Cookie Script

TL;DR we found the best Cookie compliance script.

Cookie script makes it easier to comply with the European AVG/GDPR law, which has been in force since May 25, 2018.

What is the GDPR?

The GDPR is a European privacy regulation. It ensures the careful processing of personal data by businesses and organisations. For instance, you must have a good reason to process personal data. And you are not allowed to gather and use more data than is absolutely necessary. These rules apply across the EU/EEA. GDPR stands for General Data Protection Regulation, but in the Netherlands, the GDPR is referred to as the AVG or Algemene Verordening Gegevensbescherming. The GDPR came into force on 25 May 2018.

Examples of personal data

Names and addresses, telephone numbers and postal codes and house numbers all constitute personal data. Sensitive data, f.i. someone’s race, sexual orientation, religion, or health, are called special personal data. It is not allowed to process special or criminal personal data, unless an exception has been made for you in the law.

The GDPR applies to all companies that do business in, or with, the EU

If your business is located in one of the EU member states or in the EEA, even if only with a subsidiary or branch, or if (even one of) your customers, suppliers or any other stakeholders are residents of an EU member state, you need to comply with the GDPR.

One of the consequences for the website is that you now have to ask permission from the visitor before placing cookies. There are quite a few providers for sometimes sky-high amounts that are not easy to implement for smaller companies, so that it is sometimes unnecessary. Now that in addition to Europe, California and other parts of the world (eg Turkey, South Africa, Brazil, Canada, Thailand) are opting for more privacy legislation, it is clear that privacy is indispensable, in fact, it is becoming increasingly important. And therefore smaller companies also have to participate.

We ourselves are a big advocate of privacy and have removed Google Analytics and Facebook. However, we still use ReCaptcha to prevent bots from spamming our forms. Since Google sets cookies, we also need to implement a cookie consent solution. In the future we will most likely switch to hCaptcha, the privacy alternative.

We choose cookie-script.com because it:

  • Easy and fast to implement
  • In Thai, English, German etc. (support for 34 languages in total + custom translations if you want it)
  • WordPress and many other integrations
  • Free, or with more options for a low amount per month (6 euros for 2 websites). Free works up to 20,000 page views per month.

Step 1 – Sign up

Go to cookie-script.com and click on “Try now“.
Enter your name, desired username (username) and password, your email and click “Register”.

Step 2 – Create a profile for your website

Follow the pictures below:
2.1 – choose a name for the profile, e.g. my website, and the URL of your website
2.2 – choose the language English for the initial cookie banner text (this can be changed later)
2.3 – choose from one of the 4 basic designs (for example pasted at the bottom)
2.4 – scan your website* (*skip this if you haven’t got everything right yet — see “Cookie Statement” below for more information, but in short: you can only scan once every 24 hours with the free version)
2.5 – copy the code (if you are at home in html). Or skip this step. Installing for example a WordPress plugin comes in the next step.

Step 3 – Install the WordPress plugin

Here we focus on WordPress, if you’re using anything other than WordPress, follow their guide, which you can find here: On the Cookie script website, go to Account > Dashboard > Choose a website profile > Edit > Settings > Installation and scroll down and choose the desired integration manual.

Note: If you copy the javascript code into your website yourself, make sure that the cookie script code is loaded before any other code that may need to be blocked.

Possible easy plugin integrations

Use WordPress? Then log in to your WordPress website, usually you put /wp-admin after the name of your website to log in. Then go to Plugins > Add New > Search for “cookie-script.com” — it will look something like the picture below. Click “Install Now” and after installing that button will change to “Activate“. Click on that too.

Add new plugin in WordPress

Go to the settings of the plugin, via Settings > Cookie-Script.com

You now need an ID (see the next section). You can also choose which visitors should receive the cookie banner. Choose “Global” to show it to all visitors.

Plugin settings

In the Dashboard of cookie script you can see all your website profiles. Each profile has an ID (see the picture below). You need this ID in WordPress. You cannot use the “Copy” button (which is used to duplicate the whole profile). So just copy the ID by selecting it and then Ctrl-C (Windows/Linux) or Cmd-C (Mac). And then paste it in WordPress at Item ID (see the paragraph and the image above) and click Save.

Where to find the ID for use in WordPress

Step 4 – Adjust Settings

Everything works now! Congratulations! But you may want to adjust some settings, that’s possible.

In Cookie script go to Dashboard > Choose a profile > Edit > Settings

Settings > Main Settings – You have to enter the Cookie Policy URL here, you can refer to your privacy statement if it includes something about cookies, but they also have templates available. You can also choose a smaller button here via “Smaller button without icon”.

The following options are already set correctly, so you don’t have to, but you can change everything.

Settings > Behavior
Settings > Design – left or right, dark or light version (small or large goes via Settings > Main Settings)
Settings > Texts
Settings > Translations

(Optionally) Stop third party scripts from even loading until the visitor approves their setting:

>>> If you’re on the free plan or lite (paid) plan, you can’t use the Scripts tab, but you have to change the javascript open tag from:

<script type="text/javascript">

to:

<script type="text/plain" data-cookiescript="accepted" data-cookiecategory="functionality">

In this case we used functionality but there are 5 different options:

Strictly Necessary cookies: strict
Functionality cookies:  functionality
Marketing cookies: targeting
Performance cookies: performance
Unclassified cookies: unclassified

For more information about blocking scripts please check here.

