TermsBox
PricingBlog
LoginGet Started
PricingBlogLogin
Get Started
  1. Home
  2. Blog
  3. Google Consent Mode: Setup Guide and Best Practices
Cookie Policy

Google Consent Mode: Setup Guide and Best Practices

Learn how Google Consent Mode works, why it matters for GDPR compliance, and how to implement it correctly on your website.

TermsBox Team|April 3, 202613 min read

Google Consent Mode is a framework developed by Google that controls how Google tags behave based on a visitor's cookie consent choices. If your website uses Google Analytics, Google Ads, or any other Google marketing tool, understanding Google Consent Mode is essential for maintaining both compliance and marketing performance in regions with strict privacy laws.

This guide covers what Consent Mode does, how basic and advanced implementations differ, how to set it up correctly, and what it means for your data. This content is for educational purposes only and does not constitute legal advice. Consult a qualified attorney for guidance specific to your situation.

What Is Google Consent Mode

Google Consent Mode is an API built into Google's gtag.js and Google Tag Manager libraries. It lets you communicate a visitor's consent status to all Google tags on your page through two primary consent signals:

  • analytics_storage: Controls whether Google Analytics can set cookies for measuring visitor behavior
  • ad_storage: Controls whether Google Ads can set cookies for conversion tracking and remarketing
  • ad_user_data: Controls whether user data can be sent to Google for advertising purposes
  • ad_personalization: Controls whether personalized advertising is enabled for the visitor
  • functionality_storage: Controls cookies related to website functionality such as language preferences
  • personalization_storage: Controls cookies used for personalization like video recommendations
  • security_storage: Controls cookies used for security purposes such as authentication

When a visitor grants consent, these parameters are set to "granted" and Google tags operate normally with full cookie access. When consent is denied, Google tags enter a restricted mode. They do not set non-essential cookies, do not read existing advertising cookies, and limit data collection to privacy-safe, cookieless pings.

The key distinction is that Consent Mode does not simply block or allow scripts. It modifies Google tag behavior at a granular level so that some level of measurement remains possible even without cookies.

Why Google Consent Mode Matters for Compliance

The legal foundation for cookie consent in Europe rests on two laws: the ePrivacy Directive (Article 5(3)) and the GDPR (Articles 4(11) and 7). Together, they require that websites obtain explicit, informed, freely given consent before placing non-essential cookies on a visitor's device.

Google recognized that strict cookie consent enforcement was creating a data gap. When visitors decline cookies, websites lose all measurement data from those users. In some European markets, consent rates hover around 50 to 70%, meaning advertisers were losing visibility into a significant share of their traffic.

Google Consent Mode addresses this by:

  1. Ensuring Google tags respect consent choices, satisfying the legal requirement to honor a refusal
  2. Sending cookieless, privacy-safe pings when consent is denied, giving Google enough signal to model conversions statistically
  3. Providing a standardized way for Consent Management Platforms to communicate with Google tags

Beyond compliance, Google now enforces its EU User Consent Policy for all advertisers targeting users in the European Economic Area, UK, and Switzerland. As of March 2024, advertisers who do not implement Consent Mode lose access to remarketing audiences and see degraded conversion measurement. This makes consent mode Google integration a practical business requirement, not just a legal one.

Basic vs. Advanced Consent Mode

Google offers two implementation approaches, and the choice between them affects both your compliance posture and your data quality.

Basic Consent Mode

With basic implementation, Google tags do not load at all until a visitor grants consent. If a visitor declines cookies, no Google scripts execute and no data of any kind is sent to Google.

This is the most conservative approach from a privacy standpoint:

  • No tags fire before consent
  • No data leaves the browser without explicit permission
  • Zero measurement data from visitors who decline
  • Simplest to audit and explain to regulators

The downside is significant data loss. If 40% of your visitors decline cookies, you have zero data on 40% of your traffic.

Advanced Consent Mode

With advanced implementation, Google tags load immediately in a restricted, cookieless state. Before consent is granted, the tags send minimal pings to Google that contain:

  • Timestamp of the page view
  • User agent string
  • Referrer URL
  • Aggregate page information
  • No cookie identifiers, no cross-site tracking, no personally identifiable information

These pings allow Google to use machine learning to model the likely conversions and analytics events that would have occurred among non-consenting users. Google reports these as "modeled conversions" in your Google Ads and Analytics dashboards.

