Skip to content

In 2025, privacy isn’t just a legal requirement — it’s a brand imperative.

“The State of Digital Trust in 2025”, a new global study commissioned by Usercentrics, reveals a major turning point: consumers are changing the way they consider data collection and sharing in the digital world. They’re more privacy-aware, more trust-conscious, and more willing to act when brands fall short.

Consumers’ concerns and demands for more control are growing

In today’s complex digital landscape, people aren’t rejecting data-sharing. They’re questioning, hesitating, and looking for proof that brands will use their data responsibly. This isn’t about saying no to personalization or innovation. It’s about demanding control, clarity, and accountability.

For marketers, this shift is a powerful opportunity. Privacy-led strategies aren’t just about legal compliance; they’re a competitive advantage. Privacy-Led Marketing is a strategy that helps brands meet rising expectations, stand out in crowded markets, and build lasting loyalty at a time when trust is the ultimate differentiator.

The report lays out a clear roadmap for marketers who are ready to lead with transparency. Here are four of the key insights.

1. Consumers feel like the product — and they’re pushing back

People are increasingly aware of how their data fuels the digital economy, and many are growing comfortable with that data being used — under certain conditions.

This signals a new baseline: trust must be earned, not assumed. Transparency and respectful data practices aren’t optional — they’re expected.

Consumers are thinking before they click. The cookie banner has become a moment of truth when it comes to trust.

Consent interactions are now a frontline brand experience. A clear, respectful approach builds trust. A vague or manipulative one damages it from the very first click.

3. Trust is conditional and not evenly distributed

People are becoming more selective about which brands they trust, and the bar is high.

Highly regulated sectors like finance and the public sector enjoy higher levels of trust. Meanwhile, industries like tech, retail, and automotive are lagging. In today’s trust economy, clarity and evidence are the new currency.

4. The privacy knowledge gap is real — but brands can lead

Consumers care about privacy, but many don’t fully understand how their data is collected or used.

This creates a huge opportunity. Brands that simplify, educate, and empower can become trusted allies, and turn confusion into confidence, hesitation into loyalty.

Discover how leading marketers are turning transparency into a competitive edge, and why privacy is the new foundation of brand trust.

About the research/methodology

This report is based on a survey by Sapio Research, commissioned by Usercentrics, of 10,000 consumers who frequently use the internet across Europe (the UK, Germany, Italy, Spain, and the Netherlands) and the USA. Interviews were conducted in May 2025. The research aimed to uncover the true state of data privacy and digital trust today, and provide businesses with guidance on how to develop their consumer data consent strategy. 

As AI hype accelerates and Big Tech’s influence expands, consumers are demanding more than just convenience, they’re demanding accountability. In 2025, trust has evolved from a compliance checkbox into a central consumer concern that brands need to take into account. 

For marketers, privacy can no longer be an afterthought. It must be embedded into marketing strategy. The brands leading today are those creating meaningful experiences with their customers by embedding privacy into the core of the customer journey.

This shift marks a pivotal moment for marketers. Consumers aren’t rejecting data-sharing, they’re taking an active role in deciding who gets access to their data and why. 

Those who adopt a privacy-first mindset won’t just meet rising expectations, they’ll earn a lasting competitive advantage by establishing close and trusting relationships with consumers. Those who don’t will lose relevance — and revenue — as consumers choose brands that respect their data.

Chapter 1: The algorithm effect: How AI turned data into a trust issueChapter 2: Consent clicks: Privacy choices = marketing momentsChapter 3: Not all brands are trusted equallyChapter 4: From privacy pressure to brand power
People know their data has value and feel uneasy when they’re kept in the dark or feel out of control with how it’s used. AI hype has made data use even more visible.Consumers are actively engaging with consent banners. “Accept all” is no longer a reflex, it’s a definite decision. Consumers don’t trust all brands equally, and nearly half say being clear about how their data is used is the single most important factor in earning their trust.Consumers are signaling that they care about privacy, but they’re still unsure how it works.
62% of people feel they have become the product, and 59% are uncomfortable with their data being used to train AI.42% read cookie banners “always” or “often”, while 46% click “accept all” cookies less often than they did three years ago. 44% say transparency about data use is the number one driver for trusting a brand.77% of global consumers don’t fully understand how their data is being collected and used by brands.

