As of 25th of May 2018, all European companies' websites that use cookies must inform about which cookies they use, the purpose of each cookie, and collect a consent to use these cookies.
So in theory all websites in Europe need a Cookie Consent Solution. In reality there are some exemptions - but very rare. These exemptions can be, if a website does not use cookies or if the cookies used have purely necessary purposes.
A way to assess if a website uses cookie, there are different tools:
Cookie Information Chrome Plugin: Download here
Cookie Information free website audit: Request audit here
or you can contact your Account Manager at Cookie Information.
According to GDPR; if personal data is stored or transferred from a website, the website owner needs to collect a consent before collection of this data can happen.
To use this data you need a consent:
"Processing shall be lawful only if and to the extent that at least one of the following applies:
- the data subject has given consent to the processing of his or her personal data for one or more specific purposes"
Art. 6 GDPR - https://gdpr.eu/tag/gdpr/
So if any third party cookies are used for marketing, statistical, advertisement, or functional purposes, a consent is needed before these cookies can be set.
Example of cookies set from Google Analytics, Shopify Analytics and Facebook on a website:
So if a website uses third party software that collect and use data through cookies, the website need a consent solution.
When the processing has multiple purposes, consent should be given for all of them."
Recital 32 - https://gdpr.eu/tag/gdpr/
The consent solution should ask the user for a consent for all purposes of cookies.