Here you will learn everything you need to know about our cookie management solution:
⚙️ Take a look at this demo to see how the iubenda Cookie Solution works.
The ePrivacy Directive 2002/58/EC (or Cookie Law) was established to put guidelines in place for the protection of electronic privacy, including email marketing and cookie usage, and it still applies today.
💡The Cookie Law actually applies not only to cookies but more broadly speaking to any other type of technology that stores or accesses information on a user’s device (e.g. pixels tags, device fingerprinting, unique identifiers etc.). For simplicity, all such technologies, including cookies, are commonly defined as trackers. However, in this guide, the term cookie(s) and tracker(s) will be used interchangeably.
You can think of the ePrivacy Directive as currently “complementing” the GDPR in a sense, rather than being repealed by it.
Directives, generally speaking, set certain agreed-upon goals and guidelines in place with Member States being mandated to implement these directives into national legislation.
Regulations, on the other hand, are legally binding across all Member States from the moment they are put into effect and they are enforced according to union-wide established rules.
The Regulation is expected to maintain values similar to the Directive with much of the same guidelines applying.
The implementation of the Cookie Law depends on the legislation under which the site/app operates.
In general, the Cookie Law will apply to you if:
Under the Cookie law, organizations that target users from the EU must inform users about data collection activities and give them the option to choose whether it’s allowed or not.
In practice, you’ll need to:
For further details on the Cookie Law, we invite you to read our documentation and the official statements from the country you might be affiliated with or targeting. Great guidance can be accessed through the Article 29 Working Party (which is a group comprised of various data protection regulators that aim to simplify Europe’s diversity):
Here are the links to each countries specific application of the ePrivacy directive:
The iubenda Cookie Solution allows you to manage all aspects of the Cookie Law, in particular:
You can collect consent via multiple mechanisms including continued browsing, scrolling, and/or specific clicking actions. Keep in mind though that allowed consenting actions may differ depending on the Member State law.
Below you will find all necessary steps to use iubenda to make sure you comply with the Cookie Law.
Click on Generate now under Dashboard > [Your website/app] > Cookie Solution:
This will take you directly to the configuration panel of your cookie banner:
Once saved, you’ll get a similar code snippet:
Simply copy and paste it before the end of the
HEAD tag of your pages. Alternatively, you can use one of our plugins: currently we have plugins available for WordPress, Joomla!, PrestaShop and Magento.
The Cookie Solution also allows you to indicate whether or not you’d like to apply GDPR protections to the following:
Here’s an example: a US-based e-commerce site has different sections available to users in the US and in Europe. They want to apply GDPR protections (i.e. show the cookie banner) to just their EU-based users.
This is possible by checking the Request consent to EU users only located in Cookie Solution > Edit > Advanced View > Consent Collection Settings. Once you check this option (in code
gdprAppliesGlobally:false), you’ll be able to automatically detect the user country (in code
Here’s the Cookie Solution snippet you’ll get:
If you choose to request consent to EU users only, but prefer to implement your own country detection system, you’ll have to set
gdprApplies:false on pages where consent is not required.
For more details about consent collection settings, see our advanced guide.
If you are EU-based, it is mandatory that you apply the protections to all users and not just users based in the EU.
According to the Data Protection Working Party, a European think tank and advisory body on data protection and privacy, few categories of cookies are exempt from the consent requirement. Therefore, all other codes that install or can install cookies must be preemptively blocked before consent is obtained.