>>> If you’re on the standard or above (paid) plan, you can use the Scripts tab to stop third party scripts from even loading until the visitor approves their setting.

The Scripts tab is next to Settings, see the picture below. Here you can find all scripts. You can indicate per script whether it is, for example, Functional or something else.

Leave all essential scripts set to “Not selected”. Only choose the third party scripts that can be blocked without causing the website to stop working.

And turn on the main checkbox to enable this functionality in the first place. Cookie-script confirmed they will update this page to make it a little easier to understand.

Troubleshooting

Problem: Missing cookie statement

Solution: In the free version, you can only scan the website once every 24 hours. So make sure everything is set up correctly, so that the scan finds all cookies and scripts at once. Based on this, and based on the settings, the cookie statement is created, which is shown to the visitor via Show details > Cookie statement.

If that cookie statement turns up empty, you can try again after 24 hours, via Scans > Scan again

Cookies are found via the scan, but if that is not the case, you can also add cookies manually. Check your own website, via the browser Developer Tools (Cmd-Option + i on Mac). On the Application tab you can find all Cookies under Storage.

Developer Tools

You then transfer this to Cookies on the cookie script website.

Add cookies manually

For full transparency: this solution is free in most cases. If you do take out a paid subscription via the registration link, we will receive a percentage of that. Because we now know this product better, we can also offer you better support. You are not obliged to purchase this product, however, it is the best solution we have found so far. And we have already seen a lot of solutions for customers.

Cookie Script

By Rutger | October 6, 2021

TL;DR we found the best Cookie compliance script. Cookie script makes it easier to comply with the European AVG/GDPR law, which has been in force since May 25, 2018. What is the GDPR? The GDPR is a European privacy regulation. It ensures the careful processing of personal data by businesses and organisations. For instance, you…

Access control per account

By Rutger | October 5, 2021

For many years our resellers can control their customers’ access to specific functionality of the control panel. But it was on or off. No granular control. Let’s say that DNS management is hard to understand for your customers, then you usually switch this off. Same goes for ordering. Perhaps some of your customers order a…

How to Optimize Site Performance for Core Web Vitals

By Rutger | June 8, 2021

There are many factors that affect website rankings, one of which is, site performance. How does your site perform in terms of speed and accessibility? Just this month  Google established a new user experience metric called Core Web Vitals. Core Web Vitals aims to put the most optimized website in terms of performance on top of…

Firefox’s new Site Isolation Security Architecture

By Rutger | May 28, 2021

Online there are plenty of untrustworthy websites that could overpass the initial security in your primary browser. Which is why Firefox developed a new Site Isolation Security. With the main purpose of preventing malicious websites from accessing or stealing information from your accounts on other websites.  The process of site Isolation security is separating web…

WordPress Proposes Blocking Google’s FLoC

By Rutger | April 25, 2021

In the recent announcement from WordPress, they state that they are treating Google’s new FLoC tracking technology as a security concern and may block it by default on WordPress sites. Google’s Federated Learning of Cohorts (FLoC) received a lot of criticism concerning privacy. “FLoC is meant to be a new way to make your browser…

Am I FLoCed? A New Site to Test Google’s Invasive Experiment

By Rutger | April 5, 2021

 Am I FLoCed is one of an effort to uncover the invasive practices of the adtech industry—Google included. It is a new site where you can check if you are being subjected to the latest advertising experiment, FLoC. What is FloC? Federated Learning of Cohorts or FLoC is Google’s new advertising technology intended to replace…

DuckDuckGo Browser and Extension

By Rutger | February 25, 2021

DuckDuckGo describes itself as “the search engine that doesn’t track you.” Although DDG is better known for its privacy-focused search engine, the company has expanded into making its own Privacy Browser app for Android and IOS. The DDG Privacy Browser has the speed you need, the browsing features you expect (like tabs & bookmarks), and…

The Search Engine That Doesn’t Track You

By Rutger | February 11, 2021

THERE’S A NEW battleground in the browser wars: user privacy. Just recently, we published an article about Brave browser and how effective its tracker blocking technologies. So here’s another talk of the town privacy-focused search engine that will help you enjoy the internet without having to worry about leaving a digital footprint.  What is DuckDuckGo?…

Mozilla Firefox 85.00 is Here!

By Rutger | January 30, 2021

The popular open-source web browser Mozilla Firefox finally released version 85.00. With significant updates including the much-awaited major privacy enhancement called network partitioning. Check out the major improvements and what’s been added and changed for the latest Firefox 85.00. What’s new? The Adobe’s popular software Flash Player is no longer supported by Firefox 85. “There is…

Update: Let’s Encrypt Extends Support for Android 7 or Older Devices for Three Years

By Rutger | January 13, 2021

Back in November, Let’s Encrypt an open certificate authority announced an end to its partnership with Identrust and to “Standing on Our Own Two Feet – Let’s Encrypt”. The supposed part ways will cause compatibility issues with Android 7.1.1 or older to not be able to access HTTPS websites.  In its new announcement, Let’s Encrypt has…