GDPR & CCPA compliant out of the box

One script tag. Cookie consent handled.

Add a single line to your site and get a cookie banner that covers GDPR and CCPA. $5/mo. That's it.

Get StartedSee How It Works
your-site.html
<head>
<script src="cookieflag.com/api/banner/abc123" defer />
</head>

Why it matters

Privacy laws apply to your site too

If your website uses cookies — analytics, ads, embedded videos — regulations like GDPR and CCPA require you to get visitor consent before those cookies load. Most small sites aren't compliant.

GDPR covers more than the EU

If anyone from Europe visits your site, GDPR applies — regardless of where your business is based.

CCPA protects California visitors

California's privacy law gives visitors the right to opt out of data collection. That includes cookies.

Non-compliance has real consequences

Regulators issue fines, and platforms like Google Ads require proof of consent to serve ads in the EU.

How it works

Three steps. Two minutes.

1

Customize

Pick your colors and text. Make it match your site.

2

Copy

Grab the script tag we generate for you.

3

Paste

Add it to your site's <head>. The banner handles the rest.

Works with any platform

WordPress Shopify Squarespace Wix Any HTML site

If it has a <head> tag, CookieFlag works with it.

Features

What you get

GDPR & CCPA Compliant

Covers EU and US privacy requirements. No legal expertise needed.

Actually Blocks Trackers

Analytics, ads, and third-party scripts stay off until your visitor opts in.

Under 15KB

Won't slow down your site or hurt your Core Web Vitals.

Stays Up to Date

When privacy laws change, the banner updates automatically.

Google Consent Mode v2

Signals consent status to Google Analytics and Ads automatically. Required for EU ad personalization.

Granular Cookie Categories

Visitors choose what they allow — necessary, analytics, or marketing. Full control, no all-or-nothing.

How we compare

Cookie consent without the bloat

Most consent tools are built for enterprise compliance teams. CookieFlag is built for people who just need a banner that works.

Typical consent toolCookieFlag
Setup time30+ minutes of configuration2 minutes — paste one script tag
Pricing$10–50/mo, per-pageview tiers$5/mo flat
Script size50–200KBUnder 15KB
Blocks trackers before consentSometimesAlways
Customizable designLimited unless you pay moreColors, text, and position included
Google Consent Mode v2Paid add-on or enterprise onlyBuilt in
ContractsAnnual plans, cancellation feesCancel anytime, no contracts

Is it right for you?

Built for small sites. Not enterprise.

CookieFlag is for you if

  • You run a personal site, blog, portfolio, or small business site
  • You need a cookie banner but don't want to become a privacy expert
  • You want a banner live in minutes, not hours
  • You use Google Analytics, ads, or other third-party scripts
  • You want simple pricing with no surprises

You might need something else if

  • You manage 50+ sites with different compliance policies
  • You need IAB TCF certification for programmatic ad networks
  • You need automated cookie scanning across thousands of pages
  • You need a full privacy platform with DPO dashboards and audit trails
  • You need compliance across 10+ regulatory frameworks (LGPD, POPIA, etc.)

Pricing

One plan. No gotchas.

Month-to-month. Cancel in two clicks. We don't do contracts.

CookieFlag

$5/mo

Everything included. No tiers, no upsells.

  • Customizable banner
  • GDPR & CCPA compliant
  • Script tag embed — one line of code
  • Auto-updates when laws change
  • Under 15KB — won't slow your site
  • Help when you need it

FAQ

Common questions

Does my site actually need a cookie banner?

If your site sets any non-essential cookies — Google Analytics, Facebook Pixel, embedded YouTube videos, ad scripts — then yes. GDPR requires consent before those cookies load for EU visitors, and CCPA gives California visitors the right to opt out.

What if all my visitors are in the US?

CCPA still applies if any visitors are from California. And many US states are passing their own privacy laws. A cookie banner now saves you from scrambling later.

What's the difference between GDPR and CCPA?

GDPR (EU) requires opt-in consent — cookies can't load until the visitor agrees. CCPA (California) requires opt-out — you can load cookies but must let visitors say no. CookieFlag handles both models automatically.

Will this slow down my site?

No. The script is under 15KB, loads asynchronously, and blocks third-party cookies from loading until consent is given — which actually makes your initial page load faster.

Do I need to list every cookie my site uses?

CookieFlag groups cookies into categories (necessary, analytics, marketing) so visitors can choose. You don't need to maintain a manual cookie inventory.

Does it work with Google Analytics and Google Ads?

Yes. CookieFlag includes Google Consent Mode v2, which signals your visitor's consent choices to Google automatically. Just place the CookieFlag script tag before your Google tags — no extra configuration needed.

Can I cancel anytime?

Yes. No contracts, no commitments. Cancel from your Stripe billing portal and your banner stops serving at the end of the billing period.