21 Top Free JavaScript Libraries for GDPR-Compliant Cookie Management
A browser cookie is a small file of information that a web server generates and sends to your web browser.
What are cookies used for?
Here’s why they matter and how they’re used:
1. User Sessions:
Cookies associate website activity with a specific user. For instance, when you log in to a shopping website, a session cookie is created. It contains a unique string that matches your session with relevant data. As you browse different pages, the website recognizes you without requiring repeated logins.
2. Personalization:
Cookies help websites “remember” user actions or preferences. For example, if you log out of a shopping site, your username can be stored in a cookie. Next time you visit, it prompts you to log in with the same username.
3. Tracking:
Some cookies record your visited websites, aiding services like Google Analytics. Website owners use this data to understand visitor interactions and improve their sites.
What about GDPR!
The General Data Protection Regulation (GDPR), enacted in 2018, is a comprehensive policy designed to protect citizens of the European Union (EU) and the European Economic Area (EEA).
It consists of 99 Articles that unify data protection rules across Europe.
GDPR grants individuals the right to protect their personal data and outlines rules for businesses processing this information.
Compliance with GDPR is crucial for organizations within the EU and can also apply globally.
Key GDPR Protections:
- Consent: Obtain clear and informed consent from users before collecting their data.
- Data Subject Rights: Users have rights to access, rectify, and erase their data.
- Data Breach Notification: Organizations must report data breaches promptly.
- Privacy by Design: Implement privacy measures from the outset of any data processing.
Cookies Consent and GDPR
- Purpose: Cookies are small files stored on users’ devices. They serve various purposes, such as remembering login sessions, personalizing content, and tracking analytics.
- Consent Requirement: GDPR mandates transparent cookie consent. Users must be informed about the types of cookies used and give explicit consent.
- Cookie Banners: Websites display cookie banners or pop-ups to inform users and obtain their consent.
- Granularity: Users should have control over different cookie categories (e.g., essential, functional, marketing).
- Withdrawal: Users can withdraw consent at any time.
How to Achieve GDPR Cookie Compliance:
- Audit Your Cookies: Identify all cookies used on your website.
- Create a Cookie Policy: Clearly explain cookie usage, purpose, and how users can manage them.
- Implement Cookie Consent Banners: Obtain user consent before setting non-essential cookies.
- Provide Opt-Out Options: Allow users to manage their preferences.
- Regularly Review and Update: Stay compliant as regulations evolve.
Cookie Consent Libraries
In the following list, you will find the best open-source tools for adding and integrating the cookie consent in your web app, or website easily.
1. CookieConsent
This is a free A lightweight & gdpr compliant cookie consent plugin written in plain javascript.
orestbida2. Cookie Consent
Cookie Consent is a lightweight JavaScript plugin for alerting users about the use of cookies on your website.
It is designed to help you quickly comply with the EU Cookie Law, CCPA, GDPR and other privacy laws. We made it fast, free, and relatively painless.
Cookie Consent is seen over 2 BILLION times every month and is used on millions of sites, making this by far the most popular consent project on the internet.
osano3. Orejime
Orejime 🍪 is an open-source JavaScript library you can use on your website to let users choose what third-party cookies they allow. It's specifically made to comply with the GDPR.
Orejime 🍪 is a custom fork of Klaro! that focuses on accessibility. It follows Web Content Accessibility Guidelines (WCAG) via the French RGAA.
It can be easily installed and added easily to websites, and web apps.
empreinte-digitale4. Klaro-js
Klaro [klɛro] is a simple consent management platform (CMP) and privacy tool that helps you to be transparent about the third-party applications on your website.
It is designed to be extremely simple, intuitive and easy to use while allowing you to be compliant with all relevant regulations (notably GDPR and ePrivacy).
Klaro supports multiple modes of asking for consent and can display third-party apps individually or grouped by purpose.
Features
- Free and Open Source: No hidden fees, subscriptions or restrictions.
- Easy to use: Simply add a small JS snippet and config to your site and you're ready to go!
- Flexible and customizable: Manage consent for all possible types of third-party apps and easily customize the tool according to your needs.
