We see a lot of websites including Google Analytics or Facebook Pixel Tracking or similar JavaScript URLs called before cookie banners are displayed. By GDPR, users, at first, must give their consent on advertising or analytics tracking before calling external services i.e. from Google or Facebook.
Displaying a cookie banner with only one button like “Accept” or “Got it” is not legal. It does not give your users a free choice to reject unnecessary cookies.
Make sure that non-essential cookie groups are displayed as not pre-checked by default in the advanced cookie settings window. Explicit consent requires a very clear and specific statement of consent.
✱ The number of free copies is limited. No registration is required.
The author of this guide is Yuli Stremovsky. He is a world-class software and security architect. Founder of Privacybunker.io and Databunker.org privacy products. Former Checkpoint, and RSA Security employee. An expert in marrying technological solutions with privacy.
You can always reach him at yuli@privacybunker.io.