Cookiebot Updates Privacy Policy Amid Growing Regulation

Cookiebot, the Consent Management Platform (CMP) owned by Usercentrics, has updated its privacy policy as of June 25, 2026. The new policy enhances transparency around data collection, retention, and processing practices, aligning with global privacy regulations such as GDPR and CCPA.

The updated privacy policy provides detailed guidance on how Cookiebot processes personal data, including its legal basis for doing so, retention periods, and user rights. For instance, Configuration Data and System Generated Data are deleted immediately upon account cancellation, while Account Data is stored for up to five fiscal years to comply with tax regulations. The policy also specifies that End User Data is erased within 12 months of registration or upon account cancellation.

Cookiebot’s revisions come as privacy regulations tighten globally. With jurisdictions like the EU, California, and Virginia introducing stricter frameworks, companies are under increasing pressure to ensure compliance. Cookiebot’s automated compliance tools, including geotargeting, consent logging, and cookie categorization, are designed to simplify this process for its 600,000 customers and their 2.4 million websites and apps worldwide.

Beyond privacy compliance, the policy update emphasizes user control. Customers can revoke consent or request data deletion at any time, reinforcing Cookiebot’s commitment to user empowerment. The policy also details how personal data is shared with trusted third parties such as Akamai, Google, and Salesforce, while adhering to GDPR-compliant safeguards like standard contractual clauses for data transfers to non-EU countries.

This update follows a strong start to 2026 for Usercentrics and Cookiebot. In January, Usercentrics acquired a New York–based MCP manager to expand its governance capabilities. By March, both Usercentrics and Cookiebot earned G2 Spring 2026 Leader badges, reflecting positive customer sentiment.

As data privacy regulations continue to evolve, Cookiebot’s latest privacy policy underscores its role as a leader in consent management technology. The company’s proactive measures not only aim to ensure regulatory compliance but also build trust in an increasingly privacy-conscious digital ecosystem.

Image source: Shutterstock