Iubenda logo
Start generating

Documentation

Table of Contents

GDPR Cookie Consent Cheatsheet

Disclaimer: Please note that these tables summarise the most recent guidelines from EU national authorities. They may evolve over time, depending on future legislative texts, case-law, or guidelines published on the subject.

NOTE: page or paragraph numbers for each country always refer to the respective document specified underneath the table.

Rules for collecting cookie consent: Per-country Comparison

*Note: Italy’s DPA guidelines were published before the entry into force of the GDPR, but they’re likely to change in the near future.

Questions
🇬🇧 UK
🇮🇹 Italy
🇩🇪 Germany
🇫🇷 France
🇪🇸 Spain
🇩🇰 Denmark
🇬🇷 Greece
🇧🇪 Belgium
🇮🇪 Ireland
🇪🇺 EDPB
Is consent by scrolling valid?

NO

YES

NO

NO

NO

NO

NO

NO

NO

NO

Is consent by continuing navigation valid?

NO

YES

NO

NO

NO

YES

NO

NO

NO

NO

Are explicit “accept” AND “reject” buttons required to be on the cookie notice?

YES

NO

YES

YES

YES

YES

Not specified

Not specified

YES

Is the prior blocking of cookies necessary where consent is required?

YES

YES

YES

YES

YES

YES

YES

YES

YES

YES

Are full Cookie walls admitted?

Unlikely

Not specified

NO

Possibly

NO

NO

NO

NO

Not specified

NO

Must cookies be listed one by one?

NO

Not clear

NO

NO

NO

NO

Not clear

Not clear

Likely no, but not clear

Must consent be granular on a per-purpose basis?

Per-service but not necessarily per-purpose

NO

YES

YES

YES

YES

YES

YES

Yes, per purpose

YES

Is proof of consent requested according to the criteria established under the GDPR?

YES

NO

YES

YES

Not specified (but implied)

YES

Not specified

YES

YES

Not explicitly stated

Should withdrawing consent be as simple as giving it?

YES

NO

YES

YES

YES

YES

YES

YES

YES

YES

Is the use of a consent banner recommended?

YES

YES

Best practice

Not specifically

YES

Not specifically

YES

Not specified

Not specifically

May cookies (and other trackers) be placed on legal grounds other than users’ consent?

YES

YES

YES

YES

YES

YES

YES

YES

YES

Do third parties have to be listed and identified?

YES

Not specified

Not specifically stated

YES

YES and NO

YES

YES

Not specified

Not completely clear

Is it specified how long the consent to a cookie should last?

NO

NO

NO

YES

Indirectly

NO

NO

NO

YES

No duration explicitly stated

Are pre-ticked boxes allowed?

NO

NO

NO

NO

Not specified

NO

NO

NO

NO

NO

What is the territorial scope of national cookies laws?

Not specified

Not specified

Germany

France

Spain

Not specified

Not specified

Not explicitly stated

Ireland

Sources and further reading

*Unless otherwise stated, all sources linked are in their respective languages.

Belgium

2020:

Denmark*

2020:

2019:

*guidelines apply to any consent-based processing of personal data, not only to cookies or trackers, strictly speaking.

European Data Protection Board – EDPB

2020:

France

2020:

Finland

2020:

Germany

2020:

Greece

2020:

Italy

2014:

Ireland

2020:

Spain

2020:

UK

2019: