After a verdict of the European Court of Justice, fear related to cookies is once again present on the web, but particularly in our environment one should keep calm.
Do you show advertisements of other companies? Do you use cookies to do something unexpected with your data? If not, there is no reason to ask the visitor visitor’s permission and annoy them with a banner when shopping.
Most of them need some cookies to run the website, for example an identifier so that the shopping cart can be assigned to a visitor. These cookies do not have to be specified, even according to the GDPR it can be assumed that a visitor knows or accepts them.
Also the use of cookies to optimize the website should be possible (as well as logfiles) without any notification, but of course the data must always be in your hand and take good care that unauthorized persons have no access to it.
When visiting the website of an organic farm, if I have to accept cookies I assume that my data is being transferred from the farm – this would not leave a good impression on an informed visitor. And for the less informed ones, this fact can be highlighted again in the privacy policy.
But if data should flow out of your site – due to a wrong tools’ configuration, failure to execute GDPR-AV contracts or “conscious ignorance” – e.g. via an analytics tool – then you have to keep the nice notification.
By the way, the medial concentration on cookies is quite misleading – good ad trackers meanwhile get along very well without cookies to recognize a visitor. Unfortunately, the public focus on the term “cookie” hides the real problem and allows delinquents to continue to operate almost undisturbed.
PS: As usual it is not legal advice, but a strong opinion ?