Advanced mode provides:

  • Better data coverage across consenting and non-consenting visitors
  • Conversion modeling that recovers an estimated 50 to 70% of otherwise lost conversion data
  • Maintained remarketing audience signals
  • More accurate campaign optimization

The trade-off is that some data transmission occurs before consent. Google states these pings are privacy-safe and do not contain personal data, but your cookie policy should disclose this behavior transparently.

How to Implement Google Consent Mode

Implementation requires two components working together: a Consent Management Platform (CMP) that collects visitor consent, and the Consent Mode API configuration that translates those consent signals to Google tags.

Step 1: Set default consent state

Before any Google tags load, you must define the default consent state. For visitors in regions requiring consent, all non-essential categories should default to "denied":

gtag('consent', 'default', {
  'analytics_storage': 'denied',
  'ad_storage': 'denied',
  'ad_user_data': 'denied',
  'ad_personalization': 'denied',
  'functionality_storage': 'denied',
  'personalization_storage': 'denied',
  'security_storage': 'granted',
  'wait_for_update': 500,
  'region': ['EU', 'GB', 'CH']
});

The wait_for_update parameter tells Google tags to wait up to 500 milliseconds for a CMP to provide the actual consent state. The region parameter applies these defaults only to visitors from specified regions, allowing full tag functionality for visitors in jurisdictions without cookie consent requirements.

Step 2: Integrate your CMP

Your cookie consent banner must call the gtag('consent', 'update', {...}) function when a visitor makes a choice. When consent is granted:

gtag('consent', 'update', {
  'analytics_storage': 'granted',
  'ad_storage': 'granted',
  'ad_user_data': 'granted',
  'ad_personalization': 'granted'
});

When consent is denied, the default "denied" state remains in effect and no update call is needed. If your CMP supports granular choices (accepting analytics but declining advertising), the update should reflect the specific categories the visitor approved.

Step 3: Verify the implementation

After setup, verify that Consent Mode is working correctly:

  • Open Chrome DevTools and check the Network tab for requests to Google domains
  • Before consenting, you should see limited pings with gcs=G1 parameters (consent denied)
  • After consenting, normal Google Analytics and Ads requests should appear with gcs=G1 parameters updated
  • Use the Google Tag Assistant browser extension to confirm consent state is being read correctly
  • Check Google Analytics Real-Time reports to verify data is flowing after consent

Step 4: Configure Google Tag Manager (alternative approach)

If you use Google Tag Manager instead of direct gtag.js implementation, Consent Mode integrates through the built-in consent overview:

  1. Navigate to Admin, then Container Settings, then enable Consent Overview
  2. Set built-in consent checks for each tag (Analytics tags check analytics_storage, Ads tags check ad_storage and ad_user_data)
  3. Configure your CMP tag to fire on All Pages with the highest priority
  4. Set consent defaults in the CMP tag or through a custom HTML tag that fires first

GTM's consent overview provides a visual dashboard showing which tags require which consent signals, making auditing straightforward.

Google Consent Mode and Cookie Policies

Implementing consent mode Google tags correctly is only half of the compliance picture. Your cookie policy must accurately describe how your website handles consent and what happens when visitors decline cookies.

If you use advanced Consent Mode, your cookie policy should disclose:

  • That Google tags load in a restricted mode before consent is granted
  • That minimal, cookieless pings are sent to Google for measurement modeling
  • What data these pings contain and what they do not contain
  • That no cookies are set and no personal data is collected without consent
  • How visitors can change their consent preferences at any time

A comprehensive cookie policy should list every cookie your site uses, its purpose, its duration, and whether it requires consent. This transparency is not just best practice. Article 13 of the GDPR requires clear information about data processing, and Recital 32 specifies that consent must be informed.

Cookie Policy Generator

Create a cookie policy for GDPR compliance. Create yours in minutes with TermsBox.

Generate Now

Failing to update your cookie policy after implementing Consent Mode creates a gap between what your site does and what you disclose. Regulators in France (CNIL), Italy (Garante), and other EU member states have specifically cited insufficient cookie policy disclosures in enforcement actions.

Common Google Consent Mode Mistakes

Even with proper implementation, several mistakes can undermine your consent mode setup or create compliance risks.

