General Data Protection Regulation (GDPR) Toolkit


The following three requirements apply to all UW–Madison websites as part of complying with the European Union’s General Data Protection Regulation (GDPR).

  1. Cookie Consent

    We have created several versions of the cookie notice to accommodate the various types of websites on campus. If one of the following options does not suit your needs, please contact the University Marketing web team at

    The cookie consent javascript module displays a dialog box at the bottom of every page of your website that:

    • informs site visitors about the use of cookies on your site
    • provides a link to the UW–Madison privacy notice
    • displays a confirmation button that visitors can click to indicate that they understand the cookie policy

    Once the confirmation button is clicked, the dialog box will no longer appear to that user when they visit your site, or any other website using this module, from the same device and browser.

    How to install Cookie Consent >>

  2. Link to Privacy Notice in footer

    Now part of our minimum web standards, every UW–Madison website must have a link to the university’s privacy notice in its footer.

  3. Add a checkbox before the submit button on all web forms

    “I understand my information is being used for [INSERT HERE] purpose(s)”.

    Gravity Forms recently introduced a Consent field type; you can learn more about this feature at Personal Data Settings and Consent feature on Gravity Forms.

How does GDPR relate to research?

GDPR may apply to data for research projects at UW–Madison that take place in the EEA or on data subjects in the EEA. More information is found at IRB Guidance: GDPR and Research at UW.

See more information about GDPR at UW–Madison >>