Request a Demo
5 min read

How to add cookie messages to your website

Data privacy laws such as Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) have made it obligatory for websites—at least those that do business in Europe and the United States and collect information from customers in these areas—to have a cookie message on their homepage.

But what is it, and how do you add it to a website?

Adding cookie messages to a website is much simpler nowadays, thanks to website plug-ins and data privacy services that allow you to customize your cookie message’s text, appearance, and options, on top of ensuring that it’s compliant with relevant laws.

You can also add cookie messages by building your own script that lets it pop up as soon as a user visits your site.

What Is A Cookie Message?

A cookie message is a pop-up or banner that appears on your website during a user’s first visit. It communicates your website’s use of cookies and gives people the option to opt-in or opt-out of the use of cookies.

Cookie messages also usually link to a businesses’ privacy policy, where the consumer rights established by data privacy laws are listed. Follow the link to an article that addresses the question: How often should a privacy policy be updated?

What Should A Cookie Message Include?

To ensure that people’s data privacy rights are upheld, a cookie message should contain:

  • an explanation of the purpose of website cookies
  • the option to opt-in or opt-out from the use of cookies
  • a link to a cookie policy, privacy policy, or website cookie details

A cookie message can also expand to include customization options, where users can choose which category of cookies they want to allow, e.g. just necessary cookies and marketing cookies, only preference cookies, etc.

Why Does A Website Need A Cookie Message?

Cookies are packets of data that computers receive and send to track users’ information. They’re generally harmless; website developers use them to create a more personalized and intuitive online experience, while business owners use them to get to know their customers better.

However, since cookies contain personal information, they are a potential risk to individuals’ privacy. So data privacy laws require businesses to either obtain consent before using cookies or at least inform consumers about how cookies collect and use their information.

Businesses can do this using a cookie message that immediately appears as soon as a person arrives at their website, ensuring that consent is obtained before that consumer uses the site.

How To Add A Cookie Message To A Website

To add a cookie message to your website, you can ask a website developer to create a script for your website, use built-in plug-ins (for websites that use development platforms or hosts like WordPress or Squarespace), or add tools from data privacy services. In case you want to know how to block cookies before consent, follow the link to that information.

Built-in Script

If you have an in-house website developer, you can create a built-in script for a cookie message that fits your website. This is a good option if you’d like to have a pop-up or banner that’s cohesive with the general style of your platform. Just make sure that it includes all the necessary details and the opt-in/opt-out choices that comply with data privacy regulations.

Website Plug-ins

Most website development sites and hosting services have created plug-ins that you can add to your website straight from the platform. Wix, for example, has a cookie banner that you can enable and customize on your website—without any complicated codes or scripts from your end.

Data Privacy Services

Data privacy services can usually hook your website up with a cookie message through ready-made scripts or widgets that you can just add to your website. The advantage of these is that you’re 100% sure that your cookie message is compliant with any international and local data privacy laws.


Adding a cooking message to your website ensures that you are doing your part to follow data privacy laws, essentially upholding people’s data privacy rights. Not all websites need to comply with regulations like the GDPR and the CCPA. But seeing as many international markets are putting value on data privacy, it’s good practice for all businesses to conform to these laws as soon as they can.

Privacy Tech
October 5, 2021

Continue reading

10 data privacy trends to watch in 2023
Odia Kagan
10 min read
News, Regulations
What the POTUS privacy push means for your 2023 strategy
Jonathan Joseph
7 min read
Privacy Tech, Product
3 requirements for effective consent management
Peter Wang
6 min read

Get started with Ketch

Simplifying your privacy program has never been easier. Begin your journey to simplified privacy operations and granular data control across the enterprise.