Alex is Sprintlaw’s co-founder and principal lawyer. Alex previously worked at a top-tier firm as a lawyer specialising in technology and media contracts, and founded a digital agency which he sold in 2015.
If you run a manufacturing business in the UK, your website probably does more tracking than you think. A common mistake is assuming a standard privacy policy covers cookies. Another is dropping analytics or advertising cookies before getting consent. A third is copying a cookie banner from another site without checking what your own systems actually do.
That creates real risk for manufacturers. You might be collecting website data from trade buyers, distributors, engineers, job applicants or consumers buying spare parts online, all while using tools that place cookies or similar technologies on their devices. If your notice is unclear, incomplete or out of step with UK rules, the problem is not just technical, it is a compliance issue.
This guide explains what a cookie notice manufacturers UK businesses should have, when the issue usually comes up, what your notice needs to say, and the practical mistakes that catch founders and operations teams before they launch online, refresh a website, or sign with a marketing supplier.
Overview
UK manufacturers that use cookies or similar tracking tools on their websites usually need a clear cookie notice and, for many non-essential cookies, valid consent before those cookies are set. The legal position sits alongside your wider privacy obligations, so your cookie wording should match what your site actually collects and how your business uses that data.
- Identify every cookie and similar tracking technology on your website.
- Separate essential cookies from analytics, advertising and personalisation cookies.
- Get consent before setting non-essential cookies.
- Explain what each category does, how long cookies last, and whether third parties receive data.
- Make sure your cookie notice matches your privacy notice and consent tool.
- Review marketing, recruitment and eCommerce pages, because these often add hidden trackers.
- Keep records of consent choices and update the notice when website tools change.
What Cookie Notice Manufacturers Means For UK Businesses
A cookie notice is the statement on your site that tells visitors what cookies and similar technologies you use, why you use them, and what choices they have. For UK manufacturers, that often sounds simple, but the detail matters because manufacturing websites are rarely just brochure sites anymore.
Many manufacturers use websites for more than brand awareness. They take trade enquiries, run product configurators, offer customer portals, host technical downloads, advertise roles, track campaign performance and sometimes sell components or accessories online. Each of those functions can introduce cookies.
In the UK, cookie compliance generally comes from privacy and electronic communications rules, with data protection rules also relevant where personal data is involved. In plain English, that means you usually need to be transparent about cookies, and for many cookies you need consent before they are stored or accessed on a user's device.
What counts as a cookie issue
The issue is wider than the small text banner on your homepage. It covers the actual technologies your site uses and how they operate. A manufacturer may have tracking on:
- main marketing pages
- trade account login areas
- product catalogue and search functions
- request a quote forms
- customer support portals
- careers pages and recruitment forms
- dealer or distributor portals
- embedded videos, maps or chat tools
If any of those features place non-essential cookies, your business needs to think about consent and disclosure.
What your cookie notice usually needs to cover
Your cookie notice should be specific enough that a visitor can understand what is happening on the site. Boilerplate wording often fails because it talks in broad categories without reflecting the tools the business actually uses.
A practical cookie notice for a UK manufacturer commonly includes:
- the types of cookies used, such as strictly necessary, preferences, analytics and marketing
- the purpose of each category
- whether the cookies are first-party or third-party
- how long each cookie remains on the device, or at least the duration by category where that is accurate
- how a user can accept, reject or change their preferences
- whether data collected through cookies may be linked to other information
- details that line up with the wider privacy notice, especially where personal data is involved
The notice should also be easy to find after the banner has been closed. Hiding it behind multiple clicks, or making preference changes hard, is where businesses often get caught.
Why manufacturers need to be careful
Manufacturers sometimes assume cookie compliance is mainly a retail or publishing issue. That is not right. A manufacturing business may collect less traffic than a consumer platform, but it often uses a mix of third-party tools that bring more legal complexity.
For example, your site may use analytics to understand which sectors are downloading product sheets, advertising pixels to retarget visitors, chat software to route sales enquiries, and embedded media from external platforms. If those tools are active before consent, your cookie banner and notice may be misleading even if they look polished.