For brands, Privacy-Led Marketing is about more than ticking legal checkboxes or meeting regulatory standards. It’s a growth imperative, an opportunity to stand out, build deeper loyalty, and grow in a market where trust is the ultimate differentiator.

“This isn’t a backlash, it’s a reset. And the brands that succeed will be the ones that don’t wait for regulators, but instead lead with Privacy-Led Marketing. Getting ahead in offering transparency, control, and informed consent is going to be crucial.”
Adelina Peltea, Chief Marketing Officer at Usercentrics
— CMO at Usercentrics

About this research: This report is based on a survey by Sapio Research, commissioned by Usercentrics, of 10,000 consumers who frequently use the internet across Europe (the UK, Germany, Italy, Spain, and the Netherlands) and the USA. Interviews were conducted in May 2025. The research aimed to uncover the true state of data privacy and digital trust today, and provide businesses with guidance on how to develop their consumer data consent strategy.

Chapter 1: The algorithm effect – How AI turned data into a trust issue

Artificial intelligence is reshaping the relationship between people and their data, and not always for the better. As these systems become more advanced, their opacity deepens concerns about how and why users’ data is used.

AI systems are now baked into everyday life: powering recommendations, predicting preferences, automating decisions, and, with that, sometimes even influencing how we perceive reality. 

But as the presence of AI grows, so too does public discomfort with how these systems are trained and deployed — especially when personal data is involved. 


These aren’t just statistics, they’re signals. AI is triggering a shift in the public’s understanding of privacy, and with it, a demand for new kinds of trust. 

The discomfort around personal data being to train AI models is real; and it creates a trust gap that brands must prioritize closing. If ignored, they risk reputational damage and losing user loyalty.

What used to be an abstract concern — “my data is out there” — has become deeply personal. Consumers are starting to ask sharper, more informed questions:

Consumers no longer want vague promises of “data protection.” They want proof that brands know what data they collect, how it’s being used, and most importantly — why. 

When people feel their data is being fed into opaque algorithms that serve corporate goals rather than human needs, trust erodes. This shift raises the bar for brands to not only ask for data, but justify its use in ways that feel fair and transparent.

We’ve reached a turning point

In 2025, trust isn’t built with fine print. It’s built with transparent systems, explainable models, and ethical data practices. People want to see how decisions are made, what they’re based on, and how they can opt out if they choose. They’re looking for brands that don’t just ask for consent, but actually mean it.

This is the foundation of Privacy-Led Marketing, a strategy built not just on privacy compliance, but on clarity. Brands that are willing to engage in the AI and data conversation (rather than avoid it) are positioned to stand apart.

Tip for Marketers: AI anxiety is real and growing. Don’t ignore it.
Instead of hiding behind algorithms, humanize them. Explain how your AI systems work: show people what data is used, and why. Give them real choices. Trust isn’t a feature; it’s a feeling. And you have to earn it.

Consumers are moving from awareness to action, becoming more intentional in how they manage their data. They’re reading cookie banners, rejecting vague terms, and actively adjusting their settings. 

What was once a passive click is now a conscious choice, and that shift is reshaping how people engage with brands from the very first interaction. 

Consumers are more privacy aware and are acting on it. 42 percent read cookie banners “always” or “often”, signalling growing consumer intent to participate in their own data governance, a shift that redefines consent as an ongoing dialogue, not a one-time ask.


Nearly half of consumers (46 percent) click “accept all” for use of cookies less often than they did three years ago, according to the survey. This is more pronounced in mainland Europe, with Italy, the Netherlands, and Germany leading the way in this trend. 

