Safeguard Your Visitor Tracking

We help you ensure your website cookie disclosure is fully PECR and ePrivacy compliant.

Try FREE For 30 Days

If your website offers goods and services to EU residents and uses cookies, then it must comply to the Privacy and Electronic Communications Regulation (PECR) and ePrivacy Directive.

Our CookieScan platform

  • Regularly scans your website for cookies
  • Uses our cookie database to automatically classify cookies into essential and non-essential categories
  • Automatically builds your Compliant Cookie Notice
  • Notifies you when your cookies change and need to be reviewed · Simple portal to manage your account, cookie classification and to style your consent plug-in
  • Premium – Scan up to 10 sub-domains
  • Reseller – Manage all your client’s sites under a single portal and earn 25% commission
Try FREE today

Our Cookie Consent Plug-in

  • Choice of 3 styles of pop-up
  • Geo-aware: CookieScan will present the plug-in appropriate to your visitor’s local Cookie law requirements
  • Fully customisable to match colour and fonts of your website
  • Blocks cookies until consent is given
  • Non-ePrivacy compliant, implied consent cookie banner also available
Try FREE today

Seamless Integration Into all Websites

Blocks cookies "out of the box" with our automatic domain-level script blocking or…

  • JScript API allows developers to fully integrate detailed cookie-level consent
  • Full support for Google Tag Manager integration
  • Full support for Google Consent Mode
Try FREE today

Cookie Compliance Anywhere in the World

Compliant with:
  • The consent requirements under the General Data Protection Regulation (GDPR)
  • The cookie requirements under the ePrivacy Directive 2002/58/EC amended by 2009/136/EC and the PECR
  • The California Consumer Privacy Act (CCPA)
  • The Protection of Personal Information Act 4 of 2018 (POPIA)
And many more, for a full list see ‘What the rest of Europe do about cookies’
Try FREE today

If your website offers goods and services to EU residents and uses cookies, then it must comply to the Privacy and Electronic Communications Regulation (PECR) and ePrivacy Directive.


The Cookie Law is a piece of privacy legislation that requires websites to get consent from people who land on their site to store or retrieve any information on a computer or any other computer device. It was designed to protect online privacy, by making people aware of how information about them is collected and used online, and gave them a real choice to allow the cookie or not. If started as an EU Directive that was adopted by all EU countries in May 2011.The Directive gave individuals rights to refuse the use of cookies that reduce their online privacy. Each country then updated its own laws to comply. In the UK this meant an update to the Privacy and Electronic Communications Regulations. To learn more, please visit  ICO explains about cookies

The law was designed to protect online privacy by raising awareness among users and customers about how digital information is collected and used. It also presents them with a choice over whether or not they are comfortable with it.

When the legislation first came into force in the UK, the then information-commissioner Christopher Graham spoke of the Cookie Law’s “positive benefits”, saying “it will give people more choice and control over what information businesses and other organisations can store on and access from consumers’ own computers”.

If you own a website, you will need to make sure it complies with the law, and this usually means making some changes.

If you don’t comply you risk enforcement action from regulators, which in the UK means The Information Commissioners’ Office (ICO). In exceptional cases this can mean a fine.

However, non-compliance could also have other, perhaps more serious consequences than enforcement. There is plenty of evidence that consumers avoid engaging with websites where they believe their privacy is at risk, and there is a general low level of trust about web tracking by the use of cookies.

Compliance with the cookie law comes down to three basic steps:

  • Work out what cookies your site sets, and what they are used for, use the 30-day free trial and find out what cookies are on your website.
  • Tell your website visitors how you use cookies.
  • Obtain their consent, such as by using CookieScan, and give them real control over the use of cookies.

In early 2017, the European Commission proposed updating the Privacy and Electronic Communications Regulation in a bid to replace the existing laws.

The draft regulation, dubbed the ePrivacy Regulation, provides a set of new rules on the use of cookies and direct marketing through electronic communications. If it comes into force, the new law would update the current rules on confidentiality of electronic communications, and bring service providers within the scope of the EU’s ePrivacy laws for the first time.

The UK ICO’s submission to the EU’s consultation on the issue said the rules should be tweaked to “achieve a proportionate balance” between privacy rights and “legitimate interests of information society services”.

Users of electronic communications services would also obtain a new right to object to the processing of their electronic communications data, and could potentially win compensation from communication providers if they have “suffered material or non-material damage as a result of an infringement” of the new rules by those companies, said law firm Pinsent Masons.

