Join our webinar on democratizing data in the cloud with Forrester, Snowflake and TIAA - Sign up here

Start Now

In today’s privacy-aware world, an individual’s consent has become an integral part of any organization dealing with customer data. It refers to the authorization of the individual to allow the processing of his or her personal data. Most companies leverage consent as a lawful basis of data processing for marketing purposes including direct marketing and marketing via cookies.

With the growing concern of data privacy, most global privacy laws have tended to  emphasize the need for freely given consent from customers for the use of their personal data for marketing purposes. Consider the European Union’s data protection framework that requires organizations to obtain users’ consent prior to the use of cookies or similar tracking technologies. Such consent needs to be freely given, specific, informed, and unambiguous indication of the user’s wishes.

To fulfill this legal obligation, organizations must display cookie consent banners to obtain users’ consent. This article sheds light on what a cookie consent banner is, the types of a cookie consent banner, and how organizations can deploy a cookie consent banner on their websites as per the applicable law.

What is a Cookie Consent Banner?

A cookie consent banner is a notice that is displayed on websites and other apps upon the user’s visit. It is designed to inform the users of the use of cookies, consumer rights in regards to those cookies, and to request the user to grant consent to activate those cookies and process their personal data. The cookie consent banner must be sufficiently noticeable and in an easily accessible form. The text of the banner must be in clear, plain and unambiguous language for the average user to understand.

Examples and Layouts of Cookie Consent Banner

Here is an example of what a cookie consent banner looks like:

There are several types of cookie consent banners that can be integrated into your website and here are some examples of different types of cookie banners:

  • Top Header: This type adds a notification to the header of the site ensuring that the user is aware of its significance and interacts with it.
  • Inline Header: This style places a fixed notification within the header of every page of your site. This lets users know that you use cookies and that consent is assumed by continuing to use the site. This type of consent may not be acceptable under certain privacy regulations.
  • Footer: This is similar to the inline header with the difference of the notification being on the bottom of the page rather than the top. This is again opt-out consent and may be unacceptable under most regulations.
  • Modal: This cookie banner is a fixed pop-up box that remains on top of the page until the user interacts with it.

Cookie Consent Banner Layout

A cookie banner should be customized to fit your brand. Here are some examples of different banner layouts that you can incorporate into your website.

Types of Cookie Consent Banners

There are two main types of cookie consent banners that can be integrated into an organization's website.

1. Implicit Cookie Consent Banner

An implicit cookie consent banner does not automatically obtain the user’s consent, rather it assumes that the user has consented to the use of cookies by merely visiting the website. An example of this would be a banner that states “continuing to use this website will be taken as consent to use cookies”. Such cookie consent banners are compliant with data privacy laws that do not require organizations to obtain user’s consent for the use of cookies such as the United State’s California Consumer Privacy Act (CCPA).

An implicit cookie consent banner must include the following:

  • Information about the various types of cookies that the organization intends to drop including strictly necessary cookies, along with their purposes.
  • Notice of the right to opt-out of the sale of personal data via cookies.
  • A link to the organization’s privacy policy.
ccpa do not sell

2. Explicit Cookie Consent Banner

An explicit cookie consent banner obtains explicit consent from the user prior to the activation of cookies. Such cookie consent banners are compliant with data privacy laws that require organizations to obtain prior consent of the user for the use of cookies such as the European Union’s General Data Protection Regulation and e-Privacy Directive.

An explicit cookie consent banner must include the following:

  • Information about the various types of cookies that an organization intends to drop including the strictly necessary cookies, along with their purposes.
  • Equally prominent accept and reject buttons, thereby allowing users to withdraw the use of cookies as easily as they can accept it.
  • Selection and deselection of individual cookie categories based on their purposes.

The following table explains the requirement for a cookie consent banner in different jurisdictions:

