CSS and Next.js updates, web accessibility principles, dynamic font scaling and efficient typing for redux-thunk
15 minutes
Back to Blog
Frontend
How to customize the consent cookie banner to comply with GDPR, Google Consent Mode, and country-specific laws
Apr 26, 2025
15 minutes
Contents
1. Why Is Cookie Consent Necessary?
2. Types of Cookies
3. How Different Countries Handle Cookie Consent?
4. What Is Google Consent Mode?
5. How to Implement a Cookie Consent Banner?
6. How to Verify That Consent Settings Are Working?
7. How to Document the Cookies Your Site Uses?
8. Examples of Cookie Policies
2. Types of Cookies
3. How Different Countries Handle Cookie Consent?
4. What Is Google Consent Mode?
5. How to Implement a Cookie Consent Banner?
6. How to Verify That Consent Settings Are Working?
7. How to Document the Cookies Your Site Uses?
8. Examples of Cookie Policies
In today’s web, protecting user data is a fundamental part of responsible development. One of the key requirements is obtaining user consent for the use of cookies. Failing to meet these standards can result not only in heavy fines but also in a serious loss of user trust.
Hey, I’m Yana from the dev.family team. In this article, I’ll walk you through:
- Why cookie consent matters
- The different types of cookies
- What Google Consent Mode is all about
- How to implement a consent banner
- How to manage cookies based on user preferences
- How to verify that your consent settings are working
And I’ll also share some real-world examples of cookie policies.
Why Is Cookie Consent Necessary?
Cookie consent is essential to comply with data protection laws. The most stringent and clearly defined requirements come from the GDPR (General Data Protection Regulation) and the ePrivacy Directive in the European Union. However, similar regulations and best practices also apply in other countries, including the United States.
When Is Consent Required?
Collecting any non-essential cookiesnon-essential cookies – such as analytics or marketing cookies — requires prior, explicit, and granular user consent. In practice, that means:
- Consent must be obtained before activating the relevant cookies;
- Users must be able to reject or configure cookie categories before any cookies are set;
- Pre-checked boxes or interpreting silence as consent are not allowed;
- Each cookie category must include a clear explanation of its purpose;
- Users must have an easy way to withdraw consent at any time – via the footer, profile settings, or any other accessible interface.
✍ Even if your website is registered outside the EU, you’re still required to comply with GDPR and Google Consent Mode when working with EU users.
What Should Consent Buttons Look Like?
Under GDPR, user choices must be free and unambiguous. This should be reflected in your UI design:
- The “Accept” and “Reject” buttons must be equally visible. That means using the same or similar size, color, contrast, and placement for both;
- The "Cookies settings” button can look different – for example, smaller or in a different color – but it must still be clearly visible and easily accessible so users can manage granular consent.
These design requirements are based on official guidance from the European Data Protection Board (EDPB) and various national authorities. But even beyond the EU, this approach is widely considered a best practice when building privacy-compliant interfaces.
Types of Cookie Consent
When implementing cookie consent, there are several models you should be aware of:
- Explicit Consent – clearly expressed consent, typically via a button click or checkbox;
- Implied Consent – based on user behavior, such as continuing to browse the site. This model is not allowed for non-essential cookies under GDPR;
- Granular Consent – allows users to choose which categories of cookies they accept. For example, someone might allow analytics cookies but opt out of marketing cookies;
- Opt-in – requires users to actively give permission before any data is collected. This usually means checking a box or clicking an "Accept" button. Without this action, data collection must not begin.
- Opt-out – assumes consent by default, unless the user explicitly opts out. This model is used in the U.S. under CCPA/CPRA, although opt-in is still required for minors and sensitive data.
Types of Cookies
Cookies generally fall into several main categories:
How Different Countries Handle Cookie Consent
Let’s take a look at how cookie consent requirements vary across countries, starting with the European Union.
European Union (GDPR)
The EU has some of the most detailed and strict cookie consent requirements, as outlined in the GDPR and the ePrivacy Directive:
- Consent must be obtained before setting any non-essential cookies (e.g., analytics, marketing). In other words, explicit opt-in is required.
- Consent must be granular, allowing users to choose specific cookie categories;
- Users must be able to reject or configure cookies before they are activated;
- Each cookie category must have a clear explanation of its purpose;
- There must be a way to withdraw consent at any time via the footer, profile settings, or a similar method;
- Your cookie policy must include a detailed list of all cookies in use, with their purpose, storage duration, and whether third parties are involved.
