When we look for a cookie plugin we have to be more safe than sorry because it is a really important legal part of our website.
What should my new GDPR and cookie plugin have?
So I started to search and test all the plugins out there for privacy and cookie policy consent, which should offer the following:
- Clear and visible initial warning banner without any doubt about privacy policies and cookies. The famous first layer of information.
- The banner should be able to be dismissed by acceptance, rejection or simple scroll.
- The banner should be able to link to the full privacy and cookie information easily.
- It should have a settings window from which the user can easily change their decision about accepting privacy and cookie policies.
- It should be possible to force (or not) the acceptance of essential or session cookies.
- It should be possible to accept or reject third-party and additional cookies separately.
- It must be possible to specify the expiration of the acceptance (by law 24 months maximum).
- Must have some system to REALLY be able to control and accept/reject cookies.
- Compatible with WordPress privacy tools.
- Compatible with multilanguage plugins.
- Adaptable to all types of devices (responsive).
- Better if it is free in the main features.
Looking at the list, what did I find?
The harsh reality
After many days of testing, I found that most cookie plugins do not offer even half of the minimum requirements to help us comply with the GDPR. In fact, most are only intended for non-EU countries’ cookie laws.
Either they only offer a method of consent, or they don’t actually block cookies until acceptance, or they are simply just a banner that serves no purpose other than to inform, with no real consent from the user.
The solution: GDPR Cookie Compliance
So, after many installations and tests, I found one that is almost perfect: GDPR Cookie Compliance.
- The first layer information banner has customizable texts, appearance and position.
- Fully editable (texts, appearance, colors, fonts, even your own logo).
- Setting to define consent expiration.
- By default, you can configure the acceptance or not of each type of cookie.
- Separate windows for the session, third party and additional cookies.
- Simple and integrated link to privacy and cookie policies.
- User consent review screen easily linked from any page.
- Compatible with WPML, QTranslate, WP Multilang and Polylang.
- Fully responsive.
- Accept/reject buttons.
- Real control of cookies through boxes where to enter the scripts that will not be loaded until acceptance.
So, as you can see, it meets everything I was looking for to comply with the RGPD.
In the following screenshots, you can see how everything can be configured.
As you can see in some of them, you also have 3 boxes in which to insert the scripts that generate cookies (Google Analytics, Tag Manager, etc.), either in head, body or footer. Practical and it works, because any script you put there, instead of through plugins, theme settings or inserted, will not be loaded until the user does not accept the corresponding acceptance screen (third party or additional cookies).
Of course, this implies that you should not use plugins to insert such scripts that create cookies. That is if you want to comply with European legislation on data protection and cookies.
Finally, in addition to the pop-up button that you can always display, for the user to change their privacy settings, you can also add a link like the following, wherever you want, so that users can open the privacy and cookie settings screen:
#gdpr_cookie_modalCode language: CSS (css)What about you? Do you use any method to comply with the GDPR and the EU cookie policy? Tell us in the comments.
