Home / Website Legal Templates / Cookie Policy Template

Cookie Policy Template

(UK PECR & GDPR)

Step-by-step guidance through cookie policy requirements, comprehensive template sections, automated cookie tables, and user preference controls.

Structured following UK GDPR and PECR requirements for England and Wales.

Download a professionally drafted cookie policy template for UK websites and online businesses. Also known as a cookie notice, cookie consent policy, or cookie disclosure. Covers cookie categories, consent mechanisms, third-party cookies, analytics tracking, advertising cookies, and user preference controls. Structured following UK GDPR and the Privacy and Electronic Communications Regulations 2003 (PECR) requirements for England and Wales.

One-time payment: £20
✓ Lifetime access • ✓ Lifetime updates • ✓ Fully editable • ✓ Based on UK law • ✓ Instant download
✅ 30-day money-back guarantee*
Build your policy first — preview every section before purchase. Only pay when you're happy.
Interview and editor — both included with your purchase.
📖 Need help?

Choose your method below to get started.

🎯 Two creation methods — same professional document

Whether you prefer step-by-step guidance or a traditional form, both methods produce the identical professionally-formatted cookie policy. Choose the style that suits you.

Recommended

Smart Interview

One screen at a time — less overwhelming, nothing missed.

Completion Time
~8 min
📋

Classic Form

Everything on one page — faster if you know what you need.

Completion Time
~5 min

🔒 Your data never leaves your device — saved locally in your browser only

♻️ Unlimited use — generate cookie policies for every website and project

📦 Save 40%: Get all 5 Legal & Compliance templates for £60

View Bundles →

Who Needs a Cookie Policy?

Required by UK PECR for any website using cookies — from simple analytics to complex advertising tracking.

🌐
Website Owners
Analytics • Session cookies • Preferences
🛒
E-commerce Sites
Shopping carts • Payment • Personalisation
📊
Marketing Sites
Ad tracking • Retargeting • Conversion
📝
Blogs & Publishers
Analytics • Social sharing • Comments
📱
Web Apps
Authentication • Sessions • User preferences
🏢
Business Websites
Contact forms • Live chat • CRM integration
🎨
Portfolio Sites
Analytics • Video embeds • Social links
💰
Affiliate Sites
Tracking cookies • Commission • Attribution
UK PECR

Cookie Policy Requirements

What UK law requires you to tell users about cookies

🍪

Cookie Categories

Explain the different types of cookies you use — essential, functional, analytics, and advertising.

🎯

Cookie Purposes

Describe why each cookie is used and what data it collects or stores.

⚙️

User Controls

Explain how users can manage, disable, or delete cookies from their browsers.

UK cookie law under PECR and UK GDPR requires websites to clearly explain what cookies are used, why they are used, how users can control them, and which third parties receive cookie data — non-compliance can result in ICO enforcement action.▼ Tap below to read more

📋

What Must a Cookie Policy Include?

UK PECR (Privacy and Electronic Communications Regulations) requires clear information about cookies. Combined with UK GDPR requirements for personal data, your cookie policy must cover:

Required Information:

  • What cookies you use: List each cookie by name
  • Cookie categories: Essential, functional, analytics, advertising
  • Purpose of each cookie: Why it's needed and what it does
  • First vs third-party: Whether you or others set the cookie
  • Cookie duration: Session cookies vs persistent (with expiry times)
  • Third-party services: Google Analytics, Facebook Pixel, etc.
  • Data collected: What information cookies store or access
  • How to control cookies: Browser settings and opt-out options
  • Consent mechanism: How users accept or reject non-essential cookies
  • Policy updates: How changes are communicated

Our template guides you through each requirement with clear explanations.

Cookies fall into four categories under UK GDPR — strictly necessary, functional, analytics, and advertising — each with different consent requirements, and only strictly necessary cookies can be set without prior user consent.▼ Tap below to read more

⚠️

Cookie Categories Explained

Essential / Strictly Necessary:

  • Required for the website to function
  • Don't require consent (but must be disclosed)
  • Examples: login sessions, shopping carts, security tokens

Functional / Preference:

  • Remember user choices and preferences
  • Require consent before setting
  • Examples: language settings, region, display preferences

Analytics / Performance:

  • Collect anonymous data about site usage
  • Require consent before setting
  • Examples: Google Analytics, Hotjar, site statistics

Advertising / Marketing:

  • Track users across sites for targeted advertising
  • Require explicit consent before setting
  • Examples: Facebook Pixel, Google Ads, retargeting pixels

Only essential cookies can be set without consent — all others need user permission first.

This cookie policy template covers cookie categories and purposes, consent mechanisms, third-party cookie disclosures, analytics and tracking cookies, advertising cookies, cookie duration and expiry, user preference controls, and ICO compliance requirements.▼ Tap below to read more

🎯

What's Included in Our Template

Comprehensive Cookie Policy Coverage:

  • ✓ Introduction and what cookies are
  • ✓ Your organisation details
  • ✓ Essential cookies section
  • ✓ Functional cookies section
  • ✓ Analytics cookies section
  • ✓ Advertising/marketing cookies section
  • ✓ Third-party cookies and services
  • ✓ Cookie table with names, purposes, and durations
  • ✓ How to manage cookies (browser instructions)
  • ✓ Cookie consent explanation
  • ✓ Changes to the policy
  • ✓ Contact information
  • ✓ Link to privacy policy

Related documents: Websites typically also need Privacy Policy, Terms & Conditions, and Data Processing Agreement.

Common cookie policy mistakes include setting analytics cookies before consent, failing to list all third-party cookies, using pre-ticked consent boxes, not providing a genuine reject option, and copying American cookie notices that do not meet UK GDPR and PECR requirements.▼ Tap below to read more

Common Cookie Policy Mistakes

Mistakes That Put You at Risk:

  • Setting cookies before consent: Non-essential cookies must not load until user accepts — this is the most common violation
  • "Accept only" banners: Users must have a genuine choice to reject non-essential cookies, not just accept
  • Pre-ticked boxes: Consent must be actively given — pre-selected options don't count
  • Vague cookie descriptions: "We use cookies to improve your experience" isn't specific enough
  • Missing third-party cookies: Not disclosing Google Analytics, Facebook Pixel, or advertising cookies
  • No cookie table: Users should see a clear list of cookies with names and purposes
  • Cookie walls: Blocking access unless users accept all cookies is problematic
  • No way to change consent: Users must be able to withdraw consent as easily as they gave it

Our template helps you create a policy with proper structure and clear language.

🔗 Official ICO & Government Resources
🍪 ICO: Cookies Guidance 📘 ICO: Guide to PECR ICO: Cookie FAQs ⚖️ PECR Legislation

Frequently Asked Questions

Is a cookie policy legally required in the UK?

Yes. Under the Privacy and Electronic Communications Regulations (PECR) and UK GDPR, websites must inform users about cookies and obtain consent before setting non-essential cookies.

This applies to all UK websites regardless of size.

What's the difference between a cookie policy and cookie consent?

A cookie policy is a document explaining what cookies you use and why.

Cookie consent is the mechanism (usually a banner or popup) that asks users for permission before setting non-essential cookies.

You need both to be compliant — the policy explains, the consent asks permission.

Do I need a cookie policy if I only use essential cookies?

Yes, you still need to inform users about the cookies you use.

Essential cookies (strictly necessary for the website to function) don't require consent — but you must still explain what they do in your cookie policy.

Do I need a cookie policy for Google Analytics?

Yes. Google Analytics sets cookies that track user behaviour, which requires both a cookie policy explaining what data is collected and explicit user consent before the cookies are set.

You need a cookie consent banner that allows users to accept or reject analytics cookies.

What's the penalty for not having a cookie policy?

The ICO can issue fines up to £500,000 for PECR breaches (cookie rules).

For GDPR breaches related to cookie data, fines can reach £17.5 million or 4% of turnover.

Most enforcement focuses on consent mechanisms rather than the policy itself, but both are required.

What if UK cookie law changes after I purchase?

You receive free lifetime updates — no subscription required, no monthly fees, ever.

We monitor ICO guidance and UK cookie law changes. When we release an updated version, it appears free in your My Templates page. No extra charges. No recurring fees.

Is this really £20 one-time, or will I be charged monthly?

£20 one-time. That's it. No subscriptions, no recurring fees, no "free trial" traps.

Here's what we don't do: Other sites advertise "free templates" — you spend 15 minutes filling one in, then they demand your card for a "free trial" that charges £35–£42/month when you forget to cancel. Worse, many are US-based and don't cover UK PECR requirements. (Read about the scam)

We're different: £20 upfront for the document you actually need. Build it, preview it, pay only when you're happy. Own it forever with free lifetime updates. Based on UK law. No subscription fatigue.

Related Website Legal Documents

Privacy Policy

Explains what personal data you collect, how you use it, storage duration, user rights, and compliance with UK GDPR regulations.

£20

Terms & Conditions

Sets out your website's legal terms, user obligations, liability limitations, dispute resolution, and cancellation policies.

£20

Data Processing Agreement

Legally required contract when you use service providers to process personal data on your behalf under UK GDPR.

£20

NDA Template

Protects confidential business information when sharing sensitive details with employees, partners, or prospective investors.

£20

Not sure where to start?

Start building — we'll guide you
No legal knowledge needed. Simple questions, plain English — the template does the hard work.
📋
Classic editor — I know what I need
All fields on one page. Faster if you're comfortable with the details.
📖
Learn about Cookie Policies first
Understand the legal requirements, then come back and build.

30-Day Money-Back Guarantee

We stand behind every template we sell. If something's technically wrong, we'll make it right.

You're Covered If:

  • File is corrupted or won't open
  • Missing content described on product page
  • Technical errors prevent use as described
  • File format incompatibility that prevents editing

Why you probably won't need this: You can preview the full template with watermark before purchase – so you'll know exactly what you're getting.

Bought the Wrong Template?

Mistakes happen – we get it. Within 30 days, here's how we can help:

Template Swap: We'll cancel your original and issue a different template of equal or lesser value.

Store Credit: Full purchase amount to use on any template. Never expires.

Offered at our discretion for genuine mistakes – we reserve the right to decline repeat or unreasonable requests.

How to Request:

Email [email protected] within 30 days with your order number.

We aim to respond within 2 business days. Approved refunds processed within 5 business days.