USA (CCPA/CPRA)
Under CCPA and CPRA, cookie consent is primarily regulated through an opt-out model. Here's what you need to know:
- Opt-out is the default model.
- Opt-in is required for:
— Processing of sensitive personal information.
- Granular consent is recommended to increase transparency
- To stay compliant, it’s good practice to:
— Disclose what categories of data each cookie collects;
— Indicate whether data is shared with third parties.
What Is Google Consent Mode?
Google Consent Mode is a framework developed by Google to help websites and apps manage user consent for cookies and data sharing with Google services — such as Google Analytics and Google Ads.
It allows your Google tags to dynamically adjust their behavior based on the user's consent status.
Here’s a quick look at how it works:
1. Consent Status. Consent Mode lets you pass information to Google about whether a user has granted consent for analytics and advertising cookies.
2. Tag Behavior Adjustment.
2. Tag Behavior Adjustment.
Based on the user’s consent status, Google tags adjust their behavior accordingly:
- Consent granted: Tags operate normally, collecting full data.
- Consent denied or withdrawn: Tags switch to limited functionality. For example, Google Analytics may collect anonymized and aggregated data without using cookies for user identification. Google Ads may fall back to contextual ads instead of personalized ones.
3. Conversion Modeling. In Advanced Consent Mode, Google can use machine learning to model conversions based on anonymized, aggregated data even when the user hasn’t consented to advertising cookies.
Google tags – as well as third-party tags that collect user data – adjust their behavior based on the user’s consent status: granted or denied. These tags can include built-in consent checks for any of the following consent types:
✍ To ensure Consent Mode works properly, you need to configure your Google tags to respect consent status. For example, via Google Tag Manager. Some parameters may fall into more than one category. For instance, personalization_storage could be considered part of marketing or treated as a separate category — it all depends on your data policy and how your consent UI is structured.
Olga V.
Business Manager
Looking for a development team? Let's discuss your project during a consultation
How to Implement a Cookie Consent Banner
Let’s break down the key steps in the process.
Set Default Consent Settings for Consent Mode
Before you start using Google Tag Manager (GTM) on your site, you need to define default consent settings. This ensures that Google scripts don’t activate until the user has given permission.
To do this, you need to call:
gtag('consent', 'default', { ... });
This call must happen before any other gtag commands such as, gtag('config', ...) or gtag('event', ...).That way, no tags or cookies are triggered before the user gives consent.
Here’s an example of how to integrate Google Consent Mode with default settings:
<Script
id='gtm-script'
dangerouslySetInnerHTML={{
__html: `
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
// initializing default consent statuses
gtag('consent', 'default', {
'ad_storage': 'denied',
'ad_user_data': 'denied',
'ad_personalization': 'denied',
'analytics_storage': 'denied',
'personalization_storage': 'denied',
'functionality_storage': 'granted',
'security_storage': 'granted'
});
(function(w,d,s,l,i){
w[l]=w[l]||[];
w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});
var f=d.getElementsByTagName(s)[0], j=d.createElement(s), dl=l!='dataLayer'?'&l='+l:'';
j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;
f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer','${GTM_ID}');
`,
}}
/>
✍ Important. The values shown above are just an example. You’ll need to adapt them to match your actual data policy and the types of cookies your site uses. For instance, if your website doesn’t use advertising features, you can omit parameters like ad_storage and ad_personalization .
Where to add GTM in Next.js projects:
- Next.js 13+ (App Router): Insert the <Script> into app/layout.tsx, inside the tag <head>.
- Next.js 13+ or 12 (Pages Router): Use the file pages/_document.tsx, and add the <script dangerouslySetInnerHTML={...} /> inside the tag <Head>.
Core Elements of a Cookie Consent Banner:
- Informational message. Clearly explain that your site uses cookies and for what purposes.
- “Accept All” and “Reject All” buttons. Provide equal-weight options for accepting or rejecting non-essential cookies.
- “Settings” or “Learn More” buttons. Let users customize their preferences by cookie category (granular consent).
- Link to your cookie policy. Give users easy access to detailed information about the types of cookies you use, how long they’re stored, and whether data is shared with third parties.
Basic HTML Structure for a Cookie Banner
The example below implements a cookie consent banner with two display modes: a short notification and a detailed preference panel.
The banner toggles between these two modes based on the value of the showSettings variable:
- By default (showSettings – false) the user sees a brief message explaining the cookie policy, along with “Accept All Cookies,” “Reject All Cookies,” and a link to open the settings panel;
- In the settings mode (showSettings – true) users can manage their preferences across cookie categories:
— Analytics (user-manageable),
— Functional and Marketing (they are all available to check and verify). After choosing, they can save their preferences.
