GDPR and Cookies

While GDPR does not specifically focus on cookies, it significantly impacts their use by emphasizing data protection principles and user consent. Key requirements include:

  • Informed Consent: Users must be informed about the use of cookies and provide explicit consent before cookies are placed on their devices.
  • Transparency: Clear information about the types of cookies used, their purposes, and how users can manage or withdraw consent.
  • Data Protection: Ensuring that any data collected through cookies is protected and processed in accordance with GDPR standards.
Website Cookies. The image shows two cookies resting on a laptop.

Cookies, No not the tasty ones!

ePrivacy Directive and the Upcoming ePrivacy Regulation

The ePrivacy Directive complements GDPR by specifically addressing electronic communications, including the use of cookies. It requires:

  • Prior Consent: Websites must obtain prior consent from users before storing or accessing cookies on their devices, except for cookies that are strictly necessary for the provision of the service.
  • Cookie Banners: Clear and easily accessible cookie banners or pop-ups that allow users to manage their cookie preferences.

The upcoming ePrivacy Regulation aims to update and harmonize privacy rules for electronic communications across the EU. It is expected to introduce even stricter requirements for obtaining user consent and ensuring transparency in cookie usage.

The Impact on the Wider World

The European Union’s stringent regulations on cookie usage have far-reaching implications beyond its borders. Here’s how these changes are influencing the global digital landscape:

Global Compliance

Businesses worldwide that operate in the EU or target EU citizens must comply with GDPR and the ePrivacy Directive. This has led to a widespread adoption of European privacy standards by international companies, influencing data protection practices globally.

Enhanced User Privacy

The emphasis on informed consent and transparency enhances user privacy and gives individuals greater control over their personal data. This shift towards privacy-centric practices is becoming a global trend, with other regions adopting similar regulations.

Standardization of Privacy Practices

European regulations are setting a benchmark for privacy practices, encouraging the standardization of data protection measures. This is particularly evident in regions like California, with the California Consumer Privacy Act (CCPA), and Brazil, with the General Data Protection Law (LGPD), which draw inspiration from GDPR.

Technological Innovations

The need to comply with stricter cookie regulations is driving technological innovations. Companies are developing more sophisticated tools for managing cookie consent and ensuring compliance. This includes advanced consent management platforms and privacy-focused browser features.

Challenges and Adaptation

While the new regulations enhance privacy, they also pose challenges for businesses. Companies must invest in updating their privacy policies, implementing consent management solutions, and ensuring continuous compliance. This adaptation process can be resource-intensive but ultimately leads to more trustworthy and transparent online practices.

How will you chose to implement your cookie policy?

  • Gold Star?
  • Silver Star?
  • Bronze Star?
  • Failed to comply with legislation?

Lets review a number of choices people have made..

One large gold star surrounded by smaller gold stars on every side with a black background

Gold Star

Gold example 1:

Legitimate Interest Gold example 1

Gold example 2:

Legitimate Interest Gold example 2

Gold example 3:

Legitimate Interest Gold example 3

Gold example 4:

Legitimate Interest Gold example 4

Gold example 5:

Legitimate Interest Gold example 5

Gold example 6:

Legitimate Interest Gold example 6

One large silver star surrounded by smaller silver stars on every side with a black background

Silver Star

Silver Example 1:

Silver Example 1

Silver Example 2:

Silver Example 2

Silver Example 3:

Silver Example 3

One large bronze star surrounded by smaller bronze stars on every side

Bronze Star

No ‘Deselect All’ option

Issue: Making people go to a cookie page, then forcing them to click through each of the options.

Reason: If a person is bothered by cookies then they are going to go through the hassle of deselecting these anyways. Very few customers are concerned as to if the cookies are functional, performance or targeted, simply that they are optionable.

Bronze Star example of essential cookie management. A lack of a deselect all for customer convenience.

Stop Sign, Failure to Comply.

Failed to comply!

No cookie request at all.

Some companies are still to update their websites, this includes some people who sell themselves as web specialists.

Making it look like you’ve complied, when you haven’t

There are companies out there who don’t want to comply with current cookie consent rules, they will make it look like they have given you the options to opt out but you don’t. In the example below when you click “Read More”

Cookie consent failed to comply. The image shows a read more options and an accept option. No options to reject optional cookies.

Contact us

Free Consultation - Find out how we can help your Cookies policy and implementation

Keeping in the best principles, we can help you with your Cookie policies and implementation on your website and ecommerce platforms.


  • 07827465816
  • queries@ringingtreeit.co.uk
  • Burnley, Lancashire, England