After a verdict of the European Court of Justice, fear related to cookies is once again present on the web, but particularly in our environment one should keep calm.
Most of them need some cookies to run the website, for example an identifier so that the shopping cart can be assigned to a visitor. These cookies do not have to be specified, even according to the GDPR it can be assumed that a visitor knows or accepts them.
But if data should flow out of your site – due to a wrong tools’ configuration, failure to execute GDPR-AV contracts or “conscious ignorance” – e.g. via an analytics tool – then you have to keep the nice notification.
By the way, the medial concentration on cookies is quite misleading – good ad trackers meanwhile get along very well without cookies to recognize a visitor. Unfortunately, the public focus on the term “cookie” hides the real problem and allows delinquents to continue to operate almost undisturbed.
PS: As usual it is not legal advice, but a strong opinion ?