The European Union General Data Protection Regulation (GDPR) went into effect on May 25 2018. One of the purposes of the regulation is to implement consistent restrictions on the processing of users' personal data and thus affect the websites' tracking of users. This applies to all companies that collect and process personal data in Europe. Personal data can be collected in several ways. Today many companies collect personal information by using cookies on their websites. Each time a user visits a website, the user is usually met by a cookie banner that informs the use of cookies on the website.The aim of this study was to examine to what extent the most visited swedish websites comply with the GDPR regulation on the use of cookies. The study was conducted with manual analysis that is by navigating to the websites and examining the use of cookies according to the GDPR regulation. The most visited 111 Swedish websites were selected with the help of the software Alexa. The result of the study showed that most websites try to comply with the GDPR regulation to a certain extent by, for example displaying a cookie banner and privacy notices. However, it has been discovered that the majority of the websites surveyed do not fully comply with the GDPR regulation when it comes to the use of cookies. It has been discovered that the majority of the sites do not offer an easy way to reject cookies and withdraw consent. It has also been discovered that many websites collect data before the user's consent. Only a minor of the websites implemented cookies according to the regulation. The results of this study illustrate compliance with GDPR and a solution recommendation has been drawn up on the basis of GDPR articles that can help the websites reach compliance with the regulation.