This behavior signals declining blind trust. Brands relying on dark patterns or vague messaging may find engagement falling — not due to apathy, but active resistance.

A further 36 percent of consumers globally have actively adjusted their privacy settings on websites or apps, and the same number have stopped using a website or deleted an app due to privacy concerns. 

The data also reveals that those who are more privacy-informed are even more likely to modify cookies and take control over their data.  

Importantly, most consumers (65 percent) are still happy for brands to collect their data, but they are taking real steps to control their data, rather than blindly accepting all. People aren’t rejecting data collection altogether; they’re rejecting vague terms, overly complex choices, and unclear value.

In short, privacy has taken a bigger role in the consumer decision journey. That first consent banner isn’t a compliance formality, it’s a brand moment. Done right, it is an opportunity to demonstrate restraint while building respect and trust. Done poorly, it creates mistrust from the first click and also depletes your consented data in the process. 

Marketers have a powerful opportunity to lead the privacy conversation, guiding user-first experiences that convert consent into connection, and privacy into performance.

By rethinking consent UX and messaging — from dark patterns to clear value propositions — brands can turn a once-maligned legal step into a moment that builds trust, credibility, and even conversion. 

This shift also reframes privacy from a blocker to a growth lever. It’s not just about minimizing opt outs. It’s about maximizing opt-ins and a chance to prove that you respect your customers and users and their preferences.  

Tip for Marketers: Design your consent banner like it’s a landing page. See it as your first handshake with customers. Turn consent into a contextual brand moment.
Ask for consent only when relevant, at checkout, for instance, and explain the benefit (e.g. ”so we can personalize your cart”.) That clarity builds trust and strengthens brand connection.

Chapter 3: Not all brands are trusted equally

Data privacy and security are playing an increasingly crucial role in building trust. Consumers are clear about what they expect from brands in exchange for their data. Meeting these expectations is no longer a bonus. It’s a baseline for earning attention, engagement, and repeat interaction.


What would improve your trust in how a brand uses your data?  

  1. Transparency about data use (44%) 
  2. Strong security guarantees (43%) 
  3. Ability to limit or control data sharing (41%)  



Trust isn’t freely given any more — it’s conditional. Brand promises aren’t taken at face value. Consumers want evidence: proof that their data is being handled responsibly and securely, and that they’re being given real choices and control.  

Consumers also don’t trust all brands equally, and the differences in where they place trust might be surprising. 

External factors play a critical role in establishing that trust. Industries that are more heavily regulated, like finance and the public sector, tend to enjoy higher levels of trust when it comes to data collection and usage. 

By contrast, technology and social media companies have been increasingly scrutinized by regulators, media, and the public, so it’s unsurprising that these industries have lower levels of trust among consumers. 

That said, highly customer-centric sectors like retail might be surprised to find they rank so low, while among Gen Z, 39 percent rank social media platforms as trustworthy.  

Similarly, trust is no longer strongly tied to geography. Consumers are nearly as cautious about sharing data with businesses from the USA (73 percent) as they are with those from China (77 percent).

Other European countries, traditionally viewed as more trusting, rank only an average 10 percentage points lower in terms of consumer caution, highlighting that trust is relative, not guaranteed. 

Know your audience  

The good news? Regardless of what sector or geography your brand is in, consumers are clear about what they want and how brands should engage with them before collecting and using personal data. 

Brands that communicate clearly and openly from the outset about how they handle data won’t just achieve compliance with regulations, they’ll build credibility and deepen customer relationships and engagement. And in a competitive landscape, trust becomes your most powerful differentiator. 

Tip for Marketers: Understand that security and data transparency build brand trust more than geography or industry.

Chapter 4: From privacy pressure to brand power

Consumers are clearly signaling that privacy management matters to them, but many still don’t fully understand how it works. This creates a powerful opportunity for forward-thinking brands: those who lead with education and transparency will build trust and gain a meaningful advantage.


