Is a Reject button mandatory on a cookie banner?

Yes. Regulators require that refusing cookies is as simple as accepting them. In practice, this means a Reject (or Reject all) button must be present at the first level of the banner, with the same visibility and visual weight as the Accept button.

Can I use a cookie wall that blocks access to the site?

Regulators consider that conditioning content access on cookie acceptance undermines freely given consent. Cookie walls are tolerated only in very limited cases, when a fair alternative is offered to the visitor (for example, paid access without trackers).

Does scrolling on the page count as cookie consent?

No. The GDPR requires consent to result from a clear affirmative action. Simply scrolling, clicking a link or closing the banner without interacting with the buttons does not constitute valid consent. The visitor must explicitly click Accept.

Can cookie categories be pre-ticked by default?

No. The GDPR prohibits consent by default. In the customisation panel, all optional cookie categories (analytics, advertising, social media) must be unticked by default. Only strictly necessary cookies may be enabled without visitor action.

Where should the cookie banner be placed on the page?

Regulators do not prescribe a specific position. The banner can be at the top of the page, at the bottom or as a centred pop-up. The key is that it must be clearly visible, cannot be ignored and the visitor must not be able to browse the site without having been informed.

How can I improve consent rates without using dark patterns?

Several compliant approaches exist: clear and short text, granular choice by category (visitors accept more often when they can refuse only advertising), polished design integrated into the site, and A/B testing on banner position and wording.

Cookie consent banner examples: compliant designs

TL;DR

A GDPR-compliant cookie banner must clearly present tracker purposes, offer a Reject button as visible as the Accept button, and not trigger any non-essential cookies before the visitor makes their choice. Regulators such as the CNIL have published specific formatting examples and routinely sanction websites whose banners use dark patterns to steer consent.

What makes a cookie banner compliant?

A compliant cookie banner is an interface displayed when a visitor arrives that informs them about the trackers used by the site and allows them to accept or refuse their deployment. It serves as the "level 1" information layer: a concise summary of purposes, supplemented by a link to the cookie policy (level 2).

The consent collected through this banner must be freely given, specific, informed and unambiguous, in accordance with Articles 4(11) and 7 of the GDPR. In practice, this imposes precise constraints on banner design.

What are the mandatory elements of a cookie banner?

A compliant cookie banner must contain six essential elements.

An information text identifying the main categories of purposes (analytics, advertising, personalisation). It must be written in clear, plain language without excessive legal jargon.

An Accept button for global or per-category consent. A Reject button (or "Reject all") as visible and accessible as the Accept button. Regulators require that refusing is as simple as accepting. A Customise button (or "Manage preferences") enabling granular consent by cookie category. A link to the cookie policy for detailed information.

The absence of a Reject button at the first level, or placing it in a less visible sub-menu, is the most commonly sanctioned non-compliance.

Examples of compliant cookie banners

The minimalist two-button banner

This is the simplest and most common format. It displays a short text, an Accept button and a Reject button of identical size and style. A "Learn more" link leads to the cookie policy. This format meets regulatory requirements while minimising friction for the visitor.

This model works well for showcase websites and blogs that use few cookie categories.

The banner with a customisation panel

This format adds a third button ("Customise" or "Manage preferences") that opens a panel listing cookie categories with on/off toggles for each. The user can accept analytics cookies while refusing advertising cookies.

This model is recommended for sites that use multiple tracker categories and want to maximise partial consent rates.

The bottom-of-page footer bar

This format places the banner at the bottom of the screen as a horizontal bar. It is less intrusive than a centred banner or pop-up while remaining visible. The Accept and Reject buttons are aligned on the same row.

Regulators do not prescribe a specific position. The choice between top banner, bottom banner or centred pop-up is free, as long as the banner is clearly visible and the visitor cannot browse without having been informed.

Which practices make a cookie banner non-compliant?

Several common practices make a cookie banner non-compliant with GDPR requirements.

No Reject button at the first level. If the visitor must click "Customise" then manually untick each category to refuse, rejection is not as simple as acceptance. This is a dark pattern.

Reject button less visible than the Accept button. A brightly coloured Accept button paired with a light grey or plain text Reject button creates visual bias. Both buttons must carry equal visual weight.

Pre-ticked boxes for non-essential cookies. The GDPR prohibits consent by default. All optional categories must be unticked by default in the customisation panel.

Cookie wall blocking access to content. Conditioning site access on cookie acceptance is considered a violation of freely given consent. Regulators consider cookie walls acceptable only in very limited cases (when a fair alternative is offered).

Continued browsing counts as consent. Simply scrolling or clicking a link does not constitute valid consent. Consent must result from a clear affirmative action (clicking Accept).

Setting cookies before the visitor's choice. Analytics and advertising scripts must be blocked until the visitor clicks Accept. A cookie audit verifies this behaviour.

How to optimise consent rates without dark patterns?

It is possible to improve consent rates while remaining compliant.

Write short, understandable text. Explain in one sentence what cookies enable ("We use cookies to measure audience and improve your experience") rather than a legal paragraph. A clear banner generates better consent rates than an intimidating one.

Offer granular choice. Visitors who refuse everything often do so out of distrust. When they can accept analytics while refusing advertising, partial consent rates increase.

Invest in design. A banner that fits the site's design, with consistent colours and readable typography, is perceived as more trustworthy than a generic one. This does not mean making the Reject button less visible.

Test different formats. Position (top, bottom, centred pop-up), text wording, button order: these variables influence consent rates. A CMP like FlowConsent lets you adjust these parameters and measure the impact.

Checklist: designing a compliant cookie banner

Display clear text identifying the categories of purposes.
Offer an Accept and a Reject button of the same size and style.
Add a Customise button opening a granular choice panel.
Untick all optional categories by default.
Include a link to the cookie policy.
Do not trigger any non-essential cookies before the visitor's choice.
Allow the visitor to change their mind at any time (footer link).
Do not condition content access on cookie acceptance.
Do not treat continued browsing as consent.
Verify behaviour with a cookie scan after going live.

Conclusion

A compliant cookie banner is not an obstacle to user experience. It is a transparency mechanism that, when well designed, can maintain a good consent rate while respecting visitor rights. The examples presented show that a simple design with Accept and Reject at the same level, clear text and a customisation panel covers the core requirements.

If you are not sure your current banner is compliant, run a free scan of your site to check which cookies fire before consent and identify the adjustments needed.

Cookie consent banner examples: compliant and non-compliant designs