This also matters before you spend money on setup. If a web agency builds a lead generation site with pre-ticked cookie settings or loads tracking scripts automatically, fixing it later can mean reworking templates, consent flows and supplier terms.
When This Issue Comes Up
Cookie notice problems usually appear during growth, website changes or supplier onboarding, not when founders are sitting down to think about privacy in the abstract. The question tends to arise at the exact moment a business launches a new digital tool or marketing plan.
When you launch or rebuild a website
A new website is the clearest trigger. Manufacturers often redesign their sites to improve lead generation, support distributors or expand into online sales. During that process, developers may add plugins, analytics dashboards, embedded videos and CRM integrations that all change the cookie picture.
Before you sign a contract with a designer or developer, confirm who is responsible for identifying cookies, implementing the consent manager, and testing whether non-essential scripts stay blocked until consent is given.
When you start selling online
Some manufacturers sell spare parts, replacement items, branded merchandise or direct-to-consumer products through eCommerce pages. That usually adds payment integrations, shopping cart functions, customer account areas and conversion tracking tools.
Not every cookie in that setup needs consent. Some are strictly necessary for the cart or checkout to work. Others, such as analytics or ad tracking, often do. Your notice should explain that distinction clearly.
When marketing becomes more sophisticated
The legal risk rises once a manufacturing business moves beyond basic website statistics. Paid advertising, email marketing integrations, account-based marketing and retargeting campaigns commonly involve trackers from third parties.
This is where founders often rely on the marketing platform's default wording. That is risky because your legal responsibility does not disappear just because the tool came with a standard banner.
When you recruit online
Careers pages can create cookie issues too. Recruitment software, application portals and embedded job widgets may set cookies or collect data from applicants. If your manufacturing business is scaling and hiring engineers, production staff or sales teams, that part of your site should be included in your review.
When you work with distributors or overseas groups
Many UK manufacturers belong to wider corporate groups or use shared web infrastructure across regions. In that setup, the UK site may inherit a global cookie banner that is not tailored to UK rules. A notice drafted for another country may not explain consent options in the way UK regulators expect.
This can also happen where a parent company controls the site and your local business assumes the legal wording has already been handled. It is still worth checking what applies to your UK-facing pages and UK user data.
Practical Steps And Common Mistakes
The safest approach is to treat cookie compliance as a short operational project, not a wording exercise. A legally useful cookie notice starts with an accurate map of what the website actually does.
Step 1, audit the site properly
You need to know which cookies and similar technologies are in use before you can describe them. That means checking your website, plugins, analytics tools, ad platforms, embedded content, CRM integrations and any scripts added by agencies.
Your review should cover:
- homepage and main marketing pages
- product and catalogue pages
- contact and quote request forms
- download areas for brochures, manuals or technical sheets
- account login and customer portal pages
- checkout or payment pages, if applicable
- careers and application pages
- cookie behaviour on mobile and desktop
One common mistake is auditing only the homepage. Another is missing trackers that fire through tag managers or third-party embeds.
Step 2, classify cookies accurately
Not all cookies are treated the same way. Strictly necessary cookies are usually allowed without consent where they are genuinely needed to provide the service requested by the user. Analytics, advertising and many personalisation cookies are generally not in that category.
Founders often label everything as necessary because the business finds the data useful. That is not the legal test. The question is whether the cookie is essential for the service the visitor has actually asked for, not whether it helps your business make better decisions.
Step 3, make sure consent happens at the right time
For non-essential cookies, consent usually needs to come before those cookies are set. That means the banner and consent tool must do more than look tidy. They need to stop the relevant scripts from running until the user agrees.
Common problems include:
- analytics loading immediately on page entry
- an accept button that is prominent, with a reject option hidden or harder to use
- pre-ticked boxes or default consent settings
- banners that disappear without recording a genuine choice
- consent tools that do not apply preferences across all pages
If your site uses a consent management platform, test it after launch. Do not assume the setup is correct because the supplier says it is.
Step 4, write the notice in plain English
Your cookie notice should help a purchaser, distributor, engineer or applicant understand what your site is doing. Legal jargon and vague statements create confusion, especially on B2B manufacturing websites where visitors may be reviewing technical information quickly.
