I think that most websites need cookies. I have a website with short stories. It lets you set font size and dark/bright theme, nothing special. Do I want to store your settings on server? No, why should I waste my resources? Just store it in your browser! Cookies are perfect for that. Do I know your settings? No, I don't, I don't care. I set a cookie, JS reads it and changes something on client. No tracking at all. Cookies are perfect for that. People just abuse them like everything else, that's the problem, not cookies.
And BTW because I don't care about your cookies, I don't need to bother you with cookie banner. It's that easy.
Also, if I would implement user management for whatever reason, I would NOT NEED to show the banner also. ONLY if I shared the info with third side. The rules are simple yet the ways people bend them are very creative.
A cookie is something that is sent to the server, by design - that's their whole point! So if the only part of your code that needs them lives on the client, cookies are the wrong mechanism for that - use localStorage instead.
You do not need cookies for either of these. CSS can follow browser preferences, and browsers can change font sizes with zoom.
I am not sure these cookies are covered by the regulations. No personal so not covered by GDPR. They might be covered by the ePrivacy directive (the "cookie law").
Unfortunately, because these types of preferences (font size, dark/light mode theme) are "non-essential", you are required to inform users about them using a cookie banner, per EU ePrivacy directive (the one that predates the GDPR). So if you don't use a cookie banner in this case, you are not in compliance.
That's not true. You can use those cookies, you just need to explain them somewhere on the site. No opt in required.
I talked with our then national information law official (funny fact, same person is currently president of our country), rule of thumb is if you're not using your users' personal data to pay for other people's services (e.g Google analytics) or putting actual personal data in them, you're generally fine without the banner.
Further, if you're a small shop or individual acting in good faith and somehow still violated the law, they will issue a warning first so you can fix the issue. Only the blatant violations by people who should've known better will get a fine instantly (that is the practice here, anyway, I assumed that was the agreement between EU information officers)
And BTW because I don't care about your cookies, I don't need to bother you with cookie banner. It's that easy.
Also, if I would implement user management for whatever reason, I would NOT NEED to show the banner also. ONLY if I shared the info with third side. The rules are simple yet the ways people bend them are very creative.