Country/Jurisdiction Cookie Banner Type Key Requirements
European Union Explicit
  • Equal prominences to “accept” and “reject” options
  • Information about purposes of cookies
  • Selection and deselection of individual cookie categories
  • Clear and comprehensive information
  • Consent separate from terms and conditions
United States (CCPA) Implicit
United Kingdom Explicit
  • Equal prominences to “accept” and “reject” options
  • Information about purposes of cookies
  • Selection and deselection of individual cookie categories
  • Clear and comprehensive information
  • Consent separate from terms and conditions
France Explicit
  • Purposes of cookies must be highlighted in a short title
  • Details of the purposes under a drop-down button or a hypertext link
  • “Accept all” and “Reject all” buttons on the same information layer
  • “Accept all” and “Reject all” buttons to be of the same size, shape, and color
Spain Explicit
  • First information layer to consist of essential information including identity of website publisher and the purposes of cookies
  • Second information layer to consist of detailed information about types of cookies and their purposes
  • Cookie policy should be easily and permanently accessible to users
  • Both withdraw and accept options
Ireland Explicit
  • Equal prominences to “accept” and “reject” buttons
  • Link to the privacy policy and cookie policy
  • Individual cookie selection by purposes
Country/Jurisdiction European Union Cookie Banner Type Explicit Key Requirements
  • Equal prominences to “accept” and “reject” options
  • Information about purposes of cookies
  • Selection and deselection of individual cookie categories
  • Clear and comprehensive information
  • Consent separate from terms and conditions
Country/Jurisdiction United States (CCPA) Cookie Banner Type Implicit Key Requirements
Country/Jurisdiction United Kingdom Cookie Banner Type Explicit Key Requirements
  • Equal prominences to “accept” and “reject” options
  • Information about purposes of cookies
  • Selection and deselection of individual cookie categories
  • Clear and comprehensive information
  • Consent separate from terms and conditions
Country/Jurisdiction France Cookie Banner Type Explicit Key Requirements
  • Purposes of cookies must be highlighted in a short title
  • Details of the purposes under a drop-down button or a hypertext link
  • “Accept all” and “Reject all” buttons on the same information layer
  • “Accept all” and “Reject all” buttons to be of the same size, shape, and color
Country/Jurisdiction Spain Cookie Banner Type Explicit Key Requirements
  • First information layer to consist of essential information including identity of website publisher and the purposes of cookies
  • Second information layer to consist of detailed information about types of cookies and their purposes
  • Cookie policy should be easily and permanently accessible to users
  • Both withdraw and accept options
Country/Jurisdiction Ireland Cookie Banner Type Explicit Key Requirements
  • Equal prominences to “accept” and “reject” options
  • Information about purposes of cookies
  • Selection and deselection of individual cookie categories
  • Clear and comprehensive information
  • Consent separate from terms and conditions

 

How to create your own Cookie Consent Banner

A cookie banner is merely a script that you can embed on to your website and it shows up as a banner when a user visits your website. Securiti is offering organizations a free cookie banner script that they can integrate into their website in mere seconds. This cookie banner has benefits such as:

  • Global Web Footprint: Highly optimized front-end for low-latency page performance for global traffic.
  • Configurable Cookie Banner: Customize and style the look & feel to align with your brand.
  • Global Regulation Support: Reverse IP detection to present the appropriate compliance type for global compliance.
  • Maximize Optin Rate: Capture granular consent by processing purpose.

Securiti’s PrivacyOps platform enables organizations to build cookie consent banners by:

  • Providing relevant information to users about the use of cookies. Organizations can do so by giving layered information - banners with first and second information layers;
  • Making the accept and reject buttons equally prominent and informing data subjects of their rights to opt-in or opt-out of cookies;
  • Allowing data subjects to select and deselect individual cookies based on cookie categories or purposes;
  • Dropping non-essential cookies only after activation by the data subject; and
  • Positioning the cookie consent banner not to cover or block any critical information on the webpage.

Securiti has created a free service that will enable organizations to simplify their cookie consent process and take a step in the right direction towards complying with privacy regulations all over the world.

Scan your website and maintain GDPR/CCPA/LGPD compliant cookie consent - FREE

Provide a simple and secure way for your visitors to exercise their right to opt out of the sale of their information to advertisers.

Ask for a DEMO today to understand how Securiti’s Cookie Consent Management Solution can help you comply with cookie consent requirements of global privacy laws.

Share this

Our Videos

View More
2:56

China’s PIPL

China has drafted its new data protection law, Personal Information Protection Law (PIPL) that will strengthen the regulatory framework for privacy and data protection in China.

Learn More
View More
3:03

South Africa’s POPIA

The video gives an overview of South Africa's Protection of Personal Information Act (POPIA).

Learn More
privacy policy and notice management View More
02:26

Dynamic Privacy Policies & Notices

Automatically Update & Refresh Your Policies and Notices

Learn More
View More
02:37

Universal Consent & Preference Management

Simplify and automate universal consent management

Learn More
View More
01:53

Cookie Consent Management

Automate and manage the entire consent life cycle with efficiency for various cookie compliance regulations around the world.

Learn More
View More
3:06

Sensitive Data Intelligence

Discover granular insights into all aspects of your privacy and security functions while reducing security risks and lowering the overall costs

Learn More