Consumers want to feel in control of their data, but many still don’t fully understand how it’s collected or used. 

There’s momentum: consumers are clicking “accept all” less often, adjusting their settings, and signaling that they care more and more about who has their data and what is being done with it. But a knowledge gap remains. 


That confusion creates a wedge between your brand and your audience. When clarity is missing, so is confidence, and with it, the willingness to share data.

This is where brands can step in — not as enforcers, but as enablers. While trust in governments and regulators is uncertain, brands that offer transparency and guidance can become the trusted voice consumers turn to, because in the digital world trust is the foundation of lasting relationships. 

Privacy literate behavior is growing, but there’s still a need for education. In today’s complex digital landscape, clarity and reassurance are rare, but valuable. 

Move beyond compliance to customer advocacy

The smartest brands won’t wait for regulation to catch up. Waiting means losing ground to competitors who move faster and earn trust sooner. Instead, they’ll act as privacy champions: 

And most importantly, communicating these practices clearly and positively.  

This isn’t just about giving people choices. It’s about making those choices meaningful and easy to understand. When brands take the lead, they not only build trust. They create differentiation, loyalty, and long-term growth. 

Tip for Marketers: Pivot to building a modern, consent-based journey, one that considers how you collect, activate, and measure consented data at every touchpoint.

Chapter 5: Action plan — a marketer’s guide to privacy-led growth

The digital economy runs on data, but the rules of engagement are being rewritten. A EUR 600 billion ecosystem built on passive tracking and third-party data is being reshaped by global regulation, heightened consumer awareness, and the erosion of traditional identifiers.

Today, consumers don’t share data by default when they have a choice. As the research in this report shows, they’re opting out, speaking up, and making intentional privacy choices. 

Meanwhile, marketers — still the biggest users of personal data — are facing a new reality: privacy isn’t just a legal obligation; it’s a brand differentiator, and a strategic necessity.

From obligation to opportunity: The privacy-led shift

Privacy-Led Marketing is how modern brands turn these pressures into performance. It’s a mindset shift from compliance checklists to competitive strategy. It doesn’t slow growth: it unlocks it.

This approach goes beyond permission and policy. It’s about embedding trust at every touchpoint to fuel better data, richer relationships, and sustained growth. Privacy becomes a driver of marketing precision, not a barrier to it.

At its core, Privacy-Led Marketing is about activating the full value of data — consented and responsibly modeled — across the lifecycle, from collection and activation to measurement and optimization.

These aren’t just more respectful experiences — they’re more effective ones. When done right, they reduce friction, increase confidence, and convert attention into loyalty.

What Privacy-Led Marketing unlocks

Brands that embed privacy into their customer experience gain far more than compliance:

Privacy-Led Marketing turns rising expectations into brand elevation. It’s a way to demonstrate your values — not just declare them — and convert trust into tangible business results.

How to start: The Privacy-Led Marketing checklist

These principles build on the research and insights in this report. Apply them across your marketing journey.

1. Lead with clarity in a world of AI and algorithms

Why it matters: AI and Big Tech have made consumers more aware — and more wary — of how their data is used. Marketers must lead with clarity and respect.

2. Design privacy as a brand touchpoint

Why it matters: Design your consent banner like it’s a landing page. See it as your first handshake with customers. 

3. Use transparency to differentiate your brand

Why it matters: Consumers trust what they can see, not just where you’re from or what industry you’re in.

4. Make privacy understandable — and valuable

Why it matters: Consumers want to act on privacy, but many don’t know how. Marketers can bridge the gap.

About Usercentrics
Usercentrics is a global market leader in solutions for data privacy and activation of consented data. Our technology solutions enable customers to manage user consent for websites, apps and CTV. Helping clients achieve privacy compliance, Usercentrics is active in 195 countries on more than 2.3 million websites and apps. We have over 5,400 partners and handle more than 7 billion monthly user consents. Learn more on usercentrics.com.

