Does your website use third-party services? Get GDPR compliant in minutes.

Cookiebot

What does Cookiebot do?

Cookiebot (by Usercentrics) is a leading European cookie consent management platform (CMP) used by millions of websites to comply with GDPR and ePrivacy cookie requirements. It automatically scans websites for cookies, categorises them, and presents a consent banner to visitors. Cookiebot is IAB TCF v2.2 certified and integrates natively with Google Consent Mode v2, Google Tag Manager, and major advertising platforms. As a Danish company with EU infrastructure, it keeps consent data within Europe.

What is Cookiebot?

Cookiebot (acquired by Usercentrics) is one of Europe''s leading cookie consent management platforms. It provides automatic cookie scanning, categorisation, and a customisable consent banner that presents visitors with choices about which cookie categories to accept. Cookiebot stores consent records with timestamps and is IAB TCF v2.2 certified, enabling compliant programmatic advertising consent management. It integrates natively with Google Consent Mode v2 and Google Tag Manager.

How Cookiebot works

Cookiebot crawls your website monthly to discover all cookies and tracking technologies. It categorises them into Necessary, Preferences, Statistics, and Marketing. It generates a customisable banner that blocks non-essential cookies until consent is given. Consent choices are stored as a cookie (CookieConsent) containing the visitor''s choices, timestamp, and a hash for verification. These records serve as evidence of consent under GDPR Article 7.

GDPR and the CMP requirement

GDPR requires that consent be freely given, specific, informed, and unambiguous. For cookie consent, this means a CMP that: does not pre-tick boxes, does not use dark patterns, makes refusal as easy as acceptance, allows withdrawal of consent, and records evidence of consent. Cookiebot''s design addresses all these requirements. The Danish DPA (Datatilsynet) has confirmed Cookiebot meets Danish GDPR implementation requirements.

Get GDPR compliant in 10 minutes

Free plan available · No credit card required

Try FlowConsent free

IAB TCF v2.2 and advertising

Cookiebot is registered as an IAB TCF v2.2 certified CMP. For publishers using programmatic advertising, TCF certification enables passing consent signals to advertising platforms and ad exchanges. Cookiebot also supports Google Consent Mode v2 integration, allowing Google tags to operate in a privacy-preserving mode when consent is declined.

Practical compliance steps

Install the Cookiebot script in your page head. Configure categories to match your actual cookie use. Enable Google Consent Mode v2 integration. Integrate with GTM to conditionally fire tags based on consent. Customise the banner to meet your visual requirements. Run Cookiebot''s monthly scan and review newly discovered cookies. Store consent records and ensure your privacy policy links from the banner.

GDPR consent category

Essential

Websites using Cookiebot must obtain user consent under GDPR regulations.

Legal basisCookiebot is a consent management platform — it facilitates GDPR compliance rather than creating compliance obligations. It stores and manages visitor consent choices. The Cookiebot script itself is strictly necessary for operating the consent mechanism and does not require consent to load.

Risk levellow

Applicable regulationsGDPR, ePrivacy Directive, IAB TCF v2.2 certified. Cookiebot helps websites comply with these regulations.

DPIA considerations

A DPIA is not required for Cookiebot itself. It is a compliance enabler, not a high-risk data processor. The consent data stored in Cookiebot (consent records, timestamps, choices) is processed as part of your compliance obligations.

Sample consent text

This website uses Cookiebot to manage your cookie preferences. Cookiebot stores your consent choices and ensures that only the cookies you have accepted are loaded. You can change your preferences at any time by clicking the cookie icon.

Technical details

Tracking methodCookie consent management platform, automatic cookie scanning, IAB TCF v2.2 certified CMP, consent storage, consent signals to GTM and advertising platforms

Server locationEuropean Union (Usercentrics/Cookiebot is a Danish/German company with EU infrastructure)

Cookieless tracking availableYes

Third-party domains contacted

cookiebot.comconsent.cookiebot.comconsentcdn.cookiebot.com

Cookies placed

Name	Type	Duration	Purpose
CookieConsent	persistent	1 year	Cookiebot consent record storing visitor cookie category choices, timestamp, and verification hash for GDPR compliance

Cookiebot is an essential service, but transparency matters. Manage all your consent with FlowConsent.

Get started free Scan your site

Frequently asked questions

What is a Cookie Consent Management Platform (CMP)?

A CMP is a tool that manages cookie consent on websites. It scans the website for cookies, presents a consent banner to visitors, records their choices, and blocks non-essential cookies until consent is given. CMPs like Cookiebot enable compliance with the ePrivacy Directive's requirement for prior consent before non-essential cookies are placed.

Does Cookiebot comply with GDPR?

Yes. Cookiebot is designed for GDPR and ePrivacy compliance. It records consent with timestamps, does not use dark patterns, makes refusal as easy as acceptance, and provides consent records as evidence under GDPR Article 7. The Danish DPA has confirmed Cookiebot meets Danish GDPR requirements.

What is IAB TCF v2.2 and why does it matter?

The IAB Transparency and Consent Framework (TCF) v2.2 is an industry standard for managing advertising consent in programmatic advertising. When a website uses a TCF-certified CMP like Cookiebot, consent signals are automatically passed to ad exchanges and demand-side platforms, enabling GDPR-compliant programmatic advertising. Without TCF consent, many advertising partners should not serve targeted ads.

What cookie does Cookiebot itself set?

Cookiebot sets the CookieConsent cookie (1 year) on the visitor's device. This cookie records the visitor's consent choices (accepted/rejected per category), the timestamp, and a verification hash. This record serves as evidence of consent under GDPR Article 7.

Does Cookiebot integrate with Google Consent Mode v2?

Yes. Cookiebot natively integrates with Google Consent Mode v2, passing consent signals for analytics_storage, ad_storage, ad_user_data, and ad_personalization to Google tags. This is mandatory for EU advertisers using Google's advertising ecosystem since March 2024.

How does Cookiebot handle cookie scanning?

Cookiebot crawls your website like a visitor to discover all cookies and tracking technologies. It categorises discovered cookies into four groups: Necessary, Preferences, Statistics, Marketing. The scan runs automatically on a monthly schedule. New cookies discovered between scans appear in a "Not categorised" list for review.

Is Cookiebot GDPR compliant itself?

Yes. Cookiebot is operated by Usercentrics (Denmark/Germany) with EU infrastructure. Consent records are stored in the EU. No SCCs are needed for Cookiebot's own data processing. Cookiebot processes consent data as a data processor — sign the Usercentrics/Cookiebot DPA.

What are the main alternatives to Cookiebot?

Major alternatives include: Axeptio (French, EU-hosted, visual design), Didomi (French, enterprise, preference centre), OneTrust (US, enterprise-grade), TrustArc (US), Usercentrics (German, Cookiebot's parent), CookieYes (Irish), and Tarteaucitron (French, open-source). EU-headquartered alternatives are preferred by organisations with strict data residency requirements.

Get compliant — Try FlowConsent free

Free plan · 10-min setup