Five key things to do to achieve cookie compliance

Written by Stine Mangor on .

Installing Segment custom source

Your website is one of your most valuable assets. It is a way of attracting customers, and also getting to know more about the people who visit your site, sign-up to your service and buy your products. Placing cookies is crucial in this context.

Cookies can provide insights into which activities support growth and revenue best and where to focus time, effort, and ad spend. However, with the California Consumer Privacy Act, EU cookie directive, and a new cookie regulation on its way in Europe, the requirements for consent and compliance are increasing. Data authorities around the world have started to issue fines against companies with non-compliant cookie-banners, which has only increased the incentive to do the right and compliant thing. But, where do you start, in the journey to compliance?



We have outlined the 5 key things you need to do in order to collect cookie consents the right way.

To be compliant, you have to define and inform your website users about your cookie practices. This is done through your cookie policy. This policy must include information about;

  • which types of cookies you use,
  • the purpose of each cookie type,
  • the cookie expiration date,
  • which cookie service providers you use,
  • whether the cookies are first or third party.

Remember that the cookie policy must be accessible on your website and in your cookie banner.

2. Make sure you have a privacy policy

A privacy policy describes how you are processing your users’ personal data. The policy is necessary because you are collecting personal data about your users when you are using cookies.

A privacy policy should outline:

  • how you will process your users’ personal data,
  • which data you are collecting about them,
  • what you will do with the data,
  • who you will share it with,
  • for how long you keep it,
  • and how you will keep it safe and secure.

The policy needs to exist as a separate page on your website. You must link to this whenever you collect data about your users, e.g., when they are signing up for your service.

We all know the cookie banner, the pop-up that greets us whenever we enter a new website. This is the form where your user accepts or rejects your use of cookies, e.g cookies for statistics. You cannot legally start to track your users before they have consented to this.

You must always include the following information in your cookie banner:

1) what the purpose of the cookie is

2) the expiration of the specific cookies

3) what cookie services providers you are using

4) the types of cookies you are using

5) you must give your users the option to say “yes” or “no” to the specific cookies/purposes.

Finally, the information in the banner must be written in a way that is easy to understand, and you cannot pre-tick the consent options for the user. It must be left up to the user to tick the boxes.

4. Your users must be able to change their settings

You have to make sure that it is easy for your users to change their cookie consent settings at any given time. When they retract a given consent, this must be respected, and tracking must stop immediately. A user must still be allowed to use or access your website, regardless of whether they have consented to any of your cookies.

5. Documentation, documentation, documentation

One of the most important aspects in achieving compliance is documentation. You have to be able to prove the steps you have taken to be compliant, by documenting and storing the consents you have obtained. If you don’t have adequate documentation in place, then essentially any consent you may have obtained does not exist in the eyes of data authorities.

We know how frustrating it can be to keep track of your cookie consents. That’s why we have built a cookie consent solution to help you obtain, track, process, and store compliant cookie consents.

We have built a cookie solution with compliance in mind, where the user is asked for consent, at a time where it actually provides value for them - and you.

Read more about our cookie consent solution

Get a free cookie solution

  • Automatic Cookie Detection
  • Local laws, Local setup
  • Developer-friendly
  • Full audit-trail
Learn more

Get started with our free location based cookie consent solution that looks good and is easy to implement

Use Legal Monster to collect and record consent for all cookies used on your site without bothering people when the law says it's okay.

Get started with our free cookie solution
image