- Multilingual: Full internationalization support, with languages included out of the box. New translations can be added in just a few lines of code. Contributions welcome!
Current languages: Catalan, Croatian, Dutch, English, Finnish, French, Galician, German, Greek, Hungarian, Italian, Norwegian, Romanian, Serbian (Latin and Cyrillic), Spanish, Swedish, Turkish - Small footprint: The minified+gzipped JS is only 37 kB and contains everything that is required, including style sheets and translations.
- Intuitive and responsive: Klaro is designed to blend in with your existing design and optimized for modern desktop and mobile browsers.
- Secure and reliable: Klaro ensures that no third-party apps or trackers are executed without the consent of the user, even when JavaScript is disabled or Klaro itself gets blocked.
klaro-org5. Biscuitman
Biscuitman is a super lightweight open-source privacy consent manager for your website.
Features
- Stores consent in
localStorage, exposes inwindow.Consentand through custom events fired ondocument - Handles consent granulated by custom sections (e.g. essential, performance, analytics...)
- Optionally shows user specific cookie (or localStorage item) details
- Cookies/localstorage items removed on rejection/invalidation, if cookie details added
- Fully customizable strings so you can serve localized strings if you want
- Overridable localStorage key, consent global
- Basic color theming via CSS variables
- Simple flat configuration object
- Injects scripts when granular consent is granted (
<script data-consent="analytics" type="text/plain" src="..."></script>) - Injects embedded 'after'
<script>from script tags withsrcproperties on onload (= less markup) - Mobile-first
- 'show more' functionality for long disclaimer text
- include optional link in any text
- CSS classes on
<html>element for consents - Progressively enhanced CSS
- Ideal experience browser support (targeted via browserlist string
>= 2%, last 2 years):- Chrome/Edge 105+ (should be fine in many earlier versions, TBD)
- Safari 15.4+
- Firefox 121+ (should be fine in many earlier versions, TBD)
- If JS fails in an old browser, it will probably be fixable by updating
browserlistinpackage.jsonthen rebuilding - (Will be tested more definitively with browserstack at some point)
- source styles use CSS Nesting which is explicitly processed out for compatibility
- Experimental ESM version
biscuitman.mjs- still uses globals
- allows easier event setting with
.on('revoke', (sec) => { if (sec === 'analytics') window.reload() )}) import biscuitman from '/dist/esm/biscuitman.withcss.mjs'; let bm = biscuitman.create(options);- experimental stage, only worth maintaining if the codebase remains pretty much the same, consider this another packaging option.
replete6. Pressidium Cookie Consent for WordPress
If you work with WordPress, you may look for this amazing extension that can add the user cookie consent in matter of secs to your WordPress website.
🍪 Pressidium Cookie Consent makes it easy to add a stylish, customizable cookie consent banner to your website and conditionally load third-party scripts (preferences, analytics, targeting, etc.).
It is based on the user-selected preferences to help you comply with EU GDPR cookie law, CCPA, and similar regulations.
Features Highlight
- Highly customizable
- Lightweight
- Accessible
- Translatable
- Auto-clear cookies
- Force consent
- Re-consent
- Hide from bots
- Google Consent mode integration
- Constant records
7. Cookie Though
This is a free and open-source 🍪 easy to use, minimal footprint cookie consent library. It is released under the MIT License, and comes with dozens of killer features starting as its simplicity.
Features
- Simplicity: easily usable from a developer perspective
- Accessibility: needs to be accessible
- Adaptability: can be easily tweaked or adjusted to the needs of a project
- Standards compliance: GDPR compliant, fine grained cookie control
- Minimal footprint: size of the widget should be minimal
inthepocket8. GDPR Cookie Consent Banner (Svelte)
This is a Svelte implementation of a compliant GDPR banner. It allows the user granular opt-in and out of four different cookie categories.
Features
- Small, discrete, and non-intrusive
- GDPR Compliant
- Responsive
- Offers four categories
- Runs any function on opting-in
- Runs opted-in functions on each visit
- Changing the choices requires the user to opt-in again.
