* Contributors: cookiebot,phpgeekdk,aytac
* Tags: cookie, compliance, eu, gdpr, europe, cookie consent, consent, ccpa
* Requires at least: 4.4
* Tested up to: 5.3.2
* Stable tag: 3.6.0
* Requires PHP: 5.6
* License: GPLv2 or later
Cookiebot is a cloud-driven solution that automatically controls cookies and trackers, enabling full GDPR/ePrivacy and CCPA compliance for websites.
## Description ##
### Trustworthy and simple cookie consent solution for GDPR/ePR and CCPA compliance ###
Cookiebot is a cloud-driven solution that automatically controls cookies and trackers, enabling full GDPR/ePR and CCPA compliance and offering:
* A highly customizable consent banner to handle consents and give the user the possibility to opt in and out of cookie categories, as required by the GDPR/ePR, CCPA and similar legislations around the world.
* A Do Not Sell My Personal Information link on the cookie declaration for end-users to opt out of having their data sold to third parties, as required by the CCPA – including the special opt-in banner for sites that have visitors under the age of 16, also in accordance with CCPA.
* Monthly website scans, detecting all first- and third-party cookies and similar tracking on your site (e.g. HTML5 Local Storage, Flash Local Shared Object, Silverlight Isolated Storage, IndexedDB, ultrasound beacons, pixel tags etc.) as well as their provenance, duration and where the data is sent to.
* The unique Cookiebot feature of automatic cookie blocking. All cookies and tracking are automatically held back right from the moment the user lands on the website and until the proper consent has been obtained, enabling compliance with the GDPR and the ePrivacy Directive.
* An easy way to allow the user to change or withdraw their consent.
* Supports 45 languages in consent banner and cookie declaration.
* Secure storage of user consents in our cloud-driven environment. The user consents are downloadable and can be used as proof that the consent was given.
* Execution of cookie-setting scripts without a page reload, if the user gives consent.
Please read our FAQ at the bottom of the page for more information.
### Will my website become compliant once I install Cookiebot? ###
If you use our plugin version 3.0 or later and choose the automatic implementation, Cookiebot enables full compliance with the ‘prior consent’ requirement of the GDPR, the ePrivacy Directive (ePR) and similar legal instruments for protection of user data around the world.
Cookiebot also enables compliance with the CCPA through the implementation of the Do Not Sell My Personal Information link on a website’s cookie declaration, as well as the opt-in banner required if your website targets visitors under the age of 16.
The default consent banner has the strictest settings possible and is suitable for obtaining consent under both GDPR and the ePR. Make sure to adapt the consent banner content to fit your website. You should also check out [our GDPR checklist if you have users from the European Union](https://support.cookiebot.com/hc/en-us/sections/360000917513-Ready-for-25-May-2018-GDPR-enforcement-date-A-Cookiebot-checklist-). If you are using server-side cookies, please check the [“Server side usage” guide](https://www.cookiebot.com/en/developer/).
However, being a customizable plugin, true compliance always depends on the website owner choosing a type of banner, wording and settings that are compliant with the local legislation and fits the specific website and company (data controller).
**If you choose the manual implementation…**
Then please make sure of the following:
If you are using plugins that set cookies which require consent (which most do), you have to:
* Ask the plugin developers if they are planning on becoming GDPR/CCPA compliant, or if they would like to integrate with Cookiebot.
* [Check out our Github repository](https://github.com/CybotAS/CookiebotAddons), where we are developing integrations for Cookiebot, until the plugin developers choose to do this themselves, [or if WP Core enables such functionality](https://core.trac.wordpress.org/ticket/44043).
Once Cookiebot is installed and we’ve scanned your site, you can check the [cookie report](https://manage.cookiebot.com/goto/reports) to identify all cookies being set on your website. If the cookies are coming from content that you have inserted manually, you can mark up that content [as described in our manual implementation guide step 4](https://cookiebot.com/goto/manual-implementation).
Embedded videos and iframes which set cookies can be marked up as explained in our [Iframe cookie consent with YouTube example](https://support.cookiebot.com/hc/en-us/articles/360003790854-Iframe-cookie-consent-with-YouTube-example).
### Cookiebot Addons ####
Add-ons are produced by an open-source community of developers. This is done to help make it easier for Wordpress users to implement ‘prior consent’ for cookies and trackers set by plugins that do not offer this as a built-in functionality.
The add-ons are currently the best alternative to a Wordpress Core framework that can signal the user’s consent state to other plugins (if and when this will be implemented is unknown) and to those plugins who do not yet offer native support for Cookiebot built into the plugin itself.
We do not assume any responsibility for the use of these add-ons. If one of the plugins that the add-ons hook into makes a ‘breaking change’, there may be a period of time where the add-on will not work properly until it has been updated to accommodate the changes in the plugin.
If your favourite plugin isn't supported you're welcome to contribute or request on our [Github development page](https://github.com/CybotAS/CookiebotAddons).
## Installation ##
First, install the plugin on your WordPress site.
Then, go to Settings -> Cookiebot and add your Cookiebot ID.
If you haven't created one yet - or if you're not sure how to find it - follow the instructions on the page.
Once your Cookiebot ID is added, the consent dialog will be displayed to the visitors of your site.
