GDPR
EU Regulation 2016/679
€20,000,000
or 4% of global annual turnover - whichever is higher.
Applies to any organisation processing EU residents' data, regardless of where you're based.
Non-compliant cookie banners expose your business to fines of up to €20 million. I handle the full Cookiebot setup; audit, banner, consent re-opener, iframe overlays, cookie policy - everything your site legally needs. One-time fee for my work. No ongoing charges from me.
EU regulators are actively enforcing. Ignorance is not a defence - and fines are calculated on global revenue, not EU-only turnover.
EU Regulation 2016/679
Directive 2002/58/EC (Cookie Law)
Active DPAs across the EU
Compliance isn't just dropping a banner on the page. There are specific technical and legal elements that must be in place. Which ones apply to your site determines the scope - and the price.
The visible consent notice on first visit. It must clearly list cookie categories, never pre-tick anything, and make "Reject All" equally easy to reach as "Accept All." Burying the reject option is specifically targeted by regulators.
A persistent, always-accessible control; usually a floating button or footer link that lets users change their consent at any time, not just on first visit. Showing the banner once and hiding it is not legally sufficient.
The banner and cookie declaration must use purpose-based descriptions, identify the data controller, name third-party processors, and state retention periods. Generic or copy-pasted placeholder text does not pass regulatory scrutiny.
Regulators have explicitly called out banners that use low-contrast "Reject" buttons or confusing layouts to nudge users toward acceptance. WCAG AA contrast ratios are required for all interactive elements in the consent UI.
A dedicated page listing every cookie by name, category, purpose, and retention period - with links to third-party processors' own privacy policies. If you don't have one, I can create it as part of the service.
YouTube, Vimeo, Google Maps, social widgets - these set cookies on page load before any consent is given, unless blocked. An overlay placeholder must intercept each embed and only load it after the user explicitly consents.
Once we've agreed scope, here's exactly what happens and what I need from you.
You grant me temporary access to your CMS, hosting, or tag manager. I then crawl every page of your site - mapping all cookies, trackers, and third-party scripts, including those loaded conditionally by plugins or embed codes you may not know about.
Cookiebot is set up for your domain with cookie categories correctly mapped, consent expiry configured, and if your site uses IAB-registered ad vendors TCF v2.3 enabled. The configuration is reviewed and tested before anything touches your live site.
Banner built with correct legal wording, contrast-compliant design, and equal accept/reject prominence. Consent re-opener added as a persistent floating element. Iframe overlays applied to any embeds. If a cookie policy page is in scope, I create it at this stage.
The Cookiebot script is placed in your site's <head> - the correct
position to intercept all other scripts. For CMS-based sites I use the appropriate
plugin or template hook. For custom sites, I edit the source directly.
I test every consent journey: first visit, accept all, reject all, partial selection, re-opening preferences mid-session, and returning visitor behaviour. You receive a short summary of what was done, what Cookiebot's dashboard logs for you, and what to do if you add new third-party scripts in future.
My fee is a one-time charge for configuration and implementation - there is no ongoing cost from me. The price depends on which compliance elements your site needs.
Starts at £99 for simple brochure sites
Banner and consent widget styled to match your brand; colours, fonts, button radius. Default Cookiebot styling is functional but generic.
A complete, regulation-ready cookie policy page created for you, listing every cookie by name, category, purpose, and retention period, with third-party processor links.
Placeholder overlays applied to YouTube, Vimeo, Google Maps, and social embeds so they only load after the user explicitly consents to the relevant cookie category.
Required for sites using IAB-registered ad vendors (Google Ads, DV360, etc.). Enables the full Transparency & Consent Framework signal chain.
A manual audit document listing every cookie found, its classification, the legal basis applied, and the configuration decisions made. Useful for internal compliance records or Data Protection Officer sign-off.
Not sure what your site needs? Send me your URL and I'll give you an exact breakdown — no obligation.
Get a QuoteFill in the form and I'll reply within 1 business day with a tailored plan for your site.
The information you provide will be processed by Formspree. Learn more
Already have a development team? Use my Cookiebot affiliate link to get everything they will need - no setup service needed and Cookiebot will pay me for referral, so it's a win-win!
Prefer not to use the form? Email me at marcin@oleksiak.dev