- Svelte Ready
- No dependencies
- Choices expire yearly
- Optional CSS (with BEM) to bootstrap your cookie message right away
- Modifiable labels and messages
beyonk-group9. Cookie Consent
This is an open-source extended integration of orestbida/cookieconsent with support of the Google Tag Manager.
Key Features
- Small, discrete, and non-intrusive
- GDPR Compliant
- Responsive
- Offers four categories
- Runs any function on opting-in
- Runs opted-in functions on each visit
- Changing the choices requires the user to opt-in again.
- Svelte Ready
- No dependencies
- Choices expire yearly
- Optional CSS (with BEM) to bootstrap your cookie message right away
- Modifiable labels and messages
68publishers10. JS Cookify
This is a simple cookie consent manager with tracking possibility in pure JavaScript.
Jersyfi11. Haven
This is a simple full customizable cookie consent banner for gdpr law. This library is build on pure javascript for easy customization. You can choose your own CSS Framework, your own styles and only need to define query selectors.
It works well with any JavaScript project that includes Meteor, Next.js, React, Vue, and Svelte.
chiiya12. Cookie Consent
- This is a minimal yet efficient lightweight JS library for managing cookie consent for JS web apps. It works seamlessly on Google Chrome, Mozilla Firefox, Microsoft Edge, Opera, and Apple Safari browsers.
klaxit13. Cookie Bar
CookieBAR is a free & easy solution to the EU cookie law.
CookieBAR is a drop-in and forget, pure vanilla javascript plugin, with no jQuery nor any other dependency needed. It shows up when needed and stay silent when not: if a website has a cookie or some localStorage data set then the bar is shown, otherwise nothing happens.
Once user clicks Allow Cookies cookieBAR will set a cookie for that domain with a name cookiebar that will expire in 30 days. What this means is that the plugin will only show up once month (this duration is configurable).
If a user decides to click Disallow Cookies, cookieBAR will simply remove all cookies and localStorage data (and will show up again the first time a cookie is detected).
ToX8214. Ngx Cookie Consent (Angular)
This is a free and open-source library for Angular that adds Cookie Consent 3 library and integration to Angular apps in no time.
tinesoft15. Consent Banner JS
This is a zero-dependency, lightweight (~3kB), consent platform agnostic, cookie banner for any website.
tagconcierge16. Cookie Consent Banner
This amazing open-source project is written in pure JavaScript to add a cookie consent banner directly in websites and JavaScript enabled apps.
It is compatible with Google Tag Manager.
porscheofficial17. React Cookie Law
React Cookie Law is a cookie-info banner compliance with the GDPR and the EU cookie law. It allows the user to give consent in a granular way.
Palmabit-IT18. Cookie Consent Script
This is a free script that displays a cookie consent message as required by EU regulation (GDPR). The plugin displays a message on the user's first visit and they have the ability to consent to different categories of cookies and services.
brainsum19. Cookies Consent
Cookies Consent is an easy-to-use javascript library to show the cookies consent message and manage the users consent according to the cookies law GDPR and ePrivacy Directive.
You can easily customize the design by changing the theme or creating a new one and it is ready to use with Google Analytics and Google Tag Manager.
MetamorfosiLab
20. Cookie Consent
This is a free🍪 Standalone script to display a cookie consent to comply with EU cookie law.
Features
- Separate JavaScript logic, CSS styles and HTML markup
- Allow to copy/integrate a small, single JavaScript (no CDN, no framework)
- Allow to change text/labels as desired (e.g. in application)
- Add basic fallbacks (e.g. styles), which may be overwritten/removed/extended
- Allow to gain different types of consent
- Don't make any external requests
- Don't manage multiple cookie sources (use a cookie consent manager instead)
- Expose plain conditions for other JavaScripts depending on provided consent
pixelbrackets21. Cookie Guard (Recommended)
This small library enables you to handle third party services in compliance with the GDPR.
Cookieguard consists of JavaScript modules, the main Cookieguard, and several ServiceProvider that enable or disable the dedicated service.
Cookieguard ships with a handful of integrations for the most common services. You may provide the requiered configurations to a Service instance and register this services with Cookieguard. Now we already have a fully configured cookieguard instance.
tobiasthaden