Loading tags before setting defaults

If Google tags load before the gtag('consent', 'default', {...}) call executes, they will operate in full mode for a brief period before consent defaults apply. This can result in cookies being set before the visitor has a chance to choose, violating the prior consent requirement under Article 5(3) of the ePrivacy Directive.

The default consent configuration must be the very first gtag call on the page, placed in the <head> before any other Google script.

Ignoring ad_user_data and ad_personalization

Google added ad_user_data and ad_personalization as required consent signals in 2024 to comply with the EU Digital Markets Act. Implementations that only set analytics_storage and ad_storage are incomplete. Missing these signals can result in Google rejecting conversion data and disabling remarketing audiences.

Not testing across regions

Consent Mode supports region-specific defaults. If you set defaults only for EU countries but have visitors from Brazil (LGPD), California (CCPA), or other jurisdictions with privacy laws, you may be non-compliant in those regions. Review your privacy policy to ensure it covers all jurisdictions where you have visitors.

Treating Consent Mode as a complete solution

Consent Mode only governs Google tags. If your website also uses Meta Pixel, LinkedIn Insight Tag, HubSpot tracking, or other third-party scripts, those tools need their own consent integration. A proper CMP must control all non-essential scripts, not just Google ones.

Google Consent Mode v2: What Changed

Google Consent Mode v2, rolled out in late 2023 and enforced from March 2024, introduced two critical changes.

First, it added the ad_user_data and ad_personalization parameters. These were introduced to comply with the Digital Markets Act (DMA), which designates Google as a "gatekeeper" platform subject to stricter data sharing rules. Under the DMA, Google must obtain verifiable consent before using personal data for advertising, and these new parameters provide that signal.

Second, Google began enforcing Consent Mode for EEA, UK, and Swiss traffic. Advertisers who did not implement Consent Mode v2 by March 2024 experienced:

  • Loss of remarketing audience creation for EEA users
  • Degraded conversion measurement accuracy
  • Reduced Smart Bidding performance due to missing conversion signals
  • Warnings in Google Ads and Analytics dashboards

The practical impact is that consent mode Google implementation is no longer optional for any business running Google Ads in European markets. The combination of legal requirements (GDPR, ePrivacy) and platform requirements (Google EU User Consent Policy) makes it a baseline necessity.

Choosing a CMP for Google Consent Mode

Not every cookie consent banner integrates cleanly with Google Consent Mode. Google maintains a list of certified CMP partners through its Consent Management Platform program, and using a certified CMP simplifies implementation significantly.

When evaluating a CMP for Consent Mode compatibility, consider:

  • Native Consent Mode integration: The CMP should automatically call gtag('consent', 'update', {...}) when visitors make choices, without custom code
  • Granular consent categories: Support for separate analytics, advertising, functionality, and personalization categories that map directly to Consent Mode signals
  • TCF 2.2 support: If you work with programmatic advertising, Transparency and Consent Framework support ensures compatibility with the broader ad tech ecosystem
  • Geo-targeting: Ability to show consent banners only in jurisdictions that require them, reducing friction for visitors in non-regulated regions
  • Consent logging: Storage of consent records with timestamps and details, satisfying the GDPR's requirement under Article 7(1) that controllers demonstrate consent was obtained

TermsBox provides a cookie consent banner that integrates with Google Consent Mode and automatically detects cookies through its website compliance scanner, making it straightforward to maintain an accurate cookie inventory alongside your consent implementation.

Measuring the Impact of Consent Mode

After implementing Google Consent Mode, you should monitor several metrics to understand its effect on your data quality and marketing performance.

In Google Analytics 4, check the "Reporting identity" settings under Admin. GA4 uses blended reporting that combines observed data (from consenting users) with modeled data (from non-consenting users). You can see the percentage of modeled data in most reports by hovering over the data quality icon.

In Google Ads, review conversion columns for the "Modeled" label. Modeled conversions appear alongside observed conversions and are used by Smart Bidding for optimization. Compare your conversion volume before and after Consent Mode implementation to gauge recovery.

