UK GDPR cookie consent, covered
Since Brexit, UK websites must comply with UK GDPR, a domestic version of EU GDPR enforced by the ICO. Consentify handles consent enforcement, audit logs, and records the same way for UK GDPR as it does for EU GDPR.
UK GDPR cookie consent, covered
Since Brexit, UK websites must comply with UK GDPR, a domestic version of EU GDPR enforced by the ICO. Consentify handles consent enforcement, audit logs, and records the same way for UK GDPR as it does for EU GDPR.
What is UK GDPR?
UK GDPR is the retained version of EU GDPR that came into force in the UK after Brexit on 1 January 2021. It is enforced by the Information Commissioner's Office (ICO) and applies to any organisation that processes personal data about UK residents. For cookie consent, the requirements mirror EU GDPR: prior, informed, freely given, and unambiguous consent before non-essential cookies or tracking scripts load. The UK also retains the Privacy and Electronic Communications Regulations (PECR), which is the UK equivalent of the EU ePrivacy Directive.
How Consentify covers UK GDPR
Script-level enforcement
No analytics, advertising, or marketing scripts load until the visitor actively consents. This satisfies the UK GDPR and PECR requirement for prior, unambiguous consent.
ICO-ready audit logs
Every consent decision is stored with a timestamp, accepted/rejected categories, and a hashed IP. Records are structured to support subject access requests and ICO audits.
Right to withdraw
UK GDPR requires that withdrawing consent is as easy as giving it. Users can re-open the consent banner at any time via the revoke button you add to your site.
Data Processing Agreement
A DPA is available for all paid plans, covering Consentify's role as a data processor under UK GDPR Article 28.
Deletable consent records
Every consent record has a unique delete token so users can exercise their right to erasure under UK GDPR Article 17.
Frequently asked questions
Is UK GDPR the same as EU GDPR?
UK GDPR mirrors EU GDPR almost exactly. The substantive requirements for cookie consent (prior consent, granular categories, right to withdraw) are identical. The main difference is enforcement: UK GDPR is enforced by the ICO, not EU data protection authorities. If your site serves both UK and EU visitors, Consentify satisfies both with one banner.
What is PECR and does it apply to my site?
PECR (Privacy and Electronic Communications Regulations) is the UK cookie law, equivalent to the EU ePrivacy Directive. It requires prior consent before storing non-essential cookies or accessing a user's device. PECR applies to any site with UK visitors. Consentify satisfies PECR by blocking non-essential scripts until consent is given.
Do I need a separate banner for UK and EU visitors?
No. The consent requirements under UK GDPR, PECR, EU GDPR, and the ePrivacy Directive are effectively the same for cookie banners. One Consentify banner covers visitors from both the UK and the EU.
Does Consentify store data outside the UK?
Consent data is stored on EU infrastructure (Supabase, Frankfurt region). Transfers from the UK to the EU are permitted under the UK adequacy decision for the EEA, so no additional safeguards are required.
Add UK GDPR-compliant consent to your site
Free forever for one domain. No code required.