Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Spatie Laravel Cookie Consent is a lightweight open source PHP package by Belgian agency Spatie that displays a basic cookie notice on Laravel applications. It writes a single first party cookie (laravel_cookie_consent) to remember the dismissal and does not call any third party service. Used alone, it is more an information banner than a full consent management platform: blocking trackers and giving granular consent must be implemented separately.
Spatie Laravel Cookie Consent is a small composer package developed by Belgian agency Spatie. It adds a simple cookie notice to a Laravel application: when the visitor lands on the site, a Blade rendered dialog tells them that the site uses cookies, and provides a button to dismiss the notice. It is widely used by Laravel developers in Europe as a lightweight first step toward compliance.
The package sets a single first party cookie named laravel_cookie_consent on the application domain. It contains a value of 1 indicating that the visitor has dismissed the banner. The cookie has no tracking purpose and no personal data leaves your Laravel application.
The laravel_cookie_consent cookie qualifies as strictly necessary for the consent exemption of Article 5(3) ePrivacy because it remembers the user''s expressed choice. The package itself does not load any third party tracker, so it does not by itself create privacy obligations beyond proper transparency.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
The package is informational. It does not block analytics, advertising or social plugins, it does not provide categorised consent (necessary, statistics, marketing), and it does not generate proof of consent compliant with EDPB guidelines. Used alone with Google Analytics or Meta Pixel loaded directly in the layout, your Laravel app remains non compliant.
To reach actual GDPR/ePrivacy compliance, combine Spatie Laravel Cookie Consent with a real CMP (Klaro!, CookieYes, Cookiebot or a custom Vue/React banner) that gates third party scripts on a per category consent. Alternatively, replace the package with a fully featured open source CMP that natively integrates with Laravel''s Blade templates.
Treat the package as a UI helper for the cookie notice. Customise the message to clearly describe what cookies are set and link to a separate cookie policy. Combine it with conditional Blade includes that load analytics or ads only after a real consent is captured. Document the laravel_cookie_consent cookie in your privacy policy as strictly necessary.
Websites using Spatie Laravel Cookie Consent must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is not required for the package itself because no personal data is processed beyond a single first party cookie. The DPIA scope shifts to the trackers your Laravel app loads (analytics, ads, social plugins), which the package does not block on its own.
Sample consent text
This site uses Spatie Laravel Cookie Consent to display a cookie notice. A first party cookie (laravel_cookie_consent) is stored on your device to remember that you have dismissed the banner. No data is sent to any third party.
Third-party domains contacted
github.com/spatie/laravel-cookie-consentpackagist.orgCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| laravel_cookie_consent | first_party | 1 year | Stores the visitor's acknowledgement of the cookie notice so the dialog is not displayed again. Strictly necessary cookie, exempt from consent. |
Spatie Laravel Cookie Consent is an essential service, but transparency matters. Manage all your consent with FlowConsent.
It sets a single first party cookie named laravel_cookie_consent on the application domain to remember that the visitor has dismissed the cookie notice.
No, the laravel_cookie_consent cookie is strictly necessary to remember the visitor's choice and falls under the consent exemption of Article 5(3) ePrivacy. The package itself does not load any third party tracker.
Storage of the cookie is exempted from consent because it is strictly necessary. Tracking obligations come from the other scripts of your Laravel app, which the package does not block.
No, the package is self contained inside your Laravel application. It does not call any external API and does not generate transfers.
No DPIA is required for the package itself. A DPIA may still be needed for the trackers your Laravel app loads (analytics, ads, social plugins) which are not blocked by Spatie Laravel Cookie Consent.
Combine the package with conditional Blade includes or with a real CMP (Klaro!, CookieYes, Cookiebot) that gates third party scripts on a per category consent. Document the cookies in a dedicated cookie policy.
For a real CMP integrated with Laravel, consider Klaro!, Cookiebot, CookieYes, or building a custom Vue/Livewire banner with consent state propagated to the back end.
List the laravel_cookie_consent cookie as strictly necessary, with its 1 year duration and its sole purpose: remembering that the visitor dismissed the notice. No third party processor is involved.