🆕 Are hidden website trackers putting your brand at risk? Find out now! 🔎
KetchBlogConsent management

How to create a compliant and user-friendly website cookie notice

Learn how to create a compliant and user-friendly website cookie notice that meets GDPR and CCPA requirements, and inform users about data collection practices.
Sam Alexander
Tags
Consent management
Read time
7 min read
Last updated
October 29, 2024
Ketch is simple,
automated and cost effective
Book a 30 min Demo

As companies and brands increase their online presence, there are several implications for business. One such implication is the risk of heavy fines due to data privacy regulations

A major consideration in thinking about online web presence and data privacy is online cookies — small data files that websites use to collect and store user information. While cookies have several advantages for website owners and users, such as improving user experience, their use comes with the need for cookie notices and cookie compliance.

What is a website cookie notice?

A website cookie notice is a notification that informs users about a website’s use of cookies. It typically appears as a banner when a user first lands on a website. The notice explains the types of cookies used, the data collected, and how the information will be utilized. Users must then agree or decline to accept these cookies.

Importance of cookie notices

The whole concept of website cookie notices is what is referred to as cookie compliance. Cookie compliance means websites informing and obtaining user consent to use cookies. However, it goes deeper than that. It also involves understanding the legal requirements around the use of cookies.

For instance, the GDPR cookie notice guideline has set strict rules for websites when obtaining valid consent, such as having online cookie banners that allow users to make an active choice — simply continuing to use the site does not constitute valid consent. Moreover, website cookie notices should be clear, concise, and easily understandable.

Read more: Free cookie banner: collect consent in 5 minutes or less

Do I need a cookie notice on my website?

You need a cookie notice if your website collects personal data through cookies, especially if you're targeting users in regions with privacy laws like GDPR, CCPA, or CPRA. The notice informs users about data collection, lets them opt in or out of non-essential cookies, and ensures transparency and compliance.

Read more: Do I need a cookie policy on my website?

Legal requirements for cookie notices

General Data Protection Regulation (GDPR): GDPR requires explicit consent from users before cookies can be placed on their devices. A GDPR-compliant cookie notice must include:

  • A clear accept button.
  • Information on data usage.
  • Links to cookie settings and privacy policies.
  • Details on third-party data sharing.

Read more: What are some GDPR cookie consent examples?

California Consumer Privacy Act (CCPA): CCPA requires businesses to inform users about data collection and allows users to opt out of the sale of their personal information. Cookie notices must provide:

  • Information on data collection and usage.
  • An opt-out option via a "Do Not Sell" button.

Read more: Is your cookie consent banner compliant with privacy laws? 

How to create a compliant website cookie notice

Here's a brief step-by-step guide:

  1. Draft Clear and Informative Text: Write cookie notice text that is easy to understand and includes all necessary information.
  2. Design the Banner: Create a banner that is noticeable but not intrusive. Ensure it blends with your website design.
  3. Implement the Notice: Use a cookie consent tool or plugin to implement the notice on your website.
  4. Test and Optimize: Test the banner to ensure it works correctly and complies with legal requirements. Optimize as necessary

Read more: How to add cookie messages to your website

Best practices for cookie notices

Follow these common best practices for creating your website cookie notices:

  • Use Plain Language: Ensure the notice is clear and easy to understand.
  • Provide Options: Allow users to accept, reject, or customize cookie settings.
  • Keep it Visible: Ensure the notice is prominent but does not disrupt the user experience.
  • Regular Updates: Keep the notice updated with any changes in privacy laws or cookie usage.

Read more: What to look for in a cookie banner

What should my cookie notice say?

Your cookie notice should explain what cookies are, what types are used, their purpose, and whether third parties have access to collected data. It should also inform users about their rights, how to manage or reject cookies, and link to your full cookie policy for more details.

Examples of effective website cookie notices

Today, most, if not all, websites use cookie notices. This is vital in ensuring that they meet the GDPR cookie compliance requirements. To meet these requirements, cookie notices should include the following elements:

  • The cookie notice must clearly inform users that the website uses cookies and why it uses cookies.
  • Cookie notice text must be in plain and easy-to-understand language.
  • It should allow users to accept or reject cookies based on their preferences.
  • The notice should offer a way for users to change their cookie preferences at any time.

A look at various website cookie notice examples can give us a clear picture of how they incorporate these elements into their cookie notices.

Google

Take, for example, Google’s cookie banner. It provides a clear message about cookies and offers users options to customize or accept the default settings. This gives users control over their data, which is a key principle of the GDPR.

SeatGeek's website cookie notice example

SeatGeek

Another good example is SeatGeek’s privacy notice experience. Located at the bottom of the website, it not only notifies users about the use of cookies but also explains why they are used. SeatGeek also allows users to accept, reject and manage consent preferences for cookies.

“We needed a fast, easy-to-deploy privacy solution and Ketch delivered on that promise. Onboarding was straightforward thanks to their qualified, hands-on customer experience team.”

Tim Janas, Senior Corporate Counsel, SeatGeek

Cookie notice and compliance go hand in hand. Website cookies enhance compliance by informing users about how the website collects and uses their data and giving users control by allowing them to decide whether or not to accept cookies. Therefore, companies must strive to achieve cookie notice compliance by implementing cookie notice best practices and continuously updating their notices based on different data privacy laws.

Go further:

Sam Alexander

Sam Alexander brings a wealth of technical prowess and industry experience garnered from his tenure at both Zendesk and KVH. Sam has a BS in Computer Science and Mathematics from Brown University.
Tags
Consent management
Read time
7 min read
Published
May 18, 2023
Need an easy-to-use consent management solution?

Ketch makes consent banner set-up a breeze with drag-and-drop tools that match your brand perfectly. Let us show you.

Book a 30 min Demo

Continue reading

Product, Privacy tech, Top articles

Advertising on Google? You must use a Google certified CMP

Sam Alexander
3 min read
Marketing, Privacy tech

3 major privacy challenges for retail & ecommerce brands

Colleen Barry
7 min read
Marketing, Privacy tech, Strategy

Navigating a cookieless future with Google Privacy Sandbox

Colleen Barry
7 min read
Get started
with Ketch
Begin your journey to simplified privacy operations and granular data control across the enterprise.
Book a Demo
Ketch was named top consent management platform on G2