Starting a new project? Download our free workbook to build your brand with confidence.
The email you entered is invalid.
Thank you for subscribing.
By entering your email, you indicate that you have read and understood our Privacy Policy and agree to receive marketing from Squarespace.
As more brands and businesses operate online, it’s essential that website owners can trust that they are protecting the data privacy of their visitors, and are able to comply with ever-evolving global data protection standards.
For website owners, especially those with site visitors in the U.K. and E.U., understanding and staying up to date on privacy regulations can be a challenge. A basic understanding of website cookies and how they impact online browsing is key to keeping your site compliant and making your visitors feel secure. Read on to learn how we’re arming Squarespace subscribers with best practices and product functionality to help protect your website visitors and the integrity of your business.
An overview of website data privacy
There are many different privacy regulations that apply to website owners. In general, website owners will want to focus on three things:
How they manage cookie consent
How they collect, store, and share their customers’ information
How they communicate these practices to their visitors
Since the introduction of General Data Protection Regulation (GDPR), the laws and details of this legislation continue to evolve to keep up with trends in the global economy. GDPR is one of the most well-known data protection models, and serves as a blueprint for new data security laws in more countries.
Why website data privacy is important for your business
Complying with data privacy regulations is a requirement in many regions, and regulations continue to evolve globally. Keeping up with these regulations is a legal best practice, and will help legitimize your online presence and instill a level of confidence in the people who visit your website.
Note: Not every website is subject to GDPR. We recommend speaking with a legal professional to confirm privacy requirements for your site/business.
What is a website cookie?
A key component of complying with data privacy regulations is managing how cookies are used on your site. Cookies are small pieces of data that websites place on a device. Cookies have many different purposes—they can improve your visitors’ browsing experience because they help websites remember preferences and understand how people use different features, and can also be used by marketing or advertising services.
Similar technologies include pixels, tags, local storage, and device fingerprinting. Websites use these technologies to:
Identify visitors
Enable the website to function efficiently
Personalize content
Permit online behavioral target advertising
Website cookies are split into two main categories: essential and non-essential cookies.
Necessary and required (essential) cookies
These are required for your site to function correctly for visitors, and will vary depending on the features your site uses. For example, necessary and required cookies help features like URL redirects, the shopping cart, and customer accounts work.
Non-essential cookies
These are not required for your site to function correctly for visitors, and visitors should be able to opt out of them. This includes cookies used to populate your site analytics with information about visitor counts, and cookies placed by third-party analytics tools like Google Analytics and the Meta Pixel.
How cookies apply to your website
As is standard practice, Squarespace places cookies on visitors’ browsers to help your site run effectively, provide the best experience for your visitors, and help you learn more about traffic to your site.
Due to GDPR requirements, depending on where your website operates from, you may need to inform your visitors of cookies placed by your website and to receive visitors’ affirmative consent to use certain types of cookies, like non-essential cookies.
How to add a cookie banner to your Squarespace website
A cookie banner allows you to inform your visitors how you are using cookies, and allows your visitors to choose whether they consent to this use of cookies.
When you enable a cookie banner on your Squarespace website, you can customize both the style of the banner and the privacy settings it includes. Here’s how it works:
In your Squarespace account, navigate to Settings > Website > Cookies and Data Privacy.
Choose which consent options to display on your banner. You’ll have the option to display an Accept, Manage, and/or Decline button.
Customize the text of your cookie banner, and add links to other pages like a privacy policy or cookie policy.
Customizing your banner style
When you enable a cookie banner it will be responsive to your site style settings, so you can customize it to match the design of your site. You can choose a color theme for your cookie banner, change the position, and change the banner font size. Edit the colors for your chosen theme to change background, text, and button and toggle color.
Managing cookies and cookie categories
If you choose to display a Manage button on your cookie banner, website visitors can click this to open a “Manage Cookies” window. From here, they can choose more granular cookie preferences. First-party cookies are categorized according to their purpose. For third-party cookies, if a provider offers a “Consent Mode”, we send the appropriate consent signal based on the visitor’s category choices.
Change or revoke consent
If you have a “Decline” or “Manage” button on your cookie banner, visitors can re-open their cookie settings and use this to change or revoke their consent preferences.
Managing third-party cookies
With the Squarespace cookie banner, it’s easy to prevent certain third-party cookies from loading unless your website visitor accepts. For major providers that offer a “consent mode” or other means to share visitor cookie preferences, we’ve integrated this with the Squarespace cookie banner. Some examples of this include:
Google Analytics: Google’s consent mode is automatically integrated when added through the API keys panel.
Meta pixel: Meta’s consent mode is automatically integrated when added through the API keys panel.
YouTube videos: YouTube’s Privacy Enhanced Mode is automatically integrated when a video is added through the Video Block.
How Squarespace supports website privacy
In support of our subscribers around the world, we’re constantly working to keep up with the latest in global website data privacy regulations and GDPR policies. We understand the importance of being informed and equipped to manage privacy and security needs for your website. We’ve built native functionality into the Squarespace platform to help you feel confident that you’re providing an optimally safe browsing experience for visitors.
Frequently asked questions
How can I be sure that my data and visitors are protected?
The privacy and security of our customers’ data is our top priority. We work diligently to ensure we are prepared to meet the demands of global data privacy laws like GDPR as a company and for our customers. Read more about our technical and organizational security measures.
Can I create a GDPR compliant website with Squarespace?
Our cookie and privacy panel makes it easy for you to address GDPR requirements. To help you comply with E.U. and U.K. legal requirements, when you enable your Squarespace cookie banner you can:
Disable Activity Logging to prevent IP addresses or other personally identifiable information from being collected or viewed.
Disable Squarespace Analytics cookies to prevent these non-essential cookies from being placed on visitors' browsers.
Display a customizable cookie banner so visitors can consent to the use of cookies.
Squarespace's editing tools allow you to publish your own legal terms or privacy policy. You can also create and add your own imprint page.
Where are Squarespace’s data servers located?
Squarespace is a global company that respects the laws of the jurisdictions it operates within. With data servers located in the U.S., Squarespace treats personal data from around the world in a secure and privacy-friendly manner. Squarespace complies with the Data Privacy Frameworks (pursuant to the EU-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework, and the UK Extension to the EU-U.S. Data Privacy Frameworks) to provide a legal basis for transfers of personal data to the U.S. from, as applicable, the EEA, Switzerland and the U.K. Squarespace has certified its compliance to the Data Privacy Frameworks. You can find our certification here and you can learn more about the Data Privacy Frameworks (as determined based upon the country from which the personal data was received) and DPF Principles by visiting https://www.dataprivacyframework.gov/.
How can I reach the Squarespace team if I have more questions about the cookie banner functionality or keeping my website secure?
If you need more assistance, contact us for native language email support.
What other information is available about Squarespace’s secure hosting, data privacy, and security?
For more information about Squarespace cookie banner and GDPR related offerings check out our Privacy & Security hub. To enable a cookie banner on your own website, check out our how to video or head to your Cookies and Data Privacy panel to get started.