Just because you might not be aware of what the Cookie Law is (or why you should care about it), doesn’t mean you’re unaffected by it. In fact, if even a small part of your audience resides in the European Union (EU), you definitely need to learn about it.
Don’t worry, though! The law itself is easy to understand, and even simpler to put into action using WordPress. In this article, we’ll explore what cookie notifications are, how the Cookie Law affects you, and finally how to implement them in WordPress.
Simply put, a cookie notification serves to inform users that your website uses cookies – small files on your computer containing your personal settings for certain websites. Notifications come in many shapes and sizes, including simple horizontal bars and full-blown pages describing your cookie policy. The British Broadcasting Corporation (BBC), for example, takes the latter approach on their website:
Cookie notifications are a big deal, since they enable your visitors to know if and how your site tracks their information. It may seem like a redundant measure considering the prevalence of cookies, but less savvy web users might not be aware they’re being tracked at all. Implementing cookie notifications is simple, and it shows a degree of transparency that your visitors may appreciate.
The Cookie Law is a European Union Directive from 2011 stating websites with a customer base in the EU need to inform users if they’re using cookies and the types of data they’re gathering. Sites also need to ask for the visitors consent to do so.
All in all, it’s a straightforward directive, but things get a bit more complex when we talk about which businesses need to comply. Here’s the breakdown:
- If you operate a website out of the EU, you need to implement cookie notifications.
- Websites targeting EU audiences also must comply with the above regulation.
For example, if you run an online business out of the US, but target mainly EU users, technically you fall within the jurisdiction of the law if your website uses cookies. The Cookie Law also differentiates between two types of cookies, one of which is exempt from any compliance requirements:
- Session cookies: These types of cookies only persist during your current session on a website. Once you close your browser, these cookies are gone. They don’t fall under the jurisdiction of the Cookie Law.
- Persistent cookies: As their name implies, these cookies persist across sessions. They’re regularly used for tracking analytics and advertising opportunities, among other reasons.
In WordPress’ case, if we were to take a look at websites in the wild, we’d be hard-pressed to find one that didn’t rely on persistent cookies to some extent. To put it simply, if you operate a website out of the EU or targeted towards its residents, chances are you’ll need to comply with the Cookie Law.
Each member of the EU enforces the law slightly differently. For example, Austria doesn’t specify any compliance guidelines, whereas Belgium and Denmark deem implied consent to be sufficient. These variations make it somewhat complicated to follow the Cookie Law to the letter, but they mostly boil down to two types of consent:
- Explicit consent: This model requires that you directly ask users for consent to store their information. What’s more, you still need to provide them with information about what data you’re tracking.
- Implied consent: Simply notifying users you’re storing their data is enough. If they don’t leave the website after checking out the notification, they’re implying they consent to it.
Explicit consent is, of course, the most comprehensive option – but it’s also the most complicated to implement. A lot of websites – not only those based on WordPress – rely on persistent cookies for significant aspects of their functionality. That’s why the second model – implied consent – leads the pack these days.
As you might expect, WordPress makes it simple to implement cookie notifications by using plugins. We’re going to introduce you to two of our favorite plugins to do so, then teach you how to put one of them into action.
This plugin enables you to implement cookie notifications onto your WordPress sites in a matter of minutes. It supports both explicit and implied consent, and comes with plenty of customization options so you can adjust it to your site’s overall style.
Key Features
- Implements cookie notifications through footer or header bars.
- Supports both explicit and implicit consent methods.
- Enables you to specify which cookies won’t load if a user refuses to provide consent.
- Lets you set the length before persistent cookies expire.
- Provides you with several customization options.
Price: FREE | More Information
To be completely honest, this plugin shares a lot of qualities with our previous choice. It implements a notification bar on your website, and enables you to determine the cookie’s length. What it doesn’t do is provide an option for explicit consent, which costs it a few points in our book – even if it makes up for it with tons of customization options.
Key Features
- Implements a cookie notification located at your header, footer, or at the side of your website.
- Ability to determine on which pages your notification will appear.
- Supports implicit cookie consent.
- Provides you with several customization options, and can inherit your theme’s style.
Price: FREE | More Information
Both plugins share a lot of functionality, but we’ve decided to go with Cookie Notice for this tutorial. That way, we can cover the options for implementing both explicit and implicit consent.
