> To comply with the regulations governing cookies under the GDPR and the ePrivacy Directive you must:
> ...
> Receive users’ consent before you use any cookies except strictly necessary cookies.
Defined as:
> Strictly necessary cookies — These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies. While it is not required to obtain consent for these cookies, what they do and why they are necessary should be explained to the user.
It's entirely possible to have a useful website without requiring a popup. It's just not how most companies prefer to have the web work.
No, a popup or banner would be for requiring consent. A non-consent explanation can be in the privacy policy, or on a dedicated page that is linked in the page's footer or something.
Also, "should" be explained; I don't believe it's a violation of the law to not do so.
Don't do shitty things to your users and you don't need a popup.
From https://gdpr.eu/cookies/ :
> To comply with the regulations governing cookies under the GDPR and the ePrivacy Directive you must:
> ...
> Receive users’ consent before you use any cookies except strictly necessary cookies.
Defined as:
> Strictly necessary cookies — These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies. While it is not required to obtain consent for these cookies, what they do and why they are necessary should be explained to the user.
It's entirely possible to have a useful website without requiring a popup. It's just not how most companies prefer to have the web work.