If you still wondering you need cookie consent to become GDPR compliant website the answer is BIG YES.
Cookies & GDPR are directly related to both. Under GDPR website owners should collect the personal data of individuals in a legal way. The best way is website should notify the proper usage of cookies to visitors and get consent from them to collect their data.
But how you could do this whole process? You could Cookie Consent Platforms to implement this.
Axeptio is the best solution to collect consent from website visitors. Get it just for $59/One-time payment at SaaS Mantra now.
No, but you may decide that is how you communicate your activities and responsibility.
I've worked on this problem professionally as a consultant for various organisations, the real questions are about how you are meeting the requirements and that you have obtained very granular time/purpose consent from data owners (the customer).
So think about;
Lastly, understanding that you are the data custodian, not the data owner. Meaning you are to treat any data 'linked' to an individual as sensitive data, not just email addresses, and things traditionally seen as 'sensitive'. You are the custodian of sensitive user owned data for any data fields that are linked to an individual in any way at all. So a primary key for a database row uniquely identifies the user, and every data field in that row is sensitive. If you create aggregate data, maybe how many logins, then have an ability to uniquely identify who that number of logins belongs to - it too is customer owned data because they are the subject of the data you generated about their activities you processed.
So once you have a grasp of the data, you need 'reasonable' consent to do all of the data processing. Reasonable means the data owner is aware of what you are capturing, why you are (what the benefit to them is), and when you will need to retain the data (infinite is not reasonable).
Then you may have consent, and it may be done via a cookie if you choose.