It also provides a link to the cookie policy and a message that clicking the button means you agree to the terms of processing.
CookieBanner.tsx
<div className={`${styles.banner} ${showBanner && styles.isVisible}`}>
<div className={styles.content}>
{!showSettings ? (
<>
<h3 className={styles.title}> We use cookie to make wesite more convinient 🍪</h3>
<p className={styles.message}>
We use cookies to improve the site and provide you with more relevant information.
You can customize your cookie settings or opt out of cookies. If you agree to {' '}
<a href='/policy/cookies' target='_blank' className={styles.link}>
cookie policy
</a>
, click “Accept All Cookies”. <br /> Do you want to change your cookie settings?{' '}
<button onClick={handleOpenSettings} className={styles.showSettings}>
Cookies settings
</button>
</p>
<div className={styles.actions}>
<button onClick={handleRejectAll} className={`${styles.btn} ${styles.secondary}`}>
Reject all cookies
</button>
<button onClick={handleAcceptAll} className={`${styles.btn} ${styles.primary}`}>
Accept all cookies
</button>
</div>
</>
) : (
<CookieSettings consent={consent} onChange={handleSettingsChange} onClose={handleCloseSettings} />
)}
</div>
</div>
CookieSettings.tsx
<>
<button onClick={onClose} className={styles.hideSettings}>
<svg
width="24"
height="24"
viewBox="0 0 24 24"
fill="none"
xmlns="http://www.w3.org/2000/svg"
>
<path
d="M8.5 16.5L4 12M4 12L8.5 7.5M4 12L20 12"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
<span>Back</span>
</button>
<h3 className={styles.title}>Settings for cookie</h3>
<div className={styles.category}>
<label className={styles.checkbox}>
<input type="checkbox" checked={consent.necessary} disabled />
<span>Strictly Nessesary cookies</span>
</label>
<p>
These cookies are necessary for the site to function properly and cannot be disabled. They provide authentication and basic site functionality. We do not use them for marketing purposes or to track your activity on other sites. You can set your browser to block them, but doing so may prevent the site from functioning properly.
</p>
</div>
<div className={styles.category}>
<label className={styles.checkbox}>
<input
type="checkbox"
checked={consent.analytics}
onChange={() => handleChange(CONSENT_TYPE.FUNCTIONAL)}
/>
<span>Functional cookies</span>
</label>
<p>
These cookies are used to remember your preferences and enhance your experience, for example, by remembering your language, region or display preferences. They make your interaction with the Site more convenient and personalized. Disabling these cookies may affect some site features and usability.
</p>
</div>
<div className={styles.category}>
<label className={styles.checkbox}>
<input
type="checkbox"
checked={consent.analytics}
onChange={() => handleChange(CONSENT_TYPE.ANALYTICS)}
/>
<span>Analytical cookies</span>
</label>
<p>
These cookies are used to analyze user preferences and help us improve the site. They allow us to better understand which sections and features are most popular and to personalize content recommendations. Disabling analytics cookies may affect the accuracy of our offers and recommendations.
</p>
</div>
<div className={styles.category}>
<label className={styles.checkbox}>
<input
type="checkbox"
checked={consent.marketing}
onChange={() => handleChange(CONSENT_TYPE.MARKETING)}
/>
<span>Marketing cookies</span>
</label>
<p>
These cookies are used to display personalized ads, analyze the effectiveness of marketing campaigns, and determine your interests based on your interactions with the site. They help us provide you with more relevant advertising and limit the number of times you see the same ads. Disabling marketing cookies may reduce the quality of the ads you see.
</p>
</div>
<button
onClick={handleSave}
className={`${styles.btn} ${styles.primary}`}
>
Save cookie settings
</button>
<p className={styles.notice}>
By clicking the "Save cookie setting" button, you agree to the processing of cookies in accordance with {" "}
<a href="/" target="_blank" className={styles.link}>
cookie policy.
</a>
</p>
</>
User consent processing
import { getCookie, setCookie } from 'cookies-next'
const [consent, setConsent] = useState<TConsent>({
necessary: true,
functional: false,
analytics: false,
marketing: false,
})
/**
* handleAcceptAll — the user clicks on "Accept all cookies".
* All consent categories (including analytics, advertising) are set.
