PrivacyProof · How-to

How to comply with GDPR privacy & cookie consent

GDPR + the cookie rules require a clear privacy policy, lawful opt-in for non-essential cookies, and a way for people to exercise their data rights. Check yours in 60 seconds.

Step by step

Work through these — each is a place compliance is won or lost. PrivacyProof's checker verifies every one for you in about a minute.

  1. Do you have a published privacy policy?
  2. Non-essential cookies (analytics/ads) load…
  3. Can visitors reject cookies as easily as accept?
  4. Is there a route to access/delete/correct data?
  5. Do you state a lawful basis for processing?
  6. Do you disclose third parties / processors?
  7. Is there a privacy contact (and EU/UK rep if needed)?

The fast way

🪿 Don't do it by hand. The free PrivacyProof checker walks you through each step, flags exactly what's missing, and Clause drafts the fix for you — then re-check until you're clear. No signup, runs in your browser.

What's at stake if you skip it

⚠️ Exposure: up to €20M or 4% of global turnover (Art. 83) · Status: In force. Every rule's penalty →

The source

RuleGoose checks this against the EU GDPR (Reg. (EU) 2016/679), UK GDPR + ePrivacy/cookie rules. Read it yourself: EUR-Lex — Regulation (EU) 2016/679 →

Check your GDPR privacy & cookie consent compliance — free.
See exactly which steps you've missed and draft the fix in about a minute. Run the PrivacyProof checker →

or read the full GDPR privacy & cookie consent guide, or get one RuleGoose Score across every rule.

Informational only, not legal advice, and not affiliated with the EU. Last reviewed 2026-06-30.