Discover key insights into the latest marketing trends and their impact on businesses. During this engaging session, Yuri Lopes Pereira, Phil Pallen, and Navah Hopkins, explore the evolving marketing landscape and provides actionable strategies to future-proof your approach.

What You’ll Learn:

Who Should Watch?

Join Usercentrics for an exclusive webinar exploring the top marketing trends that will define 2025. Our expert panel will discuss the most critical shifts that performance marketers need to prepare for, including Privacy-Led Marketing, the creator economy, AI, surreal creativity, niche community engagement, and hyper-personalized content.

What You’ll Learn:

Date: February 20th, 2025
Time: 2:00 PM CET
Location: Zoom

Unable to attend? Register anyway to receive the webinar recording.

You have budget allocation, you have messaging and graphics, and you’re ready to pull the trigger on a great targeted marketing campaign. But wait, are you forgetting something critical? Are you getting the right consent from your audience? 

Major ad platforms like Google Ads require obtaining and signaling user consent for you to maintain full access to all their features, including personalization and targeted advertising. Don’t risk wasting thousands of dollars of your ad budget and scrapping that remarketing campaign by failing to get consent.

Usercentrics Audience Unlocker is the answer. It enables digital marketers to obtain valid user consent that can be seamlessly signaled to the ad platforms you rely on. So you can continue to leverage Google Customer Match and enhanced conversions, and will soon also include LinkedIn custom audiences, Meta custom audiences, and other re-engagement tools.

Read on to learn how you can seamlessly obtain and sync consented first-party data to fully leverage retargeting while staying compliant with privacy regulations and building trust and engagement with your audience.

Video Preview
Video Preview

We need your consent to load the YouTube Video service!

We use a third party service to embed video content that may collect data about your activity. Please review the details and accept the service to watch this video.

powered by Usercentrics Consent Management Platform

What is Audience Unlocker and why do you need it?

Audience Unlocker is a lightweight, focused solution that simplifies consent management for digital marketing. It delivers secure data capture and directly integrates with Google Ads so you can seamlessly obtain consent from users and sync valuable first-party data with your marketing tools. 

Zero-party and first-party data are valuable because they come directly from customers and website visitors. Zero-party data is provided voluntarily, e.g. through surveys, feedback forms, or review, or account settings and preferences. First-party data is collected by your company via website analytics of user activities, customers’ purchase records, email and social analytics, and other sources. As this data directly reflects user actions, it helps enable better predictive analysis and segmentation, among other functions. Explicit user consent is increasingly required to process first party data, but it’s easy to provide clear information about the use and value for customers.

The Digital Markets Act (DMA) also brought strict consent requirements to big tech platforms. To achieve and maintain compliance, those gatekeeper companies, including Google, have put in place their own requirements for their customers, affecting millions of companies and their advertising programs. Proof of consent is required for digital marketers to maintain full access to critical advertising functions, including personalization and remarketing. Each consent choice must also be traceable, retrievable, and revocable.

How can Audience Unlocker benefit your marketing activities?

Remarketing improves recall for your brand, conversion rates, ROI, cost effectiveness of campaigns, and more. It also requires personal data, which requires user consent. But you want the best quality data you can get. It requires less slicing and dicing, saving time and resources. It also enables better targeting and higher engagement and conversions.

Additionally, data privacy regulations typically mandate data minimization. You can only collect data you need for specific, stated purposes, and retain it only as long as you need to fulfill them. If your marketing purposes change, you need to obtain new consent as well. So getting the highest data quality means you need less data overall, enabling minimization compliance.

This means you want zero- and first-party data directly from your customers. It’s up to date, accurate, and comes with their consent. Use of third-party cookies is increasingly being deprecated, and third-party data continues to become less effective. 

To provide the great user experience requirement to optimize consent rates, marketers need robust and user-friendly consent and preference management. Customers become more comfortable providing more data once they trust that you respect their privacy, and when they know they’re in control of it over time. That’s what Usercentrics Preference Manager and Audience Unlocker are built to deliver.

