Under GDPR, sites need your consent (or some other valid legal basis) before they can set the non-required cookies. They are not allowed to first set the cookies, and then let you opt out. Instead, they first need your opt-in, and then they can set the cookies. No banner, no opt-in.
There are sites that ignore this requirement – they set tracking cookies on the first visit, before you've even seen the dialog. Consent-O-Matic could potentially be better in those cases, assuming the "Reject All" button actually works. There are also sites where the "Reject" option is intentionally or unintentionally broken.
PS. One of my hobbies is to track sites in my country that set non-required cookies on first visit, and contact them asking to fix it. And escalate to the local DPA if they refuse or don't respond. I made a little script that checks a list of sites nightly: https://github.com/cuu508/tasting-party One reason for re-checking regularly is regressions – somebody fixes their site, then two months later the problem is back... Over a year, the list of problematic sites has shrunk from 300-400-something to ~100, so there's progress :-)
There are sites that ignore this requirement – they set tracking cookies on the first visit, before you've even seen the dialog. Consent-O-Matic could potentially be better in those cases, assuming the "Reject All" button actually works. There are also sites where the "Reject" option is intentionally or unintentionally broken.
PS. One of my hobbies is to track sites in my country that set non-required cookies on first visit, and contact them asking to fix it. And escalate to the local DPA if they refuse or don't respond. I made a little script that checks a list of sites nightly: https://github.com/cuu508/tasting-party One reason for re-checking regularly is regressions – somebody fixes their site, then two months later the problem is back... Over a year, the list of problematic sites has shrunk from 300-400-something to ~100, so there's progress :-)