It was anticipated that the ePrivacy Regulation would launch at the same time as GDPR, and sit within its scope. However, further deliberation on ePrivacy has delayed its enactment, and so it’s now unlikely to appear until late 2019.

A full guide to the upcoming ePrivacy Regulation, and how it will fit into wider data protection policies, is available here.

Cookies are just simple text files which contain two pieces of information; a site name and a unique user ID.

For example, when you visit a site that uses cookies for the first time, a cookie is downloaded onto your device so that the next time you visit that site, your computer checks to see if it has a cookie that is relevant (that is, one containing the site name) and sends the information contained in that cookie back to the site.

The site then ‘knows’ that you have been there before, and in some cases, tailors what pops up on a screen to take account of that fact. This can be helpful to vary content according to whether this is your first ever visit to a site or you visit a particular site a lot.

CookieScan scans your website and groups cookies by categories using our vast database of cookies. You can then select and rearrange the scanned cookies to different categories. These categories are

  • Necessary
  • Preference
  • Statistic
  • Marketing
  • Unclassified

This approach will show you are taking ePrivacy and GDPR seriously and give users of your website real choice before obtaining consent.

Yes – you can choose the colour scheme, so change the background, button, text, on/off switches and the cookie description colours to match the look of your website.

Yes, we will always record and download all user consents. Recital 42 GDPR states:

“Where processing is based on the data subject’s consent, the controller should be able to demonstrate that the data subject has given consent to the processing operation. In particular in the context of a written declaration on another matter, safeguards should ensure that the data subject is aware of the fact that and the extent to which consent is given.”

  • Paid subscriptions can be monthly or annually.
  • You can use CookieScan on multiple sub-domains by taking advantage of our Premium subscription, our Standard subscription will only apply to one domain.
  • You can set automatic website scans to keep your pop-up up to date or conduct manual scans.
  • Our Premium subscription recognises what language your website is being displayed in, and automatically sets that language.

You might need to re-login to activate all paid subscription features. Depending on payment processor, it could also be that it will take some time to receive the payment, just contact us and we will activate it right away.

Here are the 4 most common reasons for popup not showing up:

  • Do you have HTTPS website and a free trial account? HTTPS is only available for paid subscription users.
  • Can you see CookieScan in the source of your webpage? If not – it was not added properly.
  • Try to clear cookies, it is possible you already clicked “Allow All Cookies” button and now popup is not showing up.
  • Do you have any JavaScript errors? This can be checked by right clicking > Inspect element > Console tab. JavaScript errors can prevent other JavaScript files from running.

Sorry to hear you go. Please let us know if there is something you want us to change and we will check how to improve our services.

You can delete your account in your Account Portal.

Yes. You can turn on Google Tag Manager events for your domain. This will fire events when the page loads for each category of consent, if the user has consented. You can use these as triggers in Google Tag Manager.

You can also turn off Automatic Blocking should you wish to purely use Google Tag Manager and/or our JS API

Yes. We have a JS API that you can turn on for your domain. This will provide you with a JS object that contains each consent category and whether or not the user has consented. You can use this in your JS code to determine whether to run a line/lines of code.

You can also turn off Automatic Blocking should you wish to purely use the JS API and/or Google Tag Manager events.

Yes. You can turn off our Automatic blocking. You can then use either Google Tag Manager events, our JS API or a combination of them both in order to prevent cookies from being loaded in your code.

Yes. You can implement CookieScan using Google Tag Manager. This then doesn’t require you to add any code directly to your sites source.

Note: If you implement it in this way, you must control blocking yourself using Google Tag Manager events to create triggers that load tags. The JS API and Auto Blocking will not be available.

We have engineers ready to assist with the integration of CookieScan into your website. 

Implementation will usually take anywhere between 1 and 4 hours and we charge per hour for our engineer’s time.  

If you would like us to assist you with an implementation then please drop us an email at and we will be in touch to discuss your requirements.

We have carried out extensive testing on many websites to understand the impact our plug-in may have on the performance of your website.

We have found that on websites with load times greater than 5 seconds, CookieScan has no impact on the site performance.

On faster websites with load times of less than 5 seconds, CookieScan will add on average, an additional 1 to 1.5 seconds load time.  This degregation is slightly increased where Google Tag Manager has been used, by an additional 200 to 300ms.

Ensure your website is PECR and ePrivacy compliant

Create a FREE CookieScan account today and start managing your cookie consent.

Get Started