*/
const handleAcceptAll = () => {
const newConsent = { necessary: true, analytics: true, marketing: true, functional: true }
setConsent(newConsent)
setCookie(CONSENT_TO_USE_COOKIES, JSON.stringify(newConsent), { maxAge: 365 })
updateGtmConsent('update', newConsent)
setShowBanner(false)
}
/**
* handleRejectAll — the user rejects all optional cookies.
* The rejection value is maintained, only mandatory cookies are enabled.
*/
const handleRejectAll = () => {
const newConsent = { necessary: true, analytics: false, marketing: false, functional: false }
setConsent(newConsent)
setCookie(CONSENT_TO_USE_COOKIES, JSON.stringify(newConsent), { maxAge: 365 })
updateGtmConsent('update', newConsent)
setShowBanner(false)
}
/**
* handleAccept — user saves individual settings (e.g. only selected analytics).
*/
const handleSettingsChange = (newConsent: TConsent) => {
setConsent(newConsent)
setCookie(CONSENT_TO_USE_COOKIES, JSON.stringify(newConsent), { maxAge: 365 })
updateGtmConsent('update', newConsent)
setShowSettings(false)
setShowBanner(false)
}
Updating Consent Settings with (updateGtmConsent)
The (updateGtmConsent) function is used to interact with Google Tag Manager (GTM) and update the user's consent status for different categories of cookies. This allows GTM to handle tag behavior properly based on the user's preferences.
const updateGtmConsent = (event: 'update' | 'default', consent: TConsent) => {
if (typeof window === 'undefined' || typeof window.gtag !== 'function') return
// Call gtag('consent', event, {...}) to send consent data to GTM.
window.gtag('consent', event, {
ad_storage: consent.marketing ? "granted" : "denied",
ad_user_data: consent.marketing ? "granted" : "denied",
ad_personalization: consent.marketing ? "granted" : "denied",
analytics_storage: consent.analytics ? "granted" : "denied",
personalization_storage: consent.functional ? "granted" : "denied",
//can also be attributed to consent.marketing
functionality_storage: consent.functional ? "granted" : "denied",
security_storage: consent.necessary ? "granted" : "denied",
// wait_for_update: 500 - This parameter specifies the time in milliseconds that the
// GTM will wait for the approval status to be updated before activating tags.
// This can be useful to prevent tags from being triggered,
// before the user makes a selection.
})
}
✍ Important: The settings shown in the examples above are templates meant to guide your Consent Mode implementation. You should adapt them to match the specific needs of your project, the legal requirements in your country, and the actual cookie categories your site uses. For example, if your site doesn’t serve ads, you can safely omit ad_storage and ad_personalization.
To avoid TypeScript errors when referencing window.dataLayer and window.gtag, you’ll need to extend the global Window object in your globals.d.ts file like this:
declare global { interface Window { dataLayer: Record<string, any>[] gtag: any }
}
export {}
Before displaying the cookie consent banner, it’s important to check whether the user has already given consent. This helps prevent showing the banner on every visit and improves the overall user experience.
useEffect(() => {
const cookieConsent = getCookie(CONSENT_TO_USE_COOKIES) as CookieValueTypes
// If consent has not been previously granted, display the banner.
if (!cookieConsent) {
setShowBanner(true)
} else {
//otherwise, the default settings are updated to those previously selected by the user.
const parsed = JSON.parse(cookieConsent)
setConsent(parsed)
updateGtmConsent('update', parsed)
}
}, [])
A complete example of the banner implementation can be found here
Examples of consent banners
Zara:
Facebook:
Olga V.
Business Manager
Tell us the goals of your project and we will be your trusted development partner
How to Verify That Consent Settings Are Working
Once Google Consent Mode and your cookie banner are set up, it’s important to confirm that consent states are being respected and that tags aren’t firing without user permission. Here are two reliable methods: using browser DevTools and the Google Tag Assistant extension.
Using Browser DevTools
Before consent is given:
- Open DevTools → Application → Storage → Cookies
- Make sure non-essential cookies (analytics, ads) are not set
- Go to the Network tab and filter requests to:
— googleadservices.com
- Confirm that either no requests are sent or only cookieless pings are triggered via Consent Mode
In Consent Mode, Google may send cookieless pings – requests that don’t contain cookies or personal data. This is GDPR-compliant and expected behavior before consent.
After consent is given:
- Click “Accept All” or “Save Settings” on your banner.
- Reload the page.
- Check that the appropriate cookies are now present.
- In the Network tab, confirm that requests to Google Analytics / Ads now include cookies.
