DPDPA is now in force in India. Run a free privacy scan on your site. Scan now

🇮🇹 European Union

Cookie consent in Italia

Consent and privacy law in Italia

In short
Italy's Garante issued detailed cookie guidelines in 2021 that took full effect in early 2022. They require a clear Reject button alongside Accept, ban the use of scrolling as consent, and limit how often a banner may be re-shown to a user who has already refused. The Garante also prohibits cookie walls in most cases and requires that the X to close a banner not be treated as acceptance. Italian guidance distinguishes technical cookies, which need no consent, from profiling cookies, which require prior opt-in. The Garante has been active in enforcing analytics and data transfer rules.
Authority
Garante per la protezione dei dati personali
Status

GDPR applies since 25 May 2018, with the harmonised Codice Privacy

Primary law
GDPR
Languages

it

Who must comply

Any organization that offers goods or services to people in the EU or monitors their behavior, wherever the organization is based.

Penalties

Up to 20 million euros or 4 percent of global annual turnover, whichever is higher

Key obligations

  • Obtain prior, opt-in consent before non-essential cookies
  • Make refusing as easy as accepting
  • Keep records that prove consent
  • Honor withdrawal at any time
  • Respect data subject rights (access, erasure, portability)

Local guidance

  • Apply the Garante 2021 cookie guidelines, fully in force since January 2022
  • Do not treat scrolling or closing the banner with X as consent
  • Avoid re-prompting users who already refused too frequently
  • Separate technical cookies, which are exempt, from profiling cookies

How ConsentX helps

  • Prior-script blocking for true opt-in
  • Equal-weight Allow and Reject controls
  • Tamper-evident consent receipts and evidence
  • One-click withdrawal trigger
  • Built-in DSAR workflow with 30-day SLA
Get started free
yoursite.com
🇮🇹 Italy

We value your privacy

We ask for your consent before any non-essential cookie, with the rules that apply in your region.

Allow allReject non-essentialManage preferences

This page is a plain-English summary for general information and is not legal advice. Confirm your obligations with qualified local counsel.

How to comply with Italy using ConsentX

  1. 1

    Scan your website

    Run a free scan to find every cookie and tracker on your site, so you know exactly what needs consent under Italy.

  2. 2

    Show a geo-aware consent banner

    Add the ConsentX banner. It detects each visitor region and shows the consent experience that Italy requires, automatically.

  3. 3

    Block trackers until consent

    Keep non-essential cookies and trackers blocked until the visitor agrees, so nothing fires before consent.

  4. 4

    Record tamper-evident proof

    Every choice is stored as a tamper-evident consent receipt you can produce in a Italy audit.

  5. 5

    Handle data requests on time

    Use the built-in DSAR workflow with SLA timers to answer access, deletion and opt-out requests within the legal deadline.

Frequently asked questions

Can scrolling be used as cookie consent in Italy?+

No. The Garante's 2021 cookie guidelines state that scrolling is not a valid form of consent. A specific affirmative action is required for profiling cookies.

How often can I re-show a cookie banner in Italy?+

The Garante limits re-prompting users who have already refused. You should not repeatedly show the banner to a user who declined, except after a reasonable interval or a relevant change.

Governing law

🇪🇺 GDPR

Other countries in European Union

🇩🇪 Deutschland🇫🇷 France🇪🇸 España🇳🇱 Nederland🇧🇪 België / Belgique🇵🇱 Polska🇵🇹 Portugal🇸🇪 Sverige🇦🇹 Österreich🇮🇪 Éire / Ireland🇩🇰 Danmark🇫🇮 Suomi