Keep Cookie Script's banner. Add independent pre-consent evidence and localized GDPR documents.
Cookie Script is a Lithuanian SaaS consent management platform, run by Objectis Ltd out of Vilnius, that bundles a customizable consent banner, an automatic cookie scanner, a Google-certified (Gold-tier) Consent Mode v2 integration and IAB TCF v2.3 support, sold per domain across a free tier and paid plans that scale with the number of domains you protect. It is a genuinely capable CMP serving sites worldwide in 40-plus languages, and its banner is something CookieSentry does not offer. CookieSentry is a different kind of tool: an independent audit, evidence and documents layer. It loads your live URL like a real visitor and flags every cookie and tracker that fires before consent, names the source, produces a shareable indexable report plus a downloadable PDF you can hand to counsel, and generates GDPR documents mapped to the national rules that actually apply. If you run Cookie Script for the banner, the honest move is to keep it and add CookieSentry to prove what your banner lets through and to maintain your paperwork.
EUR 2,385,276
Largest fine to date from Lithuania's data protection authority (VDAI), against Vinted, July 2024
European Data Protection Board (edpb.europa.eu)
v2.3
IAB TCF version Cookie Script integrates as a Google-certified CMP
cookie-script.com
Art. 5(3)
ePrivacy Directive clause requiring consent before non-essential cookies are stored or read
ePrivacy Directive 2002/58/EC
0
Signups required to run CookieSentry's free public pre-consent scan
CookieSentry
Cookie Script's scanner runs inside the same vendor that also serves your banner, so its declaration describes what the CMP intends to control. CookieSentry visits your live page as an outside observer and records what actually fires before any consent click, naming each cookie and its source. When a regulator or client asks for proof, evidence from a tool that does not also sell you the banner carries weight a self-issued declaration cannot.
Beyond a generic cookie declaration, CookieSentry generates privacy and cookie policies and supporting records localized to the rules that genuinely apply, Germany's section 25 TDDDG plus Poland, Denmark, Sweden and pan-EU ePrivacy, rather than a one-size baseline. The output is counsel-ready paperwork you can maintain over time, not just a banner string.
Anyone can run a CookieSentry public scan with no signup and get an indexable report plus a downloadable PDF. That makes it usable as a sales artifact for agencies, a handoff to a privacy team, or a pre-purchase due-diligence check on a site you do not yet manage, none of which requires touching your live consent setup.
Cookie Script is a Lithuanian consent management platform built by Objectis Ltd in Vilnius. It is a cloud SaaS, not a self-hosted plugin, and it is squarely a CMP: a configurable consent banner in several layouts, a built-in cookie scanner that produces a declaration, Google Consent Mode v2 support with a Gold-tier certified-partner status, and IAB TCF v2.3 signalling for the advertising ecosystem. Pricing is per domain across a free tier and paid plans, with the per-domain cost falling as you add more domains. For the job of collecting and signalling consent, that is a strong, well-rounded product.
CookieSentry is not that product and does not try to be. It has no banner, it is not a CMP, and it does not implement TCF. What it does is the half Cookie Script's scanner only partially addresses: independent verification of what loads before consent, exportable evidence of it, and the surrounding GDPR documents localized to national law. The cleanest way to think about it is that Cookie Script owns the consent UI and CookieSentry owns the proof and the paperwork.
A consent declaration written by the same vendor that serves your banner is a description of intended behavior. It tells you what the CMP is configured to gate. It does not, on its own, prove what a real browser actually executed on your live page before a visitor clicked anything, and that gap is exactly where pre-consent violations live: a tag that loads outside the CMP, a third-party script that sets an identifier before the banner renders, a measurement pixel hard-coded in a template.
CookieSentry closes that gap by acting as an outside auditor. It loads the page, waits, and captures the cookies and trackers that fire with no consent given, attributing each to its origin. Because the result comes from a tool that has no stake in your banner, it functions as independent evidence rather than a self-assessment, which is the kind of artifact that holds up in a client review or a regulator's file.
Cookie Script operates from the same jurisdiction whose supervisory authority, the State Data Protection Inspectorate (VDAI), issued the largest data-protection fine in Lithuanian history, EUR 2,385,276 against Vinted in July 2024, a decision later upheld on appeal in 2025. EU enforcement of the ePrivacy rule that consent must precede non-essential cookies, Article 5(3), continues to sharpen across member states. The lesson is consistent: what a regulator examines is observed behavior, not a vendor's promise about it.
That is the case for adding an independent evidence layer regardless of which CMP serves your banner. CookieSentry gives you a dated, exportable record of what actually fired before consent on each scan, plus GDPR documents tied to the national overlays that apply to your audience. If a question ever arrives from a DPA, an enterprise procurement team or your own counsel, you are answering with verifiable proof and current paperwork rather than a screenshot of your banner settings.