Clear wording often works best when organised by category, with enough detail to explain:
- what the cookie does
- why you use it
- whether another company also receives information
- how long it lasts
- how the visitor can change their choice later
If your privacy notice explains how personal data is used for enquiries, customer management or marketing, the cookie notice should not contradict it. Those two documents need to line up.
Step 5, check supplier contracts and internal ownership
Cookie compliance is often spread across marketing, IT, web developers and external agencies. If no one owns the issue, notices go out of date quickly.
Before you sign with a web developer, analytics consultant or digital marketing agency, clarify:
- who decides which tracking tools are installed
- who updates the cookie list when tools change
- who configures consent settings
- who keeps records of changes
- who is responsible if scripts are deployed without approval
This is where contracts matter. A supplier agreement can help define responsibilities, while your internal governance should ensure someone in the business signs off on new trackers before they go live.
Step 6, review related legal documents
A cookie notice does not sit alone. Manufacturers should also review the surrounding legal documents and business setup that support digital compliance.
Depending on how your business operates, think about:
- your privacy notice
- website terms of use
- online sales terms or customer terms, if you sell parts or products online
- contracts with developers, marketing agencies and software suppliers
- data protection arrangements, such as a data processing agreement, with service providers handling website data
- brand protection, including trade mark issues if your website features product names prominently
This matters whether you operate as a limited company, partnership or another business structure. The legal entity behind the website should be clear, and the website documents should identify the correct business.
Common mistakes manufacturers make
The same problems come up repeatedly in manufacturing businesses. Most are easy to miss because the website has grown over time rather than being built as one neat project.
- Using a generic cookie notice copied from another business.
- Listing cookie categories but not the actual purposes or third-party involvement.
- Treating analytics as essential.
- Failing to block non-essential cookies before consent.
- Ignoring tracking on quote forms, distributor portals or careers pages.
- Updating the website without updating the notice.
- Letting global group wording override UK-specific compliance needs.
- Assuming a web agency is legally responsible for the final wording.
The practical fix is regular review. If your manufacturing business launches a new campaign, changes CRM, introduces a support portal or adds embedded tools, revisit the cookie notice at the same time.
FAQs
Do UK manufacturers always need a cookie notice?
If your website uses cookies or similar technologies, a cookie notice is usually needed. Even a relatively simple B2B manufacturing website may use analytics, security or embedded content tools that make transparency necessary.
Can we use Google Analytics without consent?
Businesses should be cautious. Analytics cookies are generally treated as non-essential, so consent is commonly needed before they are set. The exact setup matters, but most manufacturers should not assume analytics is exempt.
Is a privacy policy enough on its own?
No, not usually. A privacy notice explains broader personal data use, while a cookie notice deals specifically with cookies and similar technologies on users' devices. The two should match, but one does not replace the other.
What if our website is built by an external agency?
You still need to make sure the site complies. An agency can help implement the banner and consent settings, but your business should confirm what tracking is installed, what the notice says and who updates it when the site changes.
Do strictly necessary cookies need consent?
Often no, if they are genuinely necessary to provide the service requested by the user, such as core site security or shopping cart functionality. But businesses should classify these carefully, because convenience or commercial usefulness does not automatically make a cookie strictly necessary.
Key Takeaways
- A cookie notice manufacturers UK businesses use should reflect the real tracking tools on the site, not a generic template.
- Non-essential cookies, including many analytics and marketing cookies, usually require consent before they are set.
- Manufacturing websites often create hidden cookie issues through quote forms, recruitment pages, portals, embedded tools and eCommerce functions.
- Your cookie notice should work alongside your privacy notice, website terms and supplier contracts.
- The main risk is not just poor wording, it is a mismatch between what the banner says and what the website actually does.
- Review cookie compliance before you launch online, before you sign with web or marketing suppliers, and whenever new tracking tools are added.
If your business is dealing with cookie notice manufacturers and wants help with cookie notices, privacy notices, website terms, and supplier contracts, you can reach us on 08081347754 or team@sprintlaw.co.uk for a free, no-obligations chat.





