iubenda gives you the banner and the policy. CookieSentry proves what actually fires before consent.
iubenda is an Italian compliance suite, founded in Milan in 2011 and majority-owned by team.blue since 2022, that bundles lawyer-crafted legal documents (privacy and cookie policy generators, ROPA, terms) with a Google-certified Consent Management Platform supporting IAB TCF. It is delivered as a SaaS that you embed across sites and apps, and its pricing scales per site/app and by monthly page views, with a free tier capped at a low page-view allowance and overages billed per thousand views. For most teams its big draw is convenience: documents and a banner from one vendor, with a built-in site scanner that auto-suggests services and powers its prior-blocking. CookieSentry is not an alternative to that banner. It is the layer iubenda does not give you in writing: an independent, exportable audit that loads your live page like a real visitor and names every cookie and tracker firing before consent, plus GDPR documents mapped to the national rules that actually apply. The honest framing for this page is simple: a policy is not proof of what fires, and iubenda's scanner is wired to configure iubenda's own banner, not to hand you neutral evidence.
10 Jun 2021
Date the Italian Garante published its updated cookie guidelines, with enforcement effective from January 2022
Garante per la protezione dei dati personali
EUR 20M / 4%
Maximum GDPR fine (Art. 83) for unlawful tracking, the higher of the fixed cap or 4% of global annual turnover
GDPR Article 83
Art. 5(3)
ePrivacy Directive clause requiring prior informed consent before storing or reading non-essential cookies
ePrivacy Directive 2002/58/EC
0
Signups required to run a CookieSentry public pre-consent scan and get a shareable report
CookieSentry
iubenda's site scanner exists to populate its own cookie policy and feed its prior-blocking list. That is useful, but it is the vendor inspecting its own setup. CookieSentry loads your live URL as an unconsented visitor and records what genuinely fires before any consent action, naming the source of each cookie and tracker. The result is neutral evidence about your real page, not a configuration suggestion from the tool that also sells you the banner.
A policy and a banner describe what is supposed to happen. When the Garante or another EU authority asks what actually happened, you need a record. CookieSentry produces a shareable, indexable report and a downloadable PDF you can give to a privacy team, agency or lawyer, timestamped and showing exactly which trackers fired pre-consent. iubenda's strength is the live consent UI; CookieSentry's is the audit trail proving that UI does its job.
CookieSentry generates GDPR documents tied to the national rules that apply, not just a generic EU baseline: Germany's section 25 TDDDG, plus Poland, Denmark, Sweden and pan-EU ePrivacy. For an Italian-rooted setup that already follows the Garante's 2021 guidelines, that means documents and checks reflecting the specific overlay you operate under, alongside iubenda's banner rather than instead of it.
iubenda's core promise is documents plus a banner: lawyer-crafted privacy and cookie policies, a Google-certified CMP, and a scanner that auto-suggests the services to declare. That covers the part of compliance that is about telling users what you do and collecting their choice. What it does not, by design, produce is independent evidence of what your site actually does in the moment before a visitor clicks anything.
This gap matters because enforcement is about behaviour, not documentation. The Italian Garante's updated cookie guidelines, published in June 2021 and enforced from January 2022, restate the ePrivacy Art. 5(3) rule that non-essential cookies may only be set after informed consent. A perfectly drafted iubenda policy and a correctly installed banner can still sit on top of a page that drops analytics or marketing cookies before consent, because of a hardcoded tag, a plugin, or a third party the scanner did not perfectly match.
CookieSentry exists to close exactly that gap. It does not rewrite your policy or replace your banner; it tests the live page and tells you, by name, what fired before consent. Keep iubenda for the documents and the consent UI, and use CookieSentry to confirm the two are actually consistent with each other.
iubenda does include a capable site scanner and prior-blocking, and it would be unfair to suggest otherwise. The distinction is purpose and independence. iubenda's scanner is an input to iubenda's own configuration: it identifies services so the cookie policy and the auto-blocking list can be built. The output is a better-configured iubenda banner, which is exactly what it should be.
CookieSentry's scan has a different job. It is an outside check whose output is evidence about your site, decoupled from any banner you happen to run. That separation is the point: when you need to demonstrate compliance to a regulator, an acquirer's due-diligence team, or an agency client, a report from the vendor that configured the banner is weaker than an independent audit that simply observed the page. Running CookieSentry alongside iubenda gives you both the configured banner and the third-party proof that it holds.
The migration story here is not a swap. If iubenda's banner and TCF support are working for you, keep them; CookieSentry has no banner to put in their place and does not implement TCF. What you add is the audit-and-evidence layer plus national-overlay GDPR documents. Start with the free public scan, which needs no signup, to see what fires before consent on your most important pages.
If your team was leaning on iubenda mainly for its cookie scanning and audit reporting, that is the half CookieSentry can take over, with named pre-consent results, an exportable PDF, monitoring on paid tiers, and a public badge or landing page. iubenda continues to do what it does best, the consent UI and the document subscription, while CookieSentry provides the proof and the localized paperwork. Pricing is flat and predictable and does not climb with your page-view count, which is a different model from iubenda's per-site, per-page-view structure.
The storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information.
| Capability | CookieSentry | iubenda |
|---|---|---|
| Automatic pre-consent cookie scanningiubenda has a site scanner, but it is built to configure its own policy and blocking, not to deliver independent pre-consent evidence. | ||
| Free public scan (no signup)iubenda's scanner runs inside its product flow and account; CookieSentry's public scan needs no signup. | ||
| GDPR document generationBoth generate documents; iubenda's are lawyer-crafted and broad, CookieSentry's are mapped to national overlays. | ||
| Exportable audit evidence (PDF)iubenda reports configuration; CookieSentry exports a timestamped, shareable record of what fired before consent. | ||
| National-law overlaysiubenda covers EU/Italian baselines; CookieSentry maps to TDDDG, Poland, Denmark, Sweden and pan-EU ePrivacy. | ||
| Consent banner / CMPThis is iubenda's strength: a Google-certified CMP. CookieSentry does not provide a banner. | ||
| IAB TCF supportiubenda supports IAB TCF for programmatic ads; CookieSentry is an audit and documents tool, not a CMP. | ||
| Pricing modeliubenda scales by site/app and monthly page views with overage charges; CookieSentry does not scale by page count. | Flat, predictable | Per site/app + page views |
Italy's data protection authority published updated cookie guidelines on 10 June 2021, with full enforcement from January 2022. They reaffirm that non-essential cookies require prior informed consent, treat consent-by-scrolling and cookie walls as generally unlawful, and expect cookie banners and policies to reflect this. A policy that says the right thing does not show the page behaves accordingly.
iubenda's site scanner is an input that auto-suggests services and powers its prior-blocking, configuring iubenda's own banner. CookieSentry's scan is an output: independent, named evidence of what fires before consent on your live page, decoupled from whatever banner you run.
iubenda has been majority-owned by team.blue since 2022, part of a large European hosting and digital-services group. CookieSentry is an independent audit, evidence and documents tool, focused narrowly on proving pre-consent behaviour and generating GDPR documents for EU national overlays.
iubenda is the better choice when your main need is a consent banner and a complete set of legal documents from one vendor. Its Google-certified CMP with IAB TCF support is a genuine strength that CookieSentry does not offer and does not try to: if you run programmatic advertising through Google AdSense, Ad Manager or AdMob and need a TCF-compliant consent string passed to ad partners, you need a CMP like iubenda's, not an audit tool. Its lawyer-maintained policy generators, the breadth of its document catalogue, and the convenience of a single dashboard for banner, blocking and docs are real advantages, especially for teams that want one subscription to cover both the consent UI and the paperwork. CookieSentry deliberately does not compete on any of that. Where CookieSentry differs is what comes after you have a banner: independent verification that the banner and blocking are actually working, named pre-consent evidence you can hand to counsel, and documents mapped to specific national overlays.
iubenda's pricing scales per site or app and by monthly page views, with a low free allowance and overage charges billed per thousand extra views, so costs rise with traffic. CookieSentry uses flat, predictable pricing that does not climb with your page-view count. The two are not substitutes on price: you may keep paying iubenda for the banner and documents, and CookieSentry's flat fee covers the independent audit, evidence export and national-overlay documents on top.
You do not swap your consent script for CookieSentry, and you should not try to: CookieSentry has no banner and does not implement IAB TCF. Keep iubenda's CMP (or your own banner) running for the consent UI. Add CookieSentry as the layer that proves what fires before consent, with an exportable PDF and shareable report, and that generates GDPR documents mapped to national overlays. If you were using iubenda mainly for its cookie scanner and audit reporting, CookieSentry can take over that half while iubenda keeps the banner.
No. CookieSentry does not provide a consent banner and is not a CMP, so it cannot replace iubenda's banner or its IAB TCF support. Keep iubenda for the consent UI. CookieSentry adds an independent pre-consent audit, exportable evidence, and GDPR documents mapped to national overlays.
iubenda's scanner is built to configure its own policy and prior-blocking, so its output is a better iubenda setup. CookieSentry's scan is independent and produces neutral, named evidence of what fires before consent on your live page, which is what you hand to a regulator, auditor or counsel.
Yes. The Garante's 2021 guidelines require prior consent before non-essential cookies fire. CookieSentry tests your live page and shows, by name, anything firing before consent, giving you a timestamped record that your banner and policy are actually consistent with the page's behaviour.
Yes. You can run a free public scan with no signup and get a shareable report of what fires before consent on a given URL. Paid tiers add monitoring, the exportable PDF evidence, a public compliance badge and GDPR document generation, all at flat, predictable pricing that does not scale by page views.
Weighing more than one option? See how CookieSentry stacks up against the other consent tools on the market.
Run a free CookieSentry scan on your live pages, catch early-firing cookies, and export evidence your privacy team or agency can act on — no signup required.
Run a free scan →Comparison last reviewed 2026-06-14. iubenda is a trademark of its respective owner; competitor details are described in good faith and may change over time.