Key metrics to track:

  • Consent rate: Percentage of visitors who accept cookies (benchmark: 50 to 80% depending on region and banner design)
  • Data coverage: Percentage of sessions with full analytics data versus modeled data
  • Conversion recovery: Comparison of reported conversions before and after advanced Consent Mode
  • Campaign performance: Check whether Smart Bidding performance stabilizes after modeled conversions are included

If you use basic Consent Mode and see significant data loss, consider switching to advanced mode to recover modeled conversions. The trade-off between stricter privacy posture and better data is a business decision that should be informed by your legal counsel and your tolerance for the minimal data transmission that advanced mode involves.

Frequently Asked Questions

What is Google Consent Mode?

Google Consent Mode is a feature built into Google tags that adjusts how Google Analytics, Google Ads, and other Google services behave based on a visitor's cookie consent status. When a visitor declines cookies, Consent Mode prevents Google from setting non-essential cookies while still allowing privacy-safe, cookieless pings that support conversion modeling and basic analytics.

Is Google Consent Mode required by law?

Google Consent Mode itself is not required by any specific law. However, the GDPR and ePrivacy Directive require websites to obtain consent before setting non-essential cookies, and Google requires advertisers in the EEA, UK, and Switzerland to use Consent Mode as part of its EU User Consent Policy. Failure to implement it can result in lost conversion data and restricted Google Ads features.

What is the difference between basic and advanced Consent Mode?

Basic Consent Mode blocks all Google tags from loading until a visitor grants consent, meaning no data is collected from users who decline. Advanced Consent Mode allows Google tags to load in a restricted, cookieless state before consent, sending privacy-safe pings that Google uses for conversion modeling. Advanced mode provides better data coverage but requires clear disclosure in your cookie policy.

Does Google Consent Mode replace a cookie consent banner?

No. Google Consent Mode does not replace a Consent Management Platform or cookie banner. It is a technical integration that sits between your consent banner and Google tags. You still need a compliant cookie consent banner that collects valid consent under the GDPR or other applicable laws. Consent Mode reads the consent signals from your CMP and adjusts tag behavior accordingly.

Related Tools

Cookie Policy Generator

Create a cookie policy for GDPR compliance

Related Articles

Cookie Policy

CMP Cookie Guide: What It Is and Why You Need One

Learn what a CMP cookie is, how consent management platforms work, and how to implement cookie CMP compliance for GDPR and ePrivacy.

April 4, 202610 min read
Cookie Policy

Cookie Consent Banner: Complete Implementation Guide (2026)

Learn how to implement a cookie consent banner that meets GDPR, ePrivacy, and CCPA requirements. Covers design, script blocking, and compliance.

April 4, 202612 min read
Cookie Policy

Cookie Policy Banner: Setup Guide for Website Compliance

Learn how to set up a cookie policy banner that meets GDPR and ePrivacy requirements. Covers consent flows, design, and legal obligations.

April 4, 202610 min read

Ready to Create Your Legal Documents?

Generate professional privacy policies, terms of service, and more in minutes. Free to start, no credit card required.

View All Generators

On This Page

  • What Is Google Consent Mode
  • Why Google Consent Mode Matters for Compliance
  • Basic vs. Advanced Consent Mode
  • Basic Consent Mode
  • Advanced Consent Mode
  • How to Implement Google Consent Mode
  • Step 1: Set default consent state
  • Step 2: Integrate your CMP
  • Step 3: Verify the implementation
  • Step 4: Configure Google Tag Manager (alternative approach)
  • Google Consent Mode and Cookie Policies
  • Common Google Consent Mode Mistakes
  • Loading tags before setting defaults
  • Ignoring ad_user_data and ad_personalization
  • Not testing across regions
  • Treating Consent Mode as a complete solution
  • Google Consent Mode v2: What Changed
  • Choosing a CMP for Google Consent Mode
  • Measuring the Impact of Consent Mode
  • Frequently Asked Questions
TermsBox

Scan your website, auto-generate legal documents, add a consent banner, and stay compliant. One platform for everything.

Product

  • Cookie Scanner
  • Consent Banner
  • Cookie Policy Generator
  • Pricing

Generators

  • Privacy Policy Generator
  • Terms and Conditions Generator
  • EULA Generator
  • Disclaimer Generator
  • Return and Refund Policy Generator

Company

  • About
  • Contact
  • Privacy Policy
  • Terms of Service
  • Cookie Policy
GDPR
ePrivacy
CCPA
LGPD
Google Consent Mode v2
IAB TCF 2.2
© 2026 TermsBox. All rights reserved.