To kick things off, install and activate the Cookie Notice plugin. As soon as you do so, it will enable a notification bar at the bottom of your WordPress website:
Naturally, you should customize it to your liking before making the change permanent. To do that, head into Settings > Cookie Notice. The first option you’ll see enables you to modify the notification’s core message. We trimmed it down a bit, since we also need to include a link to further information about our policy:
Further down, you can alter the text of your agreement button, as well as enable a Read more link. The latter field provides you with the choice to include a custom link towards your cookie policy. If you’re not sure what to include in yours, Cookie Notice suggests you use the Iubenda Cookie Policy generator:
The next setting determines whether users get to refuse cookies. If you enable this setting, it will provide you with an additional field that lets you to enter the code for your persistent cookies. When (or if) users agree to your consent notification, the code will proceed to load as usual:
Further down, you get the option to determine whether scrolling implies consent. As far as we’re concerned, you shouldn’t enable this option if you decide to go with explicit consent, but it’s your call. Next, you can configure the length of your persistent cookies. The default of 30 days is good enough for us:
That’s it for the plugin’s main settings. There are also some design configuration settings, which we’ll leave up to you!
Given how long it takes to completely set up (i.e. minutes), and that you can just as easily set up both implicit and explicit cookies, it’s a no-brainer to remain on the right side of the law using a dedicated plugin.
Both the plugins we talked about today are fully compatible with the Divi theme. You don’t need to tweak with any aspect of your Divi site to get them working either. Just configure the plugins as you would otherwise, and tailor the customization options to suit:
For the sake of stylistic consistency, we recommend you change your cookie notification’s color theme to match your home page. Just head back into the customization settings section we mentioned earlier, and update the colors as seen below:
That’s all there is to it!
Conclusion
Simply put, ensuring your website is compliant with the Cookie Law is a good decision. Enabling cookie consents in WordPress doesn’t just put you on the right side of the law, it also lets users know you take their privacy seriously.
In addition, it’s very easy to do – as you’re now aware after reading our tutorial. Simply follow these steps to comply fully with the Cookie Law:
- Choose either an explicit or implicit cookie policy depending on your requirements.
- Install and activate the Cookie Notice plugin.
- Include a link to a section with more details concerning your cookie policy.
- Customize the notification to your liking.
What’s your opinion on cookie notifications – a necessity in today’s security conscious world, or a waste of time? Subscribe and share your thoughts with us in the comments section below!
Article thumbnail image by lastspark / shutterstock.com.
Why does a cookie consent work on NOT WP-sites without special tools?
You just put the code as last paragraph in the head section.
Why is this not possible on WP-sites? We do not want to have another plugin…
Really helpful, well written post. Thanks!
You’re welcome Dave 🙂
Thank you so much for all the information you guys are providing us with. I really feel that I get so much value for my money. I LIKE Elegante Themes very much 🙂 🙂 🙂
Thank you again and again and again……
You’re more than welcome Rikke!
I like how this company used Cookie Consent to show an image of a guy with a cookie in his eye.
http://thenextweb.com/us/
Hey, nice post!
Thanks for the explanations (this post and all others).
So i have implemented the Promo bar https://divilife.com/creating-slide-in-promo-bar-in-divi/ as a Cookie notification bar. With a link to a page describing the cookies generated by WP, the website, plugins, etc. The bar stays for a week and comes back if it was closed … I have made it less intrusive by placing it at the bottom of the browser
What do you think of that?
Thanks in advance
Hello Yatish,
As long as you’re being compliant with the cookie directive, it all comes down to personal preference, and if you’re so inclined, testing to see how different iterations perform 🙂
Cheers,
John
Is there a way to test if a site uses persistent cookies?
Yes, try these on-line services:
https://webcookies.org/
http://www.cookie-checker.com/
Guess so: http://cookielawinfo.com/does-my-website-use-cookies/
Trying to understand why this could not (at least for the implied opt-in) be done with a simple pop-up…
If you are installing PIWIK for audience measurement, cookie management is included in it.
For the European Cookie Law I use Ginger https://it.wordpress.org/plugins/ginger/
An interesting option, but hasn’t been updated in 11 months…
Hey! Funny, I was wondering about that few days ago.
Very nice and interesting post.
10x
On my new blog I have already installed Cookie Notice plugin and activated a “Pro” license Iubenda. All right. Recommended.
Sorry I meant understanding..
Thanks a lot!
What if you need to display cookies notifications in different languages, depending on the browser’s language of the visitor?
Since normally in the EU you have to give notifications in the language of the visitor to ensure he is comprehending the message…
The Cookie Notice plugin is compatible with WPML and Polylang 🙂
Nice post… Thanks John
You’re welcome!