Indeed that is very awkward: "European Union (“EU”) legislation requires all website operators to inform website visitors about their usage of cookies"

Later: "first-party and third-party cookies are used on: 1password.com (...)

Stating that you need consent and not asking for it is extremely weird.

AFAIK, certain classes of cookies do not require consent. For example, login cookies.

The legislation requires you to ask consent for non-essential (ie. tracking) cookies. So unless they put a tracking cookie on their site the behaviour is correct, and that text is simply incorrect.

That's my bad for not quoting further, the very next paragraph is:

> First-party cookies are set by 1Password. They help calculate things like page views and visitors to the website. Third-party cookies are set by 1Password affiliates for commission and advertising purposes.

https://1password.com/legal/cookies/

They make it clear that they know consent is required, that they absolutely fall into that category, and then don't ask.

They do use nonessential cookies - Google Analytics, affiliate tracking cookies and more: https://1password.com/legal/cookies/#cookies-we-use-on-our-w...

Not from 1Password, but refusing to comply with EU cookie legislation seems to be almost universal.

Is any company compliant?!

(I'm being facetious... my company is compliant or at least I think it is - not a lawyer... but it's very rare)