Meet ad platforms’ requirements, as well as those of laws like the GDPR and CCPA. Provide a fully customizable and user-friendly way for your customers to manage their consent and preference choices, which are then seamlessly signaled to ad platforms so you can maintain and grow your personalized marketing activities.

Audience Unlocker is especially valuable for small and mid-size companies with limited legal and technical resources, removing the need to implement specialized, resource-intensive consent solutions for privacy compliance. 

Online marketplaces can improve customer return rates with personalized and well targeted ad experiences. Ecommerce and retail organizations can better target returning costumes with personalized ads. Finance, insurance, and healthcare companies can maintain engagement or re-engage users while meeting privacy compliance requirements. The travel and hospitality industries can re-engage past visitors and future travelers with tailored offers. 

How will you use Audience Unlocker to level up your targeted advertising?

Audience Unlocker and Google Customer Match

Google Customer Match enables businesses to leverage their first-party customer data to target ads more precisely across Google’s platforms, including Google Search, YouTube, and Gmail. 

Companies can create custom audiences that match their existing customers by uploading customer information, helping to personalize ad experiences and drive higher engagement.

Google Customer Match is particularly valuable for remarketing campaigns, as it enables businesses to reconnect with users who have previously interacted with their brand. But companies must ensure that the data they use is compliantly collected and processed according to regulatory requirements and Google’s policies.

In many regions, this requires explicit and informed customer consent to access personal data. This is where Preference Manager and Audience Unlocker are valuable. They simplify consent management and privacy compliance, while helping you maximize the effectiveness of your Google Customer Match campaigns on Search, Shopping, Display, YouTube, and Gmail.

Audience Unlocker addresses marketing challenges

Audience Unlocker extends the value of Usercentrics Preference Manager and specifically benefits your use of Google Customer Match by centralizing consent management and consent signaling as required by those platforms. We will also be extending coverage to Meta, e.g. with Facebook Audience Ad Targeting and custom audiences, and LinkedIn Matched Audiences.

Audience Unlocker is easy to set up, integrates directly into your existing forms, and syncs seamlessly with Google Customer Match. You activate customers’ high quality and consented data and boost the efficiency of your retargeting campaigns across platforms.

Audience Unlocker features

Take a look at some of the handy features that help protect your marketing activities and boost efficiency.

How can you get Audience Unlocker?

Join our waitlist — click on Get Free Early Access and you’re in! Become an early adopter and try it for free.

Being a successful enterprise company today means understanding and adhering to global privacy regulations and business requirements to protect user data and respect privacy.

One critical digital component of privacy compliance is the cookie popup, which has become a familiar notification on websites and apps. These popups serve a dual purpose: they inform website and app users about data collection and request their permission to collect and use personal data.

As global privacy laws like the GDPR and CPRA tighten their grip and online consumers become more savvy, cookie popups have become indispensable tools for maintaining transparency, protecting revenue, and building trust with users.

We explore the importance of cookie popups, details of implementation, and best practices for great user experience, high consent rates, and achieving and maintaining privacy compliance.

A cookie pop-up, also known as a cookie banner or consent banner, is a notification that appears on a digital property to inform visitors and users about the use of components and other tracking cookies and to ask for their permission to use them to collect personal data.

A cookie popup appears on websites, apps, and other digital platforms where data is collected, and outlines the types of third-party cookies and other tracking technologies used on the site and what they’re used for. It also informs users about the data collected via cookies, parties that may access the data, and other factors, depending on relevant privacy regulation requirements.

Under European rules like the General Data Protection Regulation (GDPR) and ePrivacy Directive (also sometimes known as the “cookie law”), websites and apps must comply with more than just notification requirements. When collecting users’ personal data, digital property owners have certain obligations regarding users’ data privacy. For instance, securely storing data collected, including consent choices, or not disclosing or selling the data to third parties without prior consent from users in many cases.