Using Tag Assistant
Google Tag Assistant (a Chrome extension) lets you visually monitor how Consent Mode behaves in real time.
Steps:
- Install the Tag Assistant extension for Chrome.
- Open your site and activate Tag Assistant.
- Make sure Consent Mode is working – consent statuses should update as you interact with the banner. Visit https://tagassistant.google.com/ and check for Consent Default and Consent Update events.
Default State Before Consent:
- You’ll see that parameters like ad_storage, analytics_storage and others are set to Denied.
- This means no marketing or analytics tags will be activated until the user provides explicit consent.
Default Settings
State After Consent Is Given:
- Once the user interacts with the banner and gtag('consent', 'update', { ... }) is triggered, the consent status updates to Granted.
- This means Google Analytics, Ads, and other tags can now be activated and start working with cookies.
Update consent settings
How to Document the Cookies Your Site Uses
Your cookie policy should include a table listing all cookies used on your website. This helps users make informed choices and ensures compliance with GDPR and other international best practices.
It’s recommended to include the following details:
- Cookie name;
- Type (e.g., strictly necessary, functional, analytics, marketing);
- Purpose – what the cookie does;
- Storage duration – how long it stays on the user’s device;
- Third-party data sharing – e.g., if data is shared with Google, Meta, etc.
A complete list can be created manually or automatically using services such as Cookiebot, OneTrust, Osano, and other tools.
Examples of Cookie Policies
A cookie policy should align with the legal requirements of the region where your website operates. Beyond legal compliance, a well-written policy builds user trust by making your data practices transparent.
European Union (GDPR)
Under the GDPR, your cookie policy must comply with Articles 13 and 14 and should include:
- The data controller and the purposes of processing;
- A detailed list of cookies and the data they collect;
- Data recipients and retention periods;
- A summary of the user's rights (e.g., erasure, restriction, portability, withdrawal of consent);
- Information about the right to file a complaint with a supervisory authority.
USA (CCPA/CPRA)
The policy focuses on transparency and not selling data. It should specify:
- Categories of information collected and purposes of processing;
- Information about the transfer of data to third parties;
- A direct link to the “Do not sell or share my personal information” page (if applicable);
- Rights to restrict the use of sensitive information.
Key best practices:
- Clearly state the purposes for using cookies – e.g., security, functionality, analytics, advertising;
- Separate cookies by category, and explain what each one does and how long it’s stored;
- Inform users about their rights such as access, correction, and withdrawal of consent;
Localize the language and content of your policy to match the applicable regional laws.
✍ The examples below are intended to illustrate the typical structure of a cookie policy. They are not ready-to-use legal templates. Any production-ready version should be tailored to your actual use cases, local regulations, and product specifics – ideally with the help of a privacy specialist or legal advisor.
Example for the European Union (GDPR)
The policy should be fully transparent and meet the requirements of GDPR Articles 13 and 14. Pay special attention to clearly describing the data controller, processing purposes, user rights, and consent mechanisms.
#Сookie policy
**1. Introduction**
Our website, [website name], uses cookies and similar technologies to enhance user experience, analyze traffic, and personalize content. This policy explains how we use cookies and how you can manage your preferences.
**2. What Are Cookies?**
Cookies are small text files placed on your computer or mobile device when you visit websites. They are widely used to make websites work more efficiently and to provide information to website owners.
**3. Types of Cookies We Use**
We use the following categories of cookies:
* **Strictly Necessary Cookies:** These cookies are essential for the website to function and allow you to use its features, such as accessing secure areas. Without these cookies, some services you request may not be available.
* **Performance Cookies:** These cookies collect information about how visitors use our site — for example, which pages are visited most often and whether users receive error messages. These cookies help us improve the performance of the website. All information collected is aggregated and anonymous.
* **Functional Cookies:** These cookies allow the website to remember choices you’ve made (e.g., username, language, region) and provide enhanced, more personalized features. They may also store preferences such as text size, fonts, and other customizable parts of the site.
* **Targeting or Advertising Cookies:** These cookies track your activity across this and other websites to show you ads that are more relevant to your interests. They may also limit the number of times you see an ad and help measure the effectiveness of advertising campaigns.
**4. How We Obtain Your Consent**
We request your consent to use cookies, except for strictly necessary cookies which may be set without consent. You can manage your cookie preferences at any time using the cookie banner or your browser settings.
