Data privacy laws such as Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) have made it obligatory for websites—at least those that do business in Europe and the United States and collect information from customers in these areas—to have a cookie message on their homepage.
But what is it, and how do you add it to a website?
Adding cookie messages to a website is much simpler nowadays, thanks to website plug-ins and data privacy services that allow you to customize your cookie message’s text, appearance, and options, on top of ensuring that it’s compliant with relevant laws.
You can also add cookie messages by building your own script that lets it pop up as soon as a user visits your site.
A cookie message is a pop-up or banner that appears on your website during a user’s first visit. It communicates your website’s use of cookies and gives people the option to opt-in or opt-out of the use of cookies.
Cookie messages also usually link to a businesses’ privacy policy, where the consumer rights established by data privacy laws are listed. Follow the link to an article that addresses the question: How often should a privacy policy be updated?
To ensure that people’s data privacy rights are upheld, a cookie message should contain:
A cookie message can also expand to include customization options, where users can choose which category of cookies they want to allow, e.g. just necessary cookies and marketing cookies, only preference cookies, etc.
A cookie message could display the following: "Welcome! We’re glad you’re here and want you to know that we respect your privacy and your right to control how we collect, use, and share your personal data. Please read our Privacy Policy to learn about our privacy practices."
Cookies are packets of data that computers receive and send to track users’ information. They’re generally harmless; website developers use them to create a more personalized and intuitive online experience, while business owners use them to get to know their customers better.
However, since cookies contain personal information, they are a potential risk to individuals’ privacy. So data privacy laws require businesses to either obtain consent before using cookies or at least inform consumers about how cookies collect and use their information.
Read more: Cookie banner requirements
Businesses can do this using a cookie message that immediately appears as soon as a person arrives at their website, ensuring that consent is obtained before that consumer uses the site.
‍
‍
To add a cookie message to your website, you can ask a website developer to create a script for your website, use built-in plug-ins (for websites that use development platforms or hosts like WordPress or Squarespace), or add tools from data privacy services. In case you want to know how to block cookies before consent, follow the link to that information.
If you have an in-house website developer, you can create a built-in script for a cookie message that fits your website. This is a good option if you’d like to have a pop-up or banner that’s cohesive with the general style of your platform. Just make sure that it includes all the necessary details and the opt-in/opt-out choices that comply with data privacy regulations.
Most website development sites and hosting services have created plug-ins that you can add to your website straight from the platform. Wix, for example, has a cookie banner that you can enable and customize on your website—without any complicated codes or scripts from your end.
Data privacy services can usually hook your website up with a cookie message through ready-made scripts or widgets that you can just add to your website. The advantage of these is that you’re 100% sure that your cookie message is compliant with any international and local data privacy laws.
Read more: Is your cookie consent banner compliant with privacy laws?
Adding a cooking message to your website ensures that you are doing your part to follow data privacy laws, essentially upholding people’s data privacy rights. Not all websites need to comply with regulations like the GDPR and the CCPA. But seeing as many international markets are putting value on data privacy, it’s good practice for all businesses to conform to these laws as soon as they can.
Go further: Get Ketch free and start collecting consent in 5 minutes of less