Rules

The EU institution must adequately inform users and obtain their consent before setting cookies and any other technology falling within the scope of Article 5(3) of the ePrivacy directive. By default, none of those cookies must be set.

If a website uses site-specific cookies, it requires a dedicated cookie notice page (it must not simply link to the general cookie notice page), listing all first- and third-party cookies with information on their purpose, type of data collected, stored or transmitted by cookies, data retention period, and their legal basis. The page must also provide means for consent management.

Exemptions on Europa

In line with Article 5(3) of the ePrivacy Directive, consent is not required for technical storage or access of the following cookies:

Examples of cookies that generally do NOT require consent:

Procedures

These procedures are dedicated to external and internal developers and web masters of the European institutions. Consequently, features documented below are tailored to the European Commission's content management systems and internal guidelines.

Implementing user consent should be done by implementing the Cookie Consent Kit.

The cookie consent solution is a JavaScript‑based kit that, after some site‑specific configuration, will automatically add a header banner to the page. This header banner will disappear once the user has accepted or refused the cookies used on the website.
This solution provides the following functionalities:

References

Directive 2009/136/EC (ePrivacy Directive)

Regulation (EU) 2018/1725 (Data protection regulation for EU institutions)

EDPS Guidelines on the protection of personal data processed through web services provided by EU institutions

Documentation Cookie Consent Kit

Contact and support

If you require further assistance, please contact:

Comm Europa Management

European Commission
DG Communication 
Unit B.3 
Europa Web Communication