Find out exactly what your consent banner needs to include. Answer 3 quick questions about your visitors, cookies, and site type to get jurisdiction-specific requirements.
Do I Need a Cookie Consent Banner?
Whether you need a consent banner depends on two factors: where your visitors are located and what cookies/scripts your site uses. Under GDPR (EU/EEA), any non-essential cookie requires explicit opt-in consent before being set. Under CCPA (California), you need an opt-out mechanism but not prior consent.
Consent Requirements by Region
- EU/EEA (GDPR) — Opt-in consent required. Must have Reject All button. No pre-checked boxes. Cookie walls banned.
- UK (UK GDPR) — Same as EU. Enforced by ICO.
- California (CCPA/CPRA) — Opt-out model. "Do Not Sell/Share" link required. Must honor Global Privacy Control.
- Brazil (LGPD) — Consent required, similar to GDPR but allows legitimate interest for some cookies.
What Makes a Valid Consent Banner?
- No cookies before consent — tracking scripts must not fire until user clicks Accept
- Equal Accept/Reject options — Reject must be as easy as Accept (same prominence, no dark patterns)
- Granular choices — users must be able to select specific cookie categories
- Easy withdrawal — users must be able to change their consent at any time
- No pre-checked boxes — all non-essential categories must be unchecked by default
- Record keeping — you must be able to prove when and how consent was given
Explore More Privacy Tools
GDPR Fine CalculatorEstimate potential fines based on real enforcement casesDSAR Letter GeneratorGenerate data subject access requests for 20+ companiesTracker Weight DatabaseCompare 50+ tracking scripts by size and privacy riskGDPR Compliance Assessment30-question self-assessment with A-F gradingCookie & Tracker Knowledge BaseSearch 60+ cookies by vendor, duration, and GDPR statusPrivacy Analytics FinderCompare privacy-friendly alternatives to Google Analytics
View all 7 free privacy tools →