Cookie Consent Examples

Your website needs a Cookies Policy if you use cookies to collect personal data from visitors and your visitors are located within the EU (even if you aren't). Cookies are small text files that act as a short-term memory for the web. A site can easily remember bits of information between visits or pages as the cookies are stored in the user's browser.

Cookies are mainly used to:

  • Recall users' habitual preferences
  • Recognize users' devices
  • Help website users' complete tasks without having to re-enter their information when visiting the page later

While cookies are meant to enhance a user's web experience, sometimes cookies collect information across different sites. The data collected is then used to create behavioral profiles which are used to determine what adverts or content the user views.

What is a Cookies Policy?

A Cookies Policy is a detailed guideline that tells a user how cookies are used, the different types of cookies your website uses, and how the user can prevent or control cookies placed on their browser.

If you run your business within the EU or direct it towards people in the EU, you need to have a separate Cookies Policy even though a Privacy Policy includes a section that covers Cookies.

Why is the Cookies Policy required?

Why is the Cookies Policy required?

The Cookie Law began as an EU order and was made law in 2011. The law was designed to inform users of how data about them is gathered and utilized online. Also, the directive gives users the privileges to decline the use of cookies that interfere with their privacy while online. This law was designed to protect online privacy.

If you have a website, you need to ensure that it complies with this directive. This could mean making some changes.

Failure to comply with the Cookie Law could risk enforcement action from the regulators. You could also part with a fine. The Information Commissioner's Office provides a detailed brief on what you need to do to comply with the Cookie Law and how these rules affect applications.

Requirements in the European Union

As a website owner, you need to comply with the EU Cookies Law if run any EU business. This means that you need to have a Cookie Policy if your website is based in the EU or targets an EU audience.

Your visitors need to know that your site uses cookies and which type of cookies are in use. Also, you need to provide the users with a chance to limit placement of these cookies on their devices.

A Cookies Policy provides comprehensive information about your use of cookies to your visitors. Although banner and pop-up boxes notify your users that cookies are in place, having a Cookies Policy gives further information to the users.

Requirements in the United States

If you run a US-based business and you mostly target businesses located in the United States, you don't need to comply with the EU Cookies Law. However, if you have a US-based company and your main target is the European Union countries, then you must comply with the EU Cookies Law.

In the US, cookies are not separated from privacy laws like in the EU. The Federal Trade Commission implement data and privacy security laws and regulations in the US. You're likely to see a general privacy policy with most US-based business that highlight cookies as a section.

All EU-based websites have a Cookies Policy and a separate Privacy Policy.

A great example of a website that has a separate Cookie and Privacy Policy is LinkedIn.

LinkedIn Sign-Up Form with Policy links and Agree button

You'll notice that LinkedIn's Cookie Policy is separate from their Privacy Policy.

What Content Should Your Policy Contain?

Your Cookie Policy should have simple information. A compliant policy should inform your users of:

  • What cookies are and why they are in place
  • Which type of cookies your site uses and if there are any third party cookies
  • How you plan to use the cookies
  • Ways through which a user can opt out of having cookies on their devices

The policy needs to use easy to understand, basic language for the user to understand the information being conveyed.

Below is an example of Unilever's Cookie Notice. Even though it's called a "Notice" and not a "Policy" it functions in the same way as a Policy. Note how short and straightforward the Policy is, and how the site defines cookies and provide useful links at the bottom.

Screenshot of Unilever's Cookie Notice page

Unilever defines what cookies are, why they are used the type of cookies used, and how users can control or delete cookies.

Popular Websites and Their Cookie Notifications

Popular Websites and Their Cookie Notifications

You need to let your visitors know that cookies are in use and that there is a Cookie Policy in place that they can easily access.

Different sites use a variety of ways to inform users of cookies and their Cookie Policies. Some of the efficient, yet convenient methods for issuing this notification include:

  • Banner pop-ups
  • General pop-ups
  • Footer pop-ups

Banner Pop-up Notifications

Banner pop-ups appear at the top of the website and are hard to miss. You can use these notifications to alert a user that your site uses cookies, link to your Cookie Policy, and ask for a user's consent with clear language and some sort of clickable button or box.

The Food Network website features a prominent banner pop-up notification that lets the users know that cookies are used. Note how they provide a link to their Cookies Policy and ask for users to click an Accept button to allow cookies to be used.

The Food Network UK Cookies Notice

Intrum uses a pop-up message as a banner. While a user can continue accessing the site and viewing their different products, the pop-up does not disappear from the top of the website until the user accepts cookies.

Intrum Cookies Notice

The Hemming Group has a very short and simple pop-up message. It says that the site uses cookies, tells the user what to do to accept this, and links to the Cookie Policy.

Hemming Group Cookies Notice

Vodafone informs site visitors that cookies are used by both Vodafone and its partners. A way to accept cookies is provided as well as a way to manage cookies to adjust and customize which ones are allowed.

Vodafone Cookies Notice

General Pop-up Notifications

General pop-up messages appear anywhere on your site. The messages need to be visible and clear. You also need to let the user know why the message appears and what your intentions are.

You can also provide a link to your Cookies Policy in the pop-up box message. This allows users to learn more about cookies and ways to control them in the cookies settings.

BT has its cookie notification front and center on its site. The pop-up comes up when you're browsing and it's meant to notify you of its Cookie Policy. It's impossible to miss as the rest of the website is greyed out until the visitor clicks something in the notice.

BT Cookies Notice

Zara displays its Cookies Notice at the bottom left part of the screen to notify users of their use of cookies. It doesn't link users to a Cookie or Privacy Policy, though, and from this page, no policies are accessible.

This isn't a very good method because it makes your site visitors make a decision about cookies without being informed enough to do so.

Zara Cookies Notice

Footer Pop-up Notifications

Footer pop-up messages appear at the bottom of the site. This notification can have a link to your Cookies Policy as well as a link to continue or accept for the visitor to give their consent.

eBay UK's cookies notice appears at the bottom of the website. It scrolls with visitors so it's always present at the bottom until Accept is clicked. This makes it hard to miss.

eBay UK Cookie Notice in footer

John Lewis places its Cookies Notice at the bottom of its site as well. Visitors are told they can manage the use of cookies via browser settings, and the Cookie Policy is linked.

John Lewis Cookies Notice in footer

Premier League provides a brightly colored Cookie Notice in the website's footer. A Find Out More button links to its Cookie Policy, and the Accept button is very clearly labeled with text saying "I accept cookies from this site." This is a great Cookie Notice.

Premier League Cookie Notice

Sainsbury's has a footer Cookie Notice that stays in place until the user clicks Accept and close. The Find out more link goes to its Cookie Policy so users can make informed decisions before accepting cookies here.

Sainsbury's Cookie Notice in footer

Conclusion

By having a Cookie Policy and linking it to your Cookie Notification that you display on your website, you'll be complying with the Cookie Law.

Other privacy laws (like the GDPR) require you to get consent before using cookies and disclose your use in a Privacy Policy rather than a Cookie Policy. However, if you plan on doing international business, we highly recommend that you:

  • Have a Cookie Policy
  • Have a Privacy Policy
  • Have a Cookie Notice that links to your Policy (or Policies) and gets your site visitors to agree to your use of cookies

This website uses cookies, and also collects some information using Google Analytics. By continuing to use this website, you agree to our Privacy Policy, Terms of Use, and Disclaimer.