Desktop Banner

Cookie popups are important for website owners, app publishers, and others with platforms that collect personal data. They’re also important to consumers whose data is being requested as well. They let users know what technologies can collect their data, for what purposes, and enable (ideally) granular consent options, which usually also need to be changeable or revocable over time to be privacy-compliant.

The main reason to implement a cookie popup is to comply with global privacy laws, such as the GDPR and the California Privacy Rights Act (CPRA). By using these popups, websites can demonstrate their compliance and commitment to user privacy, thereby building trust with visitors. This trust enhances user engagement, leading to higher-quality data, which in turn benefits marketing operations and boosts revenue.

Additionally, cookie popups give users control over their data. By enabling people to choose which cookies they feel comfortable accepting, website owners are improving the website browsing experience.

For businesses, cookie popups enable the collection of useful data for improving website performance and marketing strategies in a legally compliant way. This can also contribute to improving ecommerce and product development.

Cookie popups play a crucial role in compliance with data privacy laws across the globe. Many regulations, such as the GDPR, require websites to gather explicit consent from users before collecting, using, or sharing their data through cookies. Other laws, like those in the US, usually only require users to be able to opt-out.

To comply with global data privacy laws, website owners and app publishers must follow a few key requirements of cookie popup use.

While cookie popups are not explicitly mandated by all privacy laws, they have become a common practice for demonstrating compliance and respecting user privacy. For instance, while the CPRA doesn’t specifically require cookie popups, many websites use them to comply with the law’s broader privacy protection requirements.

Cookie popup

International laws requiring cookie consent popups

Various countries have different regulations related to cookie consent popups.

It’s important to note that while these laws influence cookie consent practices globally, the specific requirements for cookie popups can vary by jurisdiction. Many websites implement cookie consent mechanisms to comply with these various regulations, especially if they have a global audience.

Typically, data privacy laws protect residents of the jurisdiction where they are active, e.g. the GDPR protects residents of the EU. Many laws are also extraterritorial, which means it doesn’t matter where companies are located if they process the data of residents of the region where the law is active. So a US-based company has to comply with the GDPR if it processes data of EU residents.

The list above covers the more well-known privacy regulations, but it is not exhaustive. To date, the majority of the world’s population is covered by one or more privacy regulations. It’s important for website owners and app publishers to be up to date on the jurisdictions and laws relevant to their business, and the compliance requirements. Companies should consult qualified legal counsel and/or a privacy expert.

When implementing a cookie consent popup on your website, it’s crucial to ensure compliance with privacy regulations and provide a good user experience. Use the following checklist to create an effective and compliant cookie consent mechanism:

  • Clear information: Explain which cookies you use, to collect which kinds of data, and why. Specify the types of cookies, e.g. necessary, functional, analytics, marketing). Mention if third-party cookies are used, and who sets them.
  • Give consent options: Provide equal consent options, like both “Accept and “Reject” buttons, both overall consent to cookie use and ideally options for granular consent to some cookies. Do not use manipulative tactics like prechecking boxes or only showing an “Accept All” option.
  • Active consent collection: Require users to take a clear affirmative action that’s recorded, e.g. clicking a button. Do not use scrolling or continued browsing as consent, which is prohibited under many laws.
  • Enable easy consent withdrawal: Provide a method for users to easily change their preferences or withdraw consent. Include a persistent “cookie widget” or callback button to make it easy to access.
  • Timely consent collection: Obtain consent before setting any non-essential cookies in jurisdictions where this is required. Best practice would be to block cookies automatically until consent is obtained.
  • Consent storage: Securely store user consents for as long as needed for privacy compliance and other legal requirements. Be ready to provide information in the event of data protection authorities’ inquiry or data subject access request.
  • Provide users with more information: Include a link to your full cookie policy or privacy policy that is prominent on any website page or app screen. Ensure it’s kept up to date.
  • Visibility and accessibility: Ensure the popup is prominently displayed and easily noticeable. Make it accessible on all devices (desktop and mobile) but also well branded and user-friendly to use. Don’t use it to block user access to websites or apps unless they give consent.
  • Language and readability: Use clear, understandable language without technical or legal jargon. Provide the banner in all languages your website supports, ideally with automatic geotargeting.
  • Respect user choices: Implement technical measures to honor user preferences. Block non-essential cookies until consent is given. If users decline consent, don’t ask again before the legally allowed period of time, e.g. 12 months, depending on the law. If your data processing purposes change, however, you may be legally required to get new consent, however.

