The 2025 Cookie
Compliance Checklist
Launching a new site? Don't get fined. Run through these 8 items to ensure you are safe.
- 1. Prior Consent (Blocking)Do you block GA4, Pixel, and Hotjar scripts before the user clicks "Accept"? If they load immediately, you are non-compliant.
- 2. Granular ChoicesDo you offer specific categories like "Marketing", "Analytics", and "Functional"? A simple "Ok/No" button is often insufficient for GDPR.
- 3. No Pre-ticked BoxesIn your "Preferences" modal, are the non-essential boxes unticked by default?
- 4. Reject Button VisibilityIs the "Reject All" button as visible as "Accept All"? Hiding it in a second layer (Dark Pattern) is now explicitly illegal in the UK and France.
- 5. Withdraw ConsentCan users easily change their mind? You must have a floating badge or footer link to reopen the settings modal.
- 6. Cookie Policy UpdateDoes your policy list every single cookie, its provider, duration, and purpose? Is it up to date with the plugins you installed last week?
- 7. Consent Mode v2If using Google Ads, are you sending the `ad_user_data` and `ad_personalization` signals?
- 8. Consent Log (Proof)Do you store a timestamped log of the user's consent ID? You need this proof if a regulator knocks on your door.
Too many items to check?
We automated this entire list. Our script handles blocking, categorization, logs, and Google signals out of the box.
Automate my compliance ->