To help your websites comply with relevant privacy and data protection legislation, our site frameworks implement a standard cookie consent prompt. The prompt is supported by all of our website themes, and allows you to explain the cookies that your site uses, and for site visitors to opt-in to the cookies that get set.
See Cookies Set by GOSS Sites and Products for a list of the cookies our sites set.
Content of the prompt is taken from an article using the Cookie Policy template. This article is picked in your subsite configuration and users can visit the article directly to change their preferences.
The cookie prompt operates in two modes, a compact Banner and extended Dialog.
Note that you should only create one article using this template per subsite.
Dialog (extended) Behaviour
In this mode, when someone visits your website for the first time, the cookie consent prompt is displayed and the rest of the page cannot be interacted with. No cookies are set until the user accepts or rejects cookies, at which point the dialog closes, a cookie is set to record their preferences, and the site can be browsed as normal.
Dismissing the Dialog
The dialog closes when a user either accepts or rejects all cookies, or makes category choices then presses the save button. The text of these buttons is set in the article extras.
Once dismissed a prompt remains visible on the page:
Opening the banner and updating consent will add or remove cookies to reflect the user's new preferences.
Banner (compact) Behaviour
In this mode a banner is displayed at the top of the page. Users are free to ignore it and use the site as normal. No cookies are set until the user accepts or rejects cookies, at which point the banner closes and a cookie is set to record their preferences.
The link to "Set cookie preferences" takes the user to the Cookie Policy article. In this mode we recommend putting a link to the Cookie Policy article in one of site menus, in either the header or footer, so that it can be accessed on every page.
Common Behaviour
In both modes users have the option to accept or reject all cookies, or to allow certain categories of cookie, based upon the options you have configured in the article extras.
By default cookies expire after 90 days. You can change this in the Cookie Policy article extras. Once this time has elapsed a user will have to set their preferences again.
Title and Description
The consent prompt title is set in the article extras. The default is "This website uses cookies". You can add text beneath the title using the "Consent prompt" text block.
Accept All/Reject Additional
These buttons will either accept all or reject additional cookies that are not deemed necessary. The banner will then close and the user can browse your site. You can set the text for these buttons in the article extras.
Both options set a cookie, called
Necessary Cookies
Some cookies are necessary because they are needed to provide a service. Without these cookies parts of the website would not work. ICO Cookie Guidance (opens new window) gives the examples of security, shopping baskets, and cookies that help deliver data protection law. Necessary cookies set by our sites include the cookie set by the cookie banner, and a cookie set when someone logs into your site.
The title of this section is set in the article extras. Enter the text you would like to appear here in the "Necessary Summary" text block.
Cookie Categories
Rather than accepting or rejecting all non-necessary cookies, users can opt-in to different categories of cookie. The three categories are set up in your Cookie Policy article.
To enable a category, expand the relevant section in the article extras and choose "Include this category". You can set the title for each category and the text of the on/off buttons in the article extras. The text beneath a title is set in the corresponding article text block.
Analytics Cookies
Accepting analytics cookies sets the
Our standard sites all support Google Analytics, so we have made changes to the standard analytics scripts used by the sites that will check for consent before setting cookies and sending data to Google Analytics. It's also possible to inject Google Analytics into pages using Google Tag Manager - the banner will block the Google Analytics tag type if a user has opted out of analytics cookies. For this to work make you'll need to add both the GA4 measurement ID and your Tag Manager ID in your Subsite Configuration.
Tag Manager itself isn't blocked by the banner so you should make sure that any tags you use don't set third party cookies.
Social Media Cookies
Accepting social media cookies sets the
Advertising Cookies
Accepting social media cookies sets the
Cookie Policy Article
When viewing the cookie policy article, the article heading, introductory text and article body are displayed in the same way as articles using the Default template. The text and buttons present in the banner are arranged in a table beneath the main article text.
Setting Up the Article
Create an article using the Cookie Policy template. You might like to add it to the menu that appears in your website footer. We recommend creating a Cookie Policy article for each of your subsites.
Complete the article extras and additional text blocks using the descriptions above as guidance. Remember that users will be able to view this article directly by following the cookie policy link in the banner.
Cookie Providers
If you enable the cookie category options in the article extras you must also set which third party providers should be controlled by each category by selecting them in the relevant list boxes.
The providers you can choose from are the most common ones currently in use by our sites. Each provider should only be assigned to a single category. The products we have developed that incorporate these providers into our sites will check these categories and whether a user has given consent for the use of cookies, before cookies are set.
Additional Providers
Providers are created and registered by your website framework - it's the website framework that ultimately blocks or sets the cookies. To add new providers, relevant code will have to be written into the website code base. If there are new providers you need to control via the cookie banner, let us know.
Subsite Configuration
To enable the cookie banner select the Cookie Policy article using the "Cookie Policy" article picker in the subsite configuration. If you don't pick an article, the banner won't appear.
Article Extras
Name | Type | Description |
---|---|---|
COOKIECONSENTDAYS | Number Input | The number of days after which the cookies set by the banner expire and users will have to reconfirm their consent |
COOKIESETTINGSTITLE | Text Input | The title that appears at the top of the banner |
COOKIESAVETEXT | Text Input | The text of the "save preferences" button |
CONSENTSUPDATEDMESSAGE | Text Input | The message displayed when preferences are set |
COOKIENECESSARYTITLE | Text Input | The title that appears above the "Necessary Summary" text block |
ANALYTICSCATEGORYINCLUDE SOCIALMEDIACATEGORYINCLUDE ADVERTISINGCATEGORYINCLUDE | Drop-down | Enable the relevant cookie category panels |
ANALYTICSCATEGORYTITLE SOCIALMEDIACATEGORYTITLE ADVERTISINGCATEGORYTITLE | Text Input | The title of the panels that appears above the category text blocks |
ANALYTICSCATEGORYPROVIDERS SOCIALMEDIACATEGORYPROVIDERS ADVERTISINGCATEGORYPROVIDERS | List Box | Pick the third party providers that will be controlled by this category |
ANALYTICSCATEGORYONLABEL SOCIALMEDIACATEGORYONLABEL ADVERTISINGCATEGORYONLABEL | Text Input | The "on" button |
ANALYTICSCATEGORYOFFLABEL SOCIALMEDIACATEGORYOFFLABEL ADVERTISINGCATEGORYOFFLABEL | Text Input | The "off" button |
CONSENTPROMPTTYPE | Drop-down | Choose the mode the prompt will use |
CONSENTPROMPTTITLE | Text Input | The title to be displayed as part of the consent prompt |
COOKIEACCEPTALL | Text Input | The text of the "accept all" button |
COOKIEREJECTALL | Text Input | The text of the "reject all" button |
COMPACTSETPREFERENCESTEXT | Text Input | The text of the 'set preferences' link displayed when the prompt type is set to 'Banner (compact)' |
COMPACTCHANGEPREFERENCESTEXT | Text Input | The text of the 'change preferences' link displayed when the prompt type is set to 'Banner (compact)' |
COOKIEOPENBANNERTEXT | Text Input | Once the dialog has closed this text appears on the button to reopen it |
CONSENTPROMPTSAVEBUTTONTEXT | Text Input | The "save and close" button text |
Script Inlines - Consent Checking Example
It is possible to embed third-party content into your site using script inlines. If you do this, you'll need to change your embed scripts so that they check for consent before setting cookies.
This example looks at how to do that with a Site Improve script.
Standard Script
The standard script provided by Site Improve looks like this:
<script>
var sz = document.createElement('script');
sz.type = 'text/javascript';
sz.async = true;
sz.src = '//siteimproveanalytics.com/js/siteanalyze_[YOUR_ID].js';
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(sz, s);
</script>
Checking for Consent
To convert this into a snippet that doesn't load unless the user has given consent, wrap it in our cookie policy OnConsentListener function:
gi.cookiepolicy.addOnConsentListener();
The script above becomes:
<script>
$(document).ready(function(){
window.gi.cookiepolicy.addOnConsentListener('Site Improve', function() {
console.log('User has consented, so we can now load Site Improve');
var sz = document.createElement('script');
sz.type = 'text/javascript';
sz.async = true;
sz.src = '//siteimproveanalytics.com/js/siteanalyze_[YOUR_ID].js';
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(sz, s);
});
});
</script>