European laws require that digital publishers give visitors to their sites and apps information about their use of cookies and other forms of local storage. In many cases these laws also require that consent be obtained.
This site is produced by Google. We work with lots of publisher partners and, based on that experience, we wanted to provide any publishers with easy-to-implement tools that can help them meet their legal obligations to get user consent.
What do I need to do?
 |
| web cookies compliance |
There’s guidance from data protection authorities and IABs (see below) across Europe on what is required to comply with relevant laws. We also recommend seeking legal advice on what’s right for your website or app, though we recognize that many publishers don’t have access to legal advice.
There are vendors that offer tools or solutions to add a cookie consent function to your website, some of which are free of charge. For example:
Cookie Consent by Silk tide
Cookie Control by CIVIC
The Cookie Collective by Governor Technology
Cookie bot by Cybot
Cookie Consent Kit by the European Commission
These solutions can be configured in different ways. Some of them allow you to give your users choices about the cookies used on your site. For example, your visitors might be presented with an option to block 'advertising' cookies. It's important to note that such configurations won't control the cookies on your site automatically.
So if you're using third party advertising services, such as Google AdSense, you'll need to take steps to integrate your preferred solution with the advertising tags on your pages to make sure your users' preferences are respected. Each vendor offers instructions or support services for doing this. If you don't follow these steps for all the tags on your pages, you risk misleading your users: they will think they’re switching off advertising cookies when in fact advertising cookies will still be used. Therefore, test carefully any implementation of these tools on your own site.
iOS Android
// This code will work in iOS 2 and up
// (spoiler: you're not going to need anything below iOS 6).
// Tested in iOS 7
// In your app's UIApplicationDelegate:
- (BOOL)application:(UIApplication *)application
didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
(...)
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
if (![defaults boolForKey:@"termsAccepted"]) {
NSString *message =
@"Your message for visitors here";
UIAlertView *alert =
[[UIAlertView alloc] initWithTitle:@"Cookies"
message:message
delegate:self
cancelButtonTitle:nil
otherButtonTitles:@"Close message", nil];
[alert show];
}
}
// Elsewhere in the file:
- (void)alertView:(UIAlertView *)alertView
clickedButtonAtIndex:(NSInteger)buttonIndex {
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
[defaults setBool:YES forKey:@"termsAccepted"];
[defaults synchronize];
}
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 3.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies.
Make sure you carefully test this code in your own apps. Note that it does not distinguish EU visitors from non-EU visitors, so all your visitors will see the notices unless you add your own geographic restrictions.
What do I put in my consent message?
Unfortunately we can’t tell you what your website or app consent message should say because it will largely depend on your own uses of cookies and other information, and the third party services you work with. However, we can give you some pointers.
Here’s a message that might be appropriate for your website, if you use products like Google AdSense or Google Analytics, or similar products from other organisations. Just remember, you’ll need to adjust this to suit your own uses of cookies and other information.
We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information you’ve provided to them or they’ve collected from your use of their services. See details
For an app, you might want a slightly different message:
We use device identifiers to personalise content and ads, to provide social media features and to analyse our traffic. We also share such identifiers and other information from your device with our social media, advertising and analytics partners who may combine it with other information you’ve provided to them or they’ve collected from your use of their services. See details
Where should 'See details' link?
The link in your message may expand the area that contains the message, to offer more information, or it may open a new page that contains additional detail. That new page might be part of your Privacy Policy, or it might be a dedicated cookie policy.
Again, we can’t tell you what to write by way of detail: it will depend on the cookies and other information you use, the other services you work with, and any opt-out controls made available to users of your site. However, we can offer some help as regards your use of Google products on your site.
If you’re using Google products like Google AdSense or DoubleClick for Publishers, you’ll be required by your contract to follow Google’s EU user consent policy. If you are using Google Analytics Advertiser Features, you’ll be required to follow the Policy requirements for Google Analytics Advertisers features. To comply with the disclosure obligations with respect to Google's use of data, you have the option to display a prominent link to How Google uses data when you use our partners' sites or apps.
Implementing a consent mechanism like this for your EU visitors, which includes a link to an additional information page that in turn links to Google’s information about how Google uses data, can help you meet the requirements of Google’s own policies. It should also help towards your compliance with European cookie and data protection laws.
