We use cookies
Enhance your experience
Cookie preferences
Manage your settings
We use cookies
Analyze our traffic
Cookie Policy Template
GDPR, CCPA & Canadian Compliant
Free cookie policy templates you can copy and customize. Covers GDPR, CCPA, PIPEDA & Quebec Law 25.
What a Cookie Policy Must Include
Every cookie policy needs these six sections to meet GDPR, CCPA, PIPEDA, and Law 25 requirements.
What Cookies Are
A clear definition of cookies and similar tracking technologies (pixels, web beacons, local storage) in plain language your visitors can understand.
What Cookies Your Site Uses
A breakdown by category — essential cookies (login, security), analytics cookies (Google Analytics), and marketing cookies (ad retargeting, social pixels).
Why You Use Cookies
The specific purposes for each cookie category — site functionality, traffic analysis, personalized advertising, or fraud prevention.
How Users Can Manage Cookies
Instructions for accepting or rejecting cookies through your cookie banner, browser settings, and any opt-out mechanisms you provide.
Third-Party Cookies
Disclosure of any cookies set by third parties — Google Analytics, Facebook Pixel, YouTube embeds, Stripe — with links to their privacy policies.
How to Contact You
Your company name, email address, and privacy officer contact (required by PIPEDA and Law 25). Visitors must be able to reach you with questions.
Cookie Policy Template
Copy this template and customize it for your website
Note: This is a general template. Customize it for your specific website and consult legal counsel for your jurisdiction.
Cookie Policy
Last updated: [Date]
This Cookie Policy explains how [Your Company Name] ("we," "us," or "our") uses cookies and similar tracking technologies when you visit our website [yourwebsite.com]. It explains what these technologies are, why we use them, and your rights to control our use of them.
1. What Are Cookies
Cookies are small text files that are placed on your device (computer, tablet, or mobile) when you visit a website. They are widely used to make websites work efficiently, provide a better user experience, and give website owners useful information. Cookies can be "first-party" (set by us) or "third-party" (set by external services we use).
2. How We Use Cookies
We use the following categories of cookies on our website:
| Category | Purpose | Examples | Consent |
|---|---|---|---|
| Essential Cookies | Session management, security, load balancing | Session ID, CSRF token, login state | Always active |
| Analytics Cookies | Page views, traffic sources, user behavior analysis | Google Analytics (_ga, _gid) | Require consent |
| Marketing Cookies | Ad retargeting, conversion tracking, social media integration | Facebook Pixel (_fbp), Google Ads (gclid) | Require consent |
3. Your Choices
You can manage your cookie preferences in the following ways:
- Cookie banner: When you first visit our site, you can accept or reject non-essential cookies through our consent banner. You can change your preferences at any time by clicking the cookie settings icon.
- Browser settings: Most browsers allow you to block or delete cookies through their settings. Note that blocking essential cookies may affect site functionality.
- Opt-out links: For specific third-party cookies, you can use the opt-out mechanisms provided by those services (see Section 4).
4. Third-Party Cookies
We use the following third-party services that may set cookies on your device:
- Google Analytics — Website traffic analysis. [Privacy Policy: https://policies.google.com/privacy]
- Facebook/Meta Pixel — Advertising and conversion tracking. [Privacy Policy: https://www.facebook.com/privacy/policy]
- [Other services you use] — [Purpose]. [Privacy Policy URL]
5. Cookie Policy Updates
We may update this Cookie Policy from time to time to reflect changes in the cookies we use, changes in technology, or changes in applicable laws. When we make material changes, we will update the "Last updated" date at the top of this policy and, where appropriate, notify you through our cookie banner.
6. Contact Us
If you have questions about our use of cookies, please contact us:
- Company: [Your Company Name]
- Email: [Your Email Address]
- Privacy Officer: [Name and Contact, if applicable]
Cookie Policy by Jurisdiction
Each privacy law has specific requirements for what your cookie policy must include
GDPR (EU/EEA)
- Must list all cookies, their purposes, duration, and whether they are first or third party
- Must explain the legal basis for processing (consent or legitimate interest)
- Must provide a link to manage consent preferences at any time
- Non-essential cookies must be blocked until the user gives explicit opt-in consent
CCPA (California)
- Must disclose the categories of personal information collected through cookies
- Must include "Do Not Sell or Share My Personal Information" instructions
- Must describe consumer rights: right to know, delete, and opt out
- Must identify categories of third parties who receive cookie data
PIPEDA (Canada)
- Must explain what information is collected through cookies and why
- Must describe the consent process and how users can withdraw consent
- Must name your organization's privacy officer and provide contact details
- Must explain how personal information is protected and how long it is retained
Law 25 (Quebec)
- Includes all PIPEDA requirements plus stricter consent and transparency rules
- Must be available in French for Quebec residents
- Must describe privacy impact assessment if applicable to your data processing
- Must provide a clear mechanism for users to withdraw consent at any time
Pair Your Policy With a Cookie Banner
A cookie policy without a cookie banner is incomplete — you need both. Your cookie policy explains what cookies you use, but a cookie banner is what actually collects consent from your visitors.
Our free cookie banner generator automatically creates a compliant banner that links to your cookie policy, blocks non-essential cookies until consent is given, and logs every consent transaction for your records. It works with GDPR, CCPA, PIPEDA, and Law 25 out of the box.
Cookie Policy FAQ
Common questions about cookie policies and compliance
Do I need a cookie policy?
Yes, if your website uses cookies — and almost all websites do. The GDPR, CCPA, PIPEDA, and Quebec Law 25 all require you to inform visitors about what cookies you use, why you use them, and how they can opt out. A cookie policy is the standard way to meet this requirement.
Is a cookie policy the same as a privacy policy?
No. A privacy policy covers all personal data processing (forms, accounts, emails, etc.), while a cookie policy specifically addresses cookies and tracking technologies on your website. Many businesses include cookie details in their privacy policy, but a separate cookie policy is clearer and easier for visitors to find — and some regulations recommend or require it.
What's the difference between a cookie policy and a cookie banner?
A cookie banner is the pop-up or bar that appears on your website asking visitors to accept or reject cookies. A cookie policy is the full document explaining what cookies you use, why, and how visitors can manage them. You need both — the banner collects consent, and the policy provides the detailed disclosure. Your banner should link to your cookie policy.
How often should I update my cookie policy?
You should update your cookie policy whenever you add or remove cookies, change tracking tools (e.g., switching analytics providers), or when privacy laws change. As a best practice, review your cookie policy at least every 6 months. Run a cookie scan on your site to check for new or unknown cookies.
Do I need a separate cookie policy for each country?
No, you don't need separate policies per country, but your single cookie policy must cover the requirements of every jurisdiction where you have visitors. This template covers GDPR (EU), CCPA (California), PIPEDA (Canada), and Law 25 (Quebec). If you serve visitors from Quebec, you should also provide a French version.
Can I use this template for free?
Yes, this template is completely free to use. Copy it, customize it with your company details and cookie information, and publish it on your website. However, this is a general template — we recommend consulting with a legal professional to ensure it meets the specific requirements of your business and jurisdiction.
Ready to Get Started?
Start free with no credit card required. Upgrade to Pro for a one-time $99 payment — no subscriptions, no hidden fees.
Start free, upgrade when you're ready. See pricing details