**5. How to Manage Cookies**
You can control or delete cookies as you wish. For more information, visit [link to a resource such as All About Cookies]. You can delete all existing cookies on your device and configure most browsers to prevent them from being set. However, doing so may require you to manually adjust settings each time you visit the site, and some services or features may not work properly.
**6. Third-Party Cookies**
We may use third-party cookies for various purposes, including analytics and advertising. These cookies are governed by the privacy policies of the respective third parties.
**7. Data Transfers**
[Specify whether data collected via cookies is transferred outside the European Economic Area (EEA), and if so, on what legal basis.]
**8. Your Rights**
Under the GDPR, you have the right to access, correct, delete, restrict the processing of, and transfer your personal data, as well as the right to object to processing. For more details on these rights and how to exercise them, please refer to our Privacy Policy.
**9. Changes to This Cookie Policy**
We may update this Cookie Policy from time to time to reflect changes in our practices or applicable laws. Any updates will be posted on this page with the date of the latest revision.
**10. Contact Information**
If you have any questions or concerns about our use of cookies, please contact us at:
[Organization Name]
[Address]
[Email Address]
[Phone Number]
Example for the United States (CCPA/CPRA)
The policy should emphasize the right to opt out of the sale of personal data, as well as the right to limit the use of sensitive information.
# Сookie notice
Our website [website name] uses cookies and other tracking technologies to collect information about you that may be considered personal information under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).
**What are cookies?**
Cookies are small text files that websites store on your device when you visit them. They are used to remember information about you and your activity online.
**How do we use cookies?**
We use cookies for the following purposes:
* **Essential сookie:** These cookies are necessary for our website to function and to enable you to use its core features.
* **Performance сookie:** These cookies collect information about how you use our website, such as which pages you visit and which links you click. This data helps us improve website performance.
* **Functional сookies:** These cookies allow our website to remember your preferences and provide a more personalized experience.
* **Advertising сookies:** These cookies are used to show you advertising that may be relevant to your interests, based on your online activity.
**Your right to opt out of the sale or sharing of personal information**
Under CCPA/CPRA, you have the right to opt out of the sale or sharing of your personal information with third parties. To exercise this right, please click the "Do not sell or share my personal information" link in the footer of our website.
**Right to limit the use of my sensitive personal information**
If we collect sensitive personal information (such as precise geolocation or health-related data), you have the right to limit its use. To exercise this right, please click the "Limit the Use of My Sensitive Personal Information" link in the footer of our website.
**Information on categories of personal information collected, purposes, and third-party sharing**
For more details on the categories of personal information we collect through cookies, the purposes of collection, and whether we share this information with third parties, please refer to our [link to Privacy Policy].
**Managing cookies in your browser**
You can manage your cookie settings through your browser. You may block or delete cookies, or set alerts when cookies are being stored. Please note that blocking or deleting certain cookies may affect the functionality of the website.
**Consent from minors
We do not knowingly collect personal information from individuals under the age of 16 without their consent (or parental/guardian consent for children under 13).
**Changes to this cookie notice**
We may update this Cookie Notice from time to time to reflect changes in our practices. Any updates will be posted on this page with the date of the latest revision.
**Contact information**
If you have any questions about our use of cookies or your rights under CCPA/CPRA, please contact us at [insert contact information].
When implementing cookie consent, it’s also important to keep the following requirements and conditions in mind:
- Default consent settings must be applied before any tags or scripts are loaded;
- User consent must be respected before activating non-essential cookies – ensure that marketing and analytics tags only fire after explicit permission is given;
- Correct default behavior — make sure no cookie categories (other than strictly necessary) are pre-selected in the settings;
- Balanced “Accept” and “Reject” buttons – the UI should offer a real choice, not push users toward consent. This is especially critical under GDPR;
- Granular consent support – users should be able to allow or deny specific categories, such as analytics or advertising;
- Consent must be revocable at any time – this is a legal standard in the EU and a good practice globally;
- Integration with Google Consent Mode – tags should behave dynamically based on the current consent status;
- Region-specific cookie policy – your policy should be legally accurate and tailored to local regulations;
- Consent banner testing – use tools like DevTools, Google Tag Assistant, or others to validate implementation.
Cookie consent isn’t just about regulatory compliance — it’s a way to show users that their choices matter. Privacy expectations are rising, and users are becoming more aware of how their data is handled. A well-implemented consent mechanism is part legal safeguard, part trust-building tool, and part UX feature.
✍ Important. It’s essential to strike a balance: between the business, which needs data to grow and optimize, and the user, who expects transparency, control, and respect for their privacy.
You may also like:
