users' personal data collected via cookies. Link to this policy whenever collecting data. Under some countries\u2019 requirements a privacy policy link must be placed on each page of the website. Also ensure that the privacy policy is kept up to date.<\/li>\n\n\n\n<li>Use a cookie banner displaying clear <a href=\"https:\/\/www.cookiebot.com\/en\/cookie-texts\/\">cookie text<\/a> to inform individuals about the cookies being used, their purposes, expiration periods, and third-party providers. The banner must give people clear options to accept or reject each type of cookie. The language should be easy to understand. Do not use <a href=\"https:\/\/www.cookiebot.com\/en\/cookie-walls\/\">cookie walls<\/a> that block access until visitors give consent.&nbsp;<\/li>\n\n\n\n<li>Enable users to consent granularly, and to easily change or withdraw their cookie consent at any time. Respect consent withdrawals immediately by stopping tracking.<\/li>\n\n\n\n<li>Document and store records of users' cookie consent choices to demonstrate compliance. Store consent records for both accepted and rejected cookies.&nbsp;<\/li>\n\n\n\n<li>Conduct periodic audits to identify any new cookies in use on your site and update your policies and consent flows accordingly.<\/li>\n\n\n\n<li>Consider using <a href=\"https:\/\/www.cookiebot.com\/en\/google-consent-mode\/\">Google's Consent Mode<\/a> to maintain some analytics data even when cookies are rejected.&nbsp;<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-first-step-to-becoming-cookie-compliant-conduct-a-nbsp-website-cookie-compliance-check\">The first step to becoming cookie compliant: conduct a&nbsp; website cookie compliance check<\/h2>\n\n\n\n<p>The first step to becoming cookie-compliant is to conduct a comprehensive website cookie audit. This involves identifying, categorizing, and documenting all cookies and tracking technologies used on your website.<\/p>\n\n\n\n<p>Cookiebot CMP can automate this process. The CMP scans your website to detect all cookies and trackers being used, automatically categorizes them based on purpose (e.g. necessary, preferences, statistics, marketing), and generates a cookie declaration report you can use for consent notification, in your cookie notice, and elsewhere.<\/p>\n\n\n<div class=\"cta-block cta-block--size-s cta-block--only-buttons cb-ctx--blue\">\n        <div class=\"cta-block__glass\">\n        <div class=\"cta-block__inner\">\n            <div class=\"cta-block__left-column\">\n                                                    <h2 class=\"cta-block__title no-default-margin like-h4\">\n                        Experience streamlined cookie compliance \u2013 try Cookiebot CMP free for 14 days!                    <\/h2>\n                                                                                                                                                                        <\/div>\n                            <div class=\"cta-block__right-column\">\n                                                                <div class=\"cta-block__buttons\">\n                                                    <div class=\"cta-block__buttons__button-wp\">\n                                <a id=\"f6f33d40-647c-4c82-97e2-09aa193e1259\" class=\"cb-button cb-button-size-l cb-button-contained  no-default-link-decoration cb-button-icon-right cta-block__buttons__button\" href=\"https:\/\/admin.cookiebot.com\/signup\" target=\"_blank\">\n<span>Start free trial<\/span><\/a>\n                                                            <\/div>\n                                                                        <\/div>\n                                                        <\/div>\n                    <\/div>\n    <\/div>\n<\/div>\n\n\n\n\n","protected":false},"excerpt":{"rendered":"<p>When it comes to data privacy and compliance with privacy regulations, cookies are a crucial consideration because they are one of the most common methods of collecting user data. Cookies are small text files that websites store on users' devices. They enable various features and functions and also track preferences and behaviors to provide insights [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":14250,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":true,"editor_notices":[],"footnotes":""},"categories":[1],"tags":[],"class_list":["post-979","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"acf":[],"thumbnail_status":false,"thumbnail_url":"https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2020\/11\/cookie-compliance_1200x630_ffffff.png","_links":{"self":[{"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/posts\/979","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/comments?post=979"}],"version-history":[{"count":0,"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/posts\/979\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/media\/14250"}],"wp:attachment":[{"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/media?parent=979"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/categories?post=979"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cookiebot.com\/us\/wp-json\/wp\/v2\/tags?post=979"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}