Our legal team says do not give legal advice, so I’ll never try to tell you what’s legal, only inform you about the climate we are in.
You can’t simple make up your own classifications. which means how will you know what a “must use” cookie is? Do we even know how many cookie types there are?
Please read this article
So depending on ecommerce setup, you might have persistent cookies for instance and they are not “required” to run ecommerce.
The fact is there could still be work to do.
I was just looking this up on the forums of Ecwid and they seemed to think they were compliant because they used a system of local storage. Equally on the cookie side there is an exemption within the law if:
There is an exception to the requirement to provide information about cookies and obtain consent where the use of the cookie is:
(a) for the sole purpose of carrying out the transmission of a communication
over an electronic communications network; or
(b) where such storage or access is strictly necessary for the provision of an
information society service requested by the subscriber or user.
This exception is likely to apply, for example, to a cookie used to ensure that when a user of a site has chosen the goods they wish to buy and clicks the ‘add to basket’ or ‘proceed to checkout’ button, the site ‘remembers’ what they chose on a previous page. This cookie is strictly necessary to provide the service the user requests (taking the purchase they want to make to the checkout) and so the exception would apply and no consent would be required.
Yes, in my earliest post I mentioned local storage as the route to go.
They are describing session based storage. This is good reading, but as @Jannis pointed out, “the devil is in the details”
They clearly state that there’s is a “likely” interpretation of the law!
Instead of using the cookie consent bric, why not use the Sticky Alert Bric instead. This has the option of accepting or rejecting with different URL’s being used depending upon choice . The on-screen message in the bric can be quite long and automatically adds three buttons - 1 for agreeing, 1 for disagreeing and 1 for policy terms and conditions. This is about as good as it gets and covers you quite well.
Hi @Ms_Sun
I think your from Germany ? I use the eRecht24 tools. When you have an membership you can use the tool by usercentric. It is implemented in the payment. You can block typical things like analytics /maps / YouTube or other iframe services …
You have not a lot of styling options … But I think its enough
tom
Ideally you’re looking for a ‘cookie manager’ option to hide specific content brics, unless the visitor consents.
Coming from a rapid weaver background it’s a shame that solutions such as this one aren’t available.
Maybe enough of a market and the dev could port it to Blocs?
Also some interesting bits in the product page about distinctions between essential and nonessential cookies.
There are certain things currently missing in the developer API preventing that. With new features coming for that API, that will be possible 
I’ve been following this thread with interest because I find the subject of GDPR/ Cookie Consent compliance both intriguing and concerning, in equal measures. I understand the reasons behind the requirements, but am confused about certain aspects of their implementation (and how to achieve it, correctly).
I have just downloaded the opt-in/out script from daschmi.de (linked earlier in the thread) and although my coding knowledge is basic, I will be able to work my way through its implementation (famous last words…).
I do have a specific question, and please forgive my ignorance if the answer is obvious or pretty basic site design 101; how can I find out exactly which cookies a site I’m either developing or have published are being used/stored and also any technical details about them that have to be listed? I ask because, as far as I can tell, they need to be added to the Daschmi script manually.
…and I apologise if it’s considered ‘poor etiquette’ to ask a question in somebody else’s thread. On this occasion, I thought it was a’continuation of the discussion’, not changing it. Also, I didn’t want to clog up the forum with another thread about GDPR when this one seemed an appropriate place to post.
I would start with either google chrome or safari, turn on developer tools, and examine the cookies there.
How can I examine cookies with the developer tools in Safari?
Please enter this search term in Google Search, and your question will be answered.
@Reg brings up some good questions.
and
2. WHICH of the cookies are in the category of „technically needed“ = they don’t need consent and can be active right from the start (and they alone wouldn’t even need a cookie banner)
and WHICH cookies are considered „NOT technically needed“ = they would have to stay INactive until a visitor allows them with his/ her click.
No, that would NOT work for the GDPR rules in the EU anymore (since May/June 2020). Please read start of thread 
We have to have a totally different FUNCTION now:
The problem is the BLOCKING of all technically not needed cookies UNTIL consent by a visitor.
@Jannis
Do you know if @Norm is working on the API, so that a GDPR-compliant cookie consent banner will be possible ?
Oh, this MiniCookie stack for RW by Will Woodgate indeed looks like it would be the solution if it was also offered for Blocs.
Did you ask @willwood Will Woodgate about his plans? Is he reading here on the Blocs forum?
Developing such a custom bric will be possible when above mentioned API extensions are available.
You are the website designer. You add additional software components to your website. No one is able to perform this technical task for you. You have to dig in to each end every additional software component and check with their documentation about their cookie usage.
On the subject of the cookie bloc, I’d love to be able to hide it permanently when someone accepts it, instead of it appearing as a flag constantly at the bottom.