By following this checklist, you can create a compliant cookie consent popup that respects user privacy and provides a good user experience.

Read about wordpress cookie consent now

There are multiple ways to install a cookie popup on your website.

The first is to use a consent management platform (CMP), such as Usercentrics CMP or Cookiebot CMP, that enables you to create a customizable and compliant cookie banner in minutes.

These CMPs will scan your website so you know which cookies and tracking technologies are collecting data, and create a cookie declaration that you can use alongside a privacy policy. The CMPs also record and securely store consent records, with a log of the cookie consent you receive from website visitors over time.

If you have a WordPress website, WordPress offers a range of cookie popup plugins, like the Cookiebot™ WordPress Plugin, that enable website owners to add a privacy-compliant cookie popup without compromising user experience. We’ve compiled a resource that enables you to compare the 10 Best WordPress cookie consent plugins.

Another option is to manually code a cookie banner for your website. Add a short explanation of the purpose of cookies, a clear statement on which action will signify consent and a link to your cookie policy. However, under EU law, if your website uses any non-exempt cookies or scripts, these scripts must be prevented from running until a website visitor explicitly grants consent.

A “DIY” approach to a cookie popup is not recommended for small businesses, due to the amount of work to build and maintain it, the expense of accessing qualified legal consultation to enable compliance, and the regulatory risks of mistakes or missing crucial components.

Read about cookie policy now

Cookie popups are no longer just a formality, they are a necessity. If your cookie consent popup does not comply with relevant regulations, you could face hefty fines, operational disruptions, loss of customer trust and brand reputation, and a long-term hit to revenue.

For example:

Fines can be imposed for various reasons, such as not obtaining proper consent, not providing clear information about data collection and use, or not giving users a genuine choice to accept or reject cookies. Fines are generally more severe for repeat offenses or willful violations.

A consent management platform (CMP) provides tools to help you achieve and maintain compliance with data privacy laws such as the GDPR, the ePrivacy Directive, and CPRA.

For example, Usercentrics CMP and Cookiebot CMP automatically scan your website to find, categorize, and list all cookies and trackers in use, including third-party ones. It helps you create personalized consent banners with relevant jurisdictional information to inform visitors and request their permission to use cookies.

Usercentrics and Cookiebot CMPs are also Google-certified, integrating seamlessly with Google Consent Mode and Google Tag Manager, enabling compliance with Google’s privacy requirements and maintenance of your marketing activities, including personalization and retargeting, in the EU, UK, and Switzerland.

Usercentrics does not provide legal advice, and information is provided for educational purposes only. We always recommend engaging qualified legal counsel or privacy specialists regarding data privacy and protection issues and operations.

Google has introduced two new parameters to Consent Mode, required for personalized advertising from March 2024. If you’re using Google Ads, Google Analytics, and/or the Google Marketing Platform for serving personalized ads in the EU/EEA and UK, you now need to update your consent management to meet Google’s new requirements.

Consent Mode is a tool that signals users’ consent choices to Google tags or SDK so that they can adjust their behavior to align with data privacy requirements. It also enables modeling to recover lost conversions.

Watch our webinar to learn the four steps you need to take now, and how you can protect your ad revenue for 2024 and beyond.

Our expert speakers will guide you through:

Watch this expert discussion and ensure your campaigns remain effective in the face of industry changes. Take proactive steps to safeguard your ad revenue and stay compliant with Google’s latest regulations.