Cookiewall
Under the General Data Protection Regulation (GDPR), using a cookiewall is not permitted. This is because you cannot obtain valid consent from your visitors or users for placing tracking cookies when you use a cookie wall.
On this page
Asking for consent
You must ask for consent for placing tracking cookies. This applies if you have a website, but also if you offer apps or other services.
This means that you have to give your visitors or users the option to refuse tracking cookies. For example, by offering an information bar or a pop-up with a clear choice between ‘yes’ and ‘no’. You are not allowed to place cookies before the visitor has made a choice.
Does someone refuse tracking cookies? Then you will have to give this person access to your website or app all the same, for example after payment.
No real choice
When a cookiewall is used, people who want to visit a website or use an app are asked to accept cookies before they are given access to the website. If they do not give consent, they will not be given access. They therefore do not have a real or free choice.
They are free to refuse tracking cookies, of course, but this is not possible without adverse consequences. Because refusing tracking cookies means that they will not be given access to the website. That is why cookiewalls are prohibited under the GDPR.
Note: The ban on cookiewalls is not just about placing cookies. Not only cookies fall under this description, but also comparable techniques for which consent must also be asked. These are techniques such as Javascripts, Flash cookies, HTML5-local storage and/or web beacons.
More information
For more information, see the standard explanation on cookiewalls of the Dutch Data Protection Authority (Dutch DPA)