Consent should not be regarded as freely given if the data subject has no genuine or free choice or is unable to refuse or withdraw consent without detriment.
| Capability | CookieSentry | Cookie Script |
|---|---|---|
| Consent banner / CMPCookie Script provides the banner; CookieSentry deliberately does not. | ||
| IAB TCF supportCookie Script integrates IAB TCF v2.3 as a Google-certified CMP. | ||
| Automatic pre-consent cookie scanningCookie Script scans to build a declaration; CookieSentry focuses on what fires before consent, as independent evidence. | ||
| Free public scan (no signup)Cookie Script offers a free tier but account-based; CookieSentry's public scan needs no signup. | ||
| GDPR document generationCookie Script generates a cookie declaration; CookieSentry generates broader localized GDPR documents. | ||
| Exportable audit evidence (PDF)CookieSentry produces a shareable report plus a downloadable PDF intended as handoff evidence. | ||
| National-law overlaysCookieSentry maps to TDDDG, PL, DK, SE and pan-EU ePrivacy; Cookie Script targets many regimes broadly. | ||
| Google-certified CMP partnerCookie Script holds Gold-tier certified status with Consent Mode v2. | ||
| Pricing modelDifferent models for different jobs. | Flat, does not scale by subpage count | Per-domain tiers, lower per-domain cost at higher volumes |
Cookie Script is based in Vilnius, Lithuania. Lithuania's VDAI issued the country's largest fine, EUR 2,385,276 against Vinted, in July 2024 (per the EDPB). Independent pre-consent evidence is useful no matter which CMP serves your banner.
Cookie Script's built-in scan creates a declaration of intended behavior. CookieSentry observes your live page from the outside and records what actually fires before consent, naming each source, so the proof does not come from the same vendor as the banner.
Cookie Script integrates IAB TCF v2.3 as a Google-certified CMP. CookieSentry is honestly marked no for TCF and no for banner/CMP; it covers verification, evidence and localized GDPR documents instead.
Cookie Script is the better fit when your primary need is the consent interface itself. If you want a polished, customizable banner with multiple layouts, Google Consent Mode v2 wiring, IAB TCF v2.3 signalling for ad partners, and a single per-domain subscription that also covers a built-in scan and a generated cookie declaration, Cookie Script delivers that as a mature, Google-certified Gold-tier CMP. CookieSentry deliberately does not compete here: it has no banner, is not a CMP, and does not implement TCF. For displaying, A/B testing and managing consent collection across many domains and frameworks, Cookie Script is the right tool and CookieSentry is meant to sit alongside it, not replace it.
Cookie Script prices per domain across a free tier and paid plans, with the per-domain cost dropping as you add domains, which is the natural model for a CMP you deploy site by site. CookieSentry prices flat and does not scale by subpage count, so a large site with many pages does not cost more to scan and document than a small one. Because the two tools do different jobs, the comparison is not subscription versus subscription; it is whether your CMP spend should also be expected to deliver independent evidence and localized GDPR paperwork, or whether that belongs in a predictable flat-rate layer of its own.
There is nothing to swap. Keep Cookie Script as your consent management platform: it serves and signals the banner, and CookieSentry has no banner to replace it with. You add CookieSentry alongside it as the independent layer that proves what actually fires before consent on your live pages and that generates and maintains your GDPR documents against the national overlays you need. If your team had been leaning on Cookie Script mainly for its audit and scanning half, CookieSentry can take over that role with deeper pre-consent detection and exportable evidence, while Cookie Script keeps doing the banner.
No. CookieSentry has no consent banner and is not a CMP. Keep Cookie Script for the banner and consent signalling. CookieSentry sits alongside it to verify what fires before consent and to generate your GDPR documents.
Cookie Script's scan produces a declaration from the same vendor that serves your banner. CookieSentry is an independent outside observer that records what actually loads before any consent is given, which is the kind of evidence that holds up in a client or regulator review.
No. CookieSentry is honestly not a CMP and does not implement TCF or Consent Mode. Cookie Script handles those as a Google-certified Gold-tier partner. CookieSentry covers audit, evidence and localized GDPR documents.
Yes. Run the free public scan with no signup and no changes to your live site or banner. You get an indexable report and a downloadable PDF you can share with your privacy team, agency or counsel.
Weighing more than one option? See how CookieSentry stacks up against the other consent tools on the market.
Run a free CookieSentry scan on your live pages, catch early-firing cookies, and export evidence your privacy team or agency can act on — no signup required.
Run a free scan →Comparison last reviewed 2026-06-14. Cookie Script is a trademark of its respective owner; competitor details are described in good faith and may change over time.