What You Need to Know!
Cookie Notice & Compliance for GDPR / CCPA
The General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are two major privacy laws that have been enacted to protect the personal data of individuals in the European Union (EU) and California, respectively. One of the key provisions of both of these laws is the requirement for websites and online services to provide clear and concise information about the use of cookies and other tracking technologies. This article will explore the requirements for cookie notice and compliance under GDPR & CCPA, and offer some best practices for organisations to ensure they are meeting these requirements.
Cookie Notice Requirements under GDPR & CCPA
Under both GDPR and CCPA, organisations are required to provide users with clear and concise information about the use of cookies and other tracking technologies on their websites and online services. This information should include details about the types of cookies that are being used, what data is being collected, and for what purpose.
In addition to this, both laws also require that organisations obtain consent from users before placing cookies on their devices. This consent must be freely given, specific, informed, and unambiguous, and must be obtained through a clear and transparent process.
Compliance with GDPR & CCPA

To ensure compliance with GDPR and CCPA, organisations should take the following steps:
- Conduct a thorough review of their use of cookies and other tracking technologies: This includes an assessment of the types of cookies that are being used, the data that is being collected, and the purposes for which it is being collected.
- Update their cookie notice: Organisations should ensure that their cookie notice is clear, concise, and provides all of the required information, including details about the types of cookies that are being used, the data that is being collected, and the purposes for which it is being collected.
- Obtain consent: Organisations should implement a consent mechanism that allows users to opt-in or opt-out of the use of cookies, and that meets the requirements of GDPR and CCPA. This could include using a pop-up banner, a toggle switch, or another similar mechanism.
- Keep records: Organisations should keep records of their use of cookies and other tracking technologies, including details of the consent that has been obtained from users, to demonstrate compliance in the event of a privacy investigation.
Best Practices for Cookie Notice and Compliance
In addition to the steps outlined above, there are several best practices that organisations can follow to ensure that their cookie notice and compliance efforts are effective:
- Be transparent: Make sure that your cookie notice is easy to understand and provides clear and concise information about the use of cookies and other tracking technologies.
- Make it easy to find: Place your cookie notice in a prominent location on your website, such as the footer, where users are most likely to see it.
- Provide easy access to your privacy policy: Make sure that users can easily access your privacy policy, where they can find further information about your use of cookies and other tracking technologies.
- Use clear language: Avoid using technical jargon or complex language in your cookie notice, and instead use language that is easy to understand.
- Regularly review and update: Regularly review and update your cookie notice and consent mechanisms to ensure that they continue to meet the requirements of GDPR and CCPA.
Sample Cookie Notice
“Cookie Notice
We use cookies on our website to personalise your experience and understand how you interact with our website.
By continuing to use our website, you consent to the use of cookies in accordance with our Cookie Policy. You can learn more about cookies and how to manage them in our Cookie Policy.
If you would like to change your cookie settings, or learn more about cookies, please click on the link below:
[Cookie Policy Link]
Thank you for choosing to use our website.
Accept”
You maybe interested in: