Cookie banners, tracking, consent mode, warning-letter risks: the key topics, clear and jargon-free.
What a cookie banner must look like in 2026 to be legally sound across the EU: "Reject all" on the first level, no dark patterns, trackers only after consent.
Read →What is Google Consent Mode v2, is it mandatory and how do you set it up in compliance with the GDPR? Clearly explained for agencies and website operators.
Read →Why trackers that fire before consent are the biggest legal risk under the ePrivacy Directive and the GDPR — and how you as an agency can protect yourself and your clients.
Read →Cookiebot, Usercentrics & Co. become more expensive with every customer. When an alternative is worthwhile for agencies - and what you should look out for.
Read →What's important when it comes to data protection for Shopify and WordPress websites: trackers, plugins, cookie banners and the typical pitfalls.
Read →Are you looking for an alternative to Usercentrics/Cookiebot? Comparison of options for web agencies - incl. multi-client cockpit, tracker scanner and automatic privacy policy from €49/month.
Read →Webflow's native consent solution does not reliably block trackers before consent is given. How to make a Webflow page GDPR-compliant - with pre-consent blocking, privacy policy and tracker scan.
Read →OneTrust is powerful, but often oversized and expensive for agencies and SMEs. The lean alternative with cookie banner, automatic privacy policy, tracker scanner and multi-client cockpit - from €49/month.
Read →CookieFirst provides a good cookie banner - but no privacy policy and only a basic scan. The alternative bundles banner, growing privacy text, tracker scanner and multi-client cockpit from €49/month.
Read →Borlabs Cookie is a good WordPress plugin - but WordPress-only and without a privacy policy. The alternative runs on any CMS, blocks trackers before consent and automatically creates the privacy policy text. From €49/month.
Read →GA4 is not automatically GDPR-compliant. The essentials: consent BEFORE loading, Consent Mode v2, a data processing agreement with Google. The checklist for agencies across the EU.
Read →Dynamically loaded Google Fonts transmit the IP address to Google - without consent, a warning can be issued. How to embed fonts locally in a legally compliant way.
Read →reCAPTCHA transfers data to Google, often as soon as it is loaded. When consent is required and what data protection-friendly alternatives are available.
Read →The meta pixel shares visitor data with Facebook - without consent, a clear warning can be issued. What agencies need for legally compliant conversion tracking.
Read →ChatGPT in business: when it is GDPR-compliant, what you need to look out for when making entries and why the free version can be risky
Read →An embedded Google Maps map loads data from Google and sets cookies - problematic without consent. How to embed maps in a legally compliant way.
Read →A normal YouTube embed sets tracking cookies before the video runs. How to embed videos in a legally compliant way: nocookie domain plus consent/two-click.
Read →Calendly is a US service that transfers data and sets cookies. What you need for legally compliant integration - and EU alternatives.
Read →Mailchimp is based in the USA. Can be used with an AV contract, double opt-in and transparency - or as an EU alternative. The points for agencies.
Read →HubSpot sets tracking cookies and transfers data to the USA. Can be used with an AV contract, consent for tracking and correct configuration.
Read →M365 and Copilot can be operated in compliance with data protection regulations - with an AV contract (DPA), EU Data Boundary and clear Copilot rules. What counts.
Read →Hotjar records user behaviour (heatmaps, recordings) - particularly sensitive. Mandatory: consent before loading, masking, AV contract.
Read →Canva can be used as a business tool - with an AV contract and caution with personal data in uploads. The most important points for teams.
Read →Check your website for GDPR risks free of charge: Which trackers fire before consent? Cookie banner, privacy policy, SSL - in 5 minutes, without registration.
Read →CCM19 is a strong German consent tool. For agencies, however, it lacks a privacy policy that grows with the company and an ongoing consent scan. The 2026 comparison.
Read →consentmanager is a powerful CMP with IAB TCF and Crawler. It is expensive for agencies with many customer sites. BlueOcean: Banner, AI privacy policy and scanner from €49.
Read →Complianty monitors customer websites closely. But monitoring alone doesn't fix a breach. Why BlueOcean Privacy AI solves the problem in the same stack.
Read →Is a cookie banner mandatory? Yes, as soon as non-essential cookies or trackers run (ePrivacy Directive Art. 5(3), GDPR). When it is not required across the EU - and what a legally compliant banner must be able to do.
Read →Warning costs, damages and the risk of fines for cookie and data protection violations - realistically categorised, plus how to avoid warnings from the outset.
Read →