Research: 67% of Dutch Restaurant Websites Have No Cookie Banner

We scanned 499 restaurant websites across 20 Dutch cities for GDPR compliance, cookies, accessibility, and security. The results are clear: most hospitality websites do not meet the basic rules.

The Numbers

Of the 499 scanned restaurants:

• 67.5% have no cookie banner: no notification, no choice, nothing
• 58.9% load Google Analytics before the visitor gives consent
• 69.5% load Google Fonts externally, sending IP addresses to Google
• 55.9% have no findable privacy policy
• 84% show no KVK number on their website (not even on contact or impressum pages)
• 45.9% embed Google Maps without consent
• 75.8% have images without alt text

Of the restaurants that do have a cookie banner, more than half (51.2%) have no working reject button. Only 15.8% of all scanned restaurants have a banner with an equivalent reject option.

Why This Matters Now

The Dutch DPA (AP) warned more than 200 websites in 2025 about their cookie banners and has an annual budget of €500,000 for cookie enforcement. The first fines have been issued: Kruidvat (€50,000 after appeal) and Coolblue (€40,000). The AP does not differentiate by business size.

Since June 2025, the European Accessibility Act (Directive 2019/882) is also in force, with the ACM as enforcement authority. The 75.8% of restaurants with missing alt text on images have a concrete issue to address.

What This Means for Restaurant Owners

Most problems can be fixed in an afternoon: KVK number in the footer, Google Fonts self-hosted, a cookie banner with a reject button, and a privacy policy.

Read the full research with all figures, sources, and background: We scanned 499 Dutch restaurant websites: here's what we found.

Want to know how your website scores? Scan free in 60 seconds.