Skip to Content
ArekiboCare Manages your website 24/7 ArekiboCare
Close ArekiboCare

ArekiboCare is a dedicated 24/7 service for managing websites and digital platforms. We handle the details, so you can focus on what matters—your business and life.

Learn more
Contact
Menu
Apr 08, 2025

10 strategies to stay cookie compliant

By Liam Cahill DXP Delivery Lead

Compliance is king and the law in Europe. We've developed 10 strategies to keep your site in shape.

Cookie compliance is an essential consideration for any website. Under the EU General Data Protection Regulation (GDPR) and the ePrivacy Regulations, websites must obtain clear consent before storing or accessing cookies on a user’s device, except for those necessary for the site's basic functionality. Failure to do this can result in heavy fines, legal action, and damage to user trust.

Our 10 practical guidelines to stay compliant

  1. Get clear consent - It is essential to provide clear user consent so that your users know exactly what they are agreeing to, a clear explanation of what each cookie does, the choice to accept or reject them, and the ability to withdraw consent at any time. Transparency fosters trust and signals to your users that you care. Clear consent is driven by providing users with a cookie banner and, preference centre. 
  2. Use a cookie management platform - Cookie banners are implemented using a cookie management platform (CMP). This will help facilitate compliance and provide an organised way to handle cookie consent and scan websites for first—and third-party cookies. It allows users to opt in, modify their preferences, or reject cookies easily. CMPs also help track which cookies are used, providing transparency and ensuring compliance. Some examples of CMPs include OneTrust, Cookie Bot, and User Centrics.
  3. Make it easy to change preferences - Users should be able to easily change their cookie preferences at any time. A simple way to do this is by adding a ‘cookie settings’ link in the footer of your site. Your cookie management platform will provide a dynamic tag to handle this. Ensure your users can change their preferences from any page on your website.
  4. Block cookies until consent is given - Ensure non-essential cookies are blocked until the user has given consent. This includes tracking and marketing cookies. It is critical that this is tested regularly to ensure that they do not load before consent is granted. You can test via your browser
  5. Conduct regular cookie scans - Running regular scans ensures your cookie management platform stays up-to-date. This helps identify new cookies added through code, content updates, or tools like Google Tag Manager. Set up monthly or quarterly scans based on how frequently your site is updated. 
  6. Ensure Google Tag Manager compliance - If you use Google Tag Manager (GTM), it should fit into your governance model. GTM can deploy tracking tags directly to your site, bypassing cookie consent. Make sure it’s properly configured to comply with consent requirements.
  7. Be careful with iframes and third-party cookies - Iframes are often used to embed third-party content (such as videos, social media plugins, or external forms) into your site. These embedded elements can set cookies on your users' devices. Any non-necessary third-party cookies from iframes or other external services should be blocked until consent is obtained. This includes cookies from services like YouTube, Facebook, or external forms, which often set tracking cookies without user awareness. Configure your site to prevent these cookies from loading before the user has provided explicit consent.
  8. Establish a governance model - A governance model ensures your team follows a clear process when adding new features or marketing tags to your site. It should outline who manages cookies, performs scans, and updates policies. The governance model should include roles, policies, and procedures and guide the proper use of your CMP. 
  9. Use Google Consent Mode V2 - Google Consent Mode V2 adjusts how Google services like Analytics and Google Ads collect data based on user consent. When users opt out, it ensures that no personal data is stored while still providing useful insights. Integrating it with a cookie management platform helps businesses stay compliant without losing essential website performance data.
  10. Provide a cookie listing - Make sure your cookie policy is easy to find and includes: 
  • A list of all cookies used
  • Their purpose and duration
  • Whether they’re first-party or third-party cookies
  • A link to the cookie settings page

By following these guidelines, your website and digital services will be well-equipped to meet GDPR requirements and provide users with clear, informed cookie consent.

If you need help achieving and managing your cookie compliance,  contact us to discuss how we can assist you.

Latest Articles

Cookie compliance 2025
08 Apr 2025 10 strategies to stay cookie compliant

10 tips for your website and digital services to maintain cookie compliance.

CMS Troubles - 5 Signs you need help
04 Apr 2025 5 signs you’re not managing your CMS platform effectively

There are clear-cut signs that your DXP/CMS management is getting out of control - perhaps it's time for some help?

Digital Experience Monitoring - DEM
02 Apr 2025 What is Digital Experience Monitoring - DEM?

Digital Experience Monitoring (DEM) is the service for managing and optimising user interactions across your digital platforms and services.