How to create a compliant and user-friendly website cookie notice

As companies and brands increase their online presence, there are several implications for business. One such implication is the risk of heavy fines due to data privacy regulations. 

A major consideration in thinking about online web presence and data privacy is online cookies — small data files that websites use to collect and store user information. While cookies have several advantages for website owners and users, such as improving user experience, their use comes with the need for cookie notices and cookie compliance.

What is a website cookie notice?

A website cookie notice is a notification that informs users about a website’s use of cookies. It typically appears as a banner when a user first lands on a website. The notice explains the types of cookies used, the data collected, and how the information will be utilized. Users must then agree or decline to accept these cookies.

Importance of cookie notices

The whole concept of website cookie notices is what is referred to as cookie compliance. Cookie compliance means websites informing and obtaining user consent to use cookies. However, it goes deeper than that. It also involves understanding the legal requirements around the use of cookies.

For instance, the GDPR cookie notice guideline has set strict rules for websites when obtaining valid consent, such as having online cookie banners that allow users to make an active choice — simply continuing to use the site does not constitute valid consent. Moreover, website cookie notices should be clear, concise, and easily understandable.

Read more: Free cookie banner: collect consent in 5 minutes or less

Do I need to put a cookie notice on my website?

Yes, you need a cookie notice on your website if you collect user data, especially if your audience includes individuals from regions with data privacy laws like GDPR or CCPA. This notice informs users about data collection practices and ensures legal compliance.

Read more: Do I need a cookie policy on my website?

Legal requirements for cookie notices

General Data Protection Regulation (GDPR): GDPR requires explicit consent from users before cookies can be placed on their devices. A GDPR-compliant cookie notice must include:

• A clear accept button.
• Information on data usage.
• Links to cookie settings and privacy policies.
• Details on third-party data sharing.

Read more: What are some GDPR cookie consent examples?

California Consumer Privacy Act (CCPA): CCPA requires businesses to inform users about data collection and allows users to opt out of the sale of their personal information. Cookie notices must provide:

• Information on data collection and usage.
• An opt-out option via a "Do Not Sell" button.

Read more: Is your cookie consent banner compliant with privacy laws? 

How to create a compliant website cookie notice

Here's a brief step-by-step guide:

1. Draft Clear and Informative Text: Write cookie notice text that is easy to understand and includes all necessary information.
2. Design the Banner: Create a banner that is noticeable but not intrusive. Ensure it blends with your website design.
3. Implement the Notice: Use a cookie consent tool or plugin to implement the notice on your website.
4. Test and Optimize: Test the banner to ensure it works correctly and complies with legal requirements. Optimize as necessary

Read more: How to add cookie messages to your website

‍

‍

Best practices for cookie notices

Follow these common best practices for creating your website cookie notices:

• Use Plain Language: Ensure the notice is clear and easy to understand.
• Provide Options: Allow users to accept, reject, or customize cookie settings.
• Keep it Visible: Ensure the notice is prominent but does not disrupt the user experience.
• Regular Updates: Keep the notice updated with any changes in privacy laws or cookie usage.

Read more: What to look for in a cookie banner

‍Examples of effective website cookie notices

Today, most, if not all, websites use cookie notices. This is vital in ensuring that they meet the GDPR cookie compliance requirements. To meet these requirements, cookie notices should include the following elements:

• The cookie notice must clearly inform users that the website uses cookies and why it uses cookies.
• Cookie notice text must be in plain and easy-to-understand language.
• It should allow users to accept or reject cookies based on their preferences.
• The notice should offer a way for users to change their cookie preferences at any time.

A look at various website cookie notice examples can give us a clear picture of how they incorporate these elements into their cookie notices.

Google

Take, for example, Google’s cookie banner. It provides a clear message about cookies and offers users options to customize or accept the default settings. This gives users control over their data, which is a key principle of the GDPR.

‍

SeatGeek

Another good example is SeatGeek’s privacy notice experience. Located at the bottom of the website, it not only notifies users about the use of cookies but also explains why they are used. SeatGeek also allows users to accept, reject and manage consent preferences for cookies.

“We needed a fast, easy-to-deploy privacy solution and Ketch delivered on that promise. Onboarding was straightforward thanks to their qualified, hands-on customer experience team.”

Tim Janas, Senior Corporate Counsel, SeatGeek

Cookie notice and compliance go hand in hand. Website cookies enhance compliance by informing users about how the website collects and uses their data and giving users control by allowing them to decide whether or not to accept cookies. Therefore, companies must strive to achieve cookie notice compliance by implementing cookie notice best practices and continuously updating their notices based on different data privacy laws.

‍Go further:

• ‍What is a cookie consent opt-in? 
• Consent management platform
• The ins and outs of consent management platforms