[For more help, visit our support section, that contains various articles on how to set up Cookiebot properly](https://support.cookiebot.com/).
**Implementing the cookie declaration:**
**Implementing prior consent:**
Below is a video tutorial on how to manually implement prior consent i.e. holding back all cookies and trackers (other than those strictly necessary for the website to function) until the user has given a consent. The manual implementation guide (found in step 11 of the video) can be [found here](https://cookiebot.com/goto/manual-implementation).
Please note that you can make use of our automatic cookie blocking functionality instead of manually having to mark up the cookie-setting scripts. To do so, update the plugin (version 3.0.0 or higher) and choose automatic cookie control in your Admin panel.
## Frequently Asked Questions ##
### Is Cookiebot free? ###
Cookiebot is a freemium plugin, much like [Jetpack](https://wordpress.org/plugins/jetpack/) and [Monsterinsights](https://wordpress.org/plugins/google-analytics-for-wordpress/).
Whether the free plan can suffice or you need a premium plan, depends on two things:
**1. The size of your website, i.e. the number of subpages on your website.**
In other words, you cannot choose whether you want a free plan or a premium plan, as this is determined by the amount of subpages on your website. You can [get a quote](https://www.cookiebot.com/goto/quote-input/) to see what plan you need for your website.
**2. Your necessities, as the free plan does not include all features available in the premium plans.** The free plan does not include customization of banner and cookies declaration, multiple languages, e-mail reports, data-export, geo location, bulk consent, consent statistics, internal domain alias for development, test and staging.
If more than 100 subpages are found during the initial website scan, you will be given a free one-month trial of Cookiebot with full functionality.
See all details of [Cookiebot plans and pricing](https://www.cookiebot.com/goto/pricing/).
### What does Cookiebot count as pages?
Your pricing plan is dependent on the number of subpages we have detected on your website.
Some users mistakenly think that Cookiebot counts their **image files** as subpages, thus setting the users on a higher subscription plan.
Cookiebot does **not count image files as subpages**. Depending on your theme, Wordpress may automatically create real pages for content placed in your media library, called Attachment pages. Because these pages can contain online trackers, Cookiebot includes them in your page count.
To disable the Attachment page feature in Wordpress, please see the following guides:
### Cookie declaration ###
The Cookiebot solution also includes an automatically updated cookie declaration about the cookies in use on your site.
By implementing it, you ensure that your cookie declaration is specific and accurate at all times, as required by the GDPR. Also, the declaration automatically provides the mandatory options for the user to change or withdraw consent.
For CCPA compliance, businesses will be able to display the CCPA required **Do Not Sell My Personal Information** link on their cookie declaration.
By default, the cookie declaration is displayed in the chosen Cookiebot language. You are able to override this setting with a "lang" attribute in the shortcode. Eg.: [cookie_declaration lang="de"] for a German version. Remember to add all used languages in the [Cookiebot Manager](https://manage.cookiebot.com).
### Cookie-checker: What cookies are in use on my site? ###
If you are in doubt about what cookies are in use on our site, you can start by trying our free compliance test:
**[Test my site](https://www.cookiebot.com/)**
The test scans up to five pages of your website and sends you a complete report of the cookies and online tracking on these pages, including information on their provenance, purpose and whether or not they are compliant with EU-legislation.
If you want a complete overview of the cookies and online tracking going on on all of your website, sign up to the Cookiebot solution.
### What is the GDPR and the ePrivacy Directive? ###
See the [EU homepage of the GDPR](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679) for more information, and their infographic for businesses: [Data Protection: Better rules for small businesses](http://ec.europa.eu/justice/smedataprotect/index_en.htm)
The ePrivacy Directive is another legal instrument of the EU that specifically aims to protect EU citizens’ online data such as data from online communication. It is in the process of becoming an actual Regulation such as the GDPR, which will probably happen in 2020.
### What is the CCPA? ###
The California Consumer Privacy Act (CCPA) is a state-wide law that regulates how businesses all over the world are allowed to handle the personal information of California residents.
You are liable for CCPA compliance if your business:
* Sells the personal information of more than 50,000 California residents per year,
* Has an annual gross revenue exceeding $25 million,
* Derives more than 50 percent of its annual revenue from the selling of personal information of California residents.
Cookies and other tracking technologies are classified as unique identifiers that form part of the CCPA’s definition of personal information.
If your business has a website, you must know and disclose to consumers, at or before the point of collection, the data you collect and which third parties you share it with. This can be done through the Cookiebot cookie declaration that also features the required Do Not Sell My Personal Information link, so end-users can opt out of having their data sold.
If your website is visited by consumers under the age of 16, you are required by the CCPA to first obtain their opt-in. This can be done through Cookiebot’s CCPA opt-in banner.
### How do I make other plugins support Cookiebot? ###
If your favourite plugin doesn't support Cookiebot you are always welcome to ask the author to add support for Cookiebot.
Send an e-mail to the author of the plugin you want to support Cookiebot. Ask for adding support for Cookiebot. Cookiebot provides a helper function to check if there is an active, working version of Cookiebot on the website.
The easiest way for a developer to implement Cookiebot support is following to add a check for Cookiebot where