Skip to main content

Google Consent Mode v2

Google Consent Mode v2 is Google's way of receiving consent signals from a website's cookie banner. Google now requires it for advertisers in the European Economic Area (EEA) and recommends it everywhere else.

This page explains what it is and how One Privacy handles it for you (no engineering work needed).

Why it exists

Google Analytics, Google Ads, and other Google products need to know whether your visitors have agreed to analytics and advertising cookies. Without that signal, Google is conservative: tags don't fire, or fire only with limited data.

Consent Mode is the standard way to tell Google "this visitor accepted analytics" or "this visitor rejected ads," in real time, as the visitor makes their choice.

What it controls

Google Consent Mode uses a small set of signals. The most important ones:

SignalWhat it controls
ad_storageWhether ads cookies can be stored.
analytics_storageWhether analytics cookies can be stored.
ad_user_dataWhether ads can use the user's personal data.
ad_personalizationWhether ads can be personalized.
functionality_storageWhether functional cookies can be stored.
security_storageAlways granted (security cookies are necessary).

Each one is granted or denied based on what the visitor chose on the banner.

How One Privacy handles it

One Privacy emits the right Consent Mode signals automatically. You don't have to write any code.

On page load. Before the visitor has chosen anything, One Privacy sets all signals to denied (except security_storage). Google's tags wait briefly for an update before firing.

After the visitor chooses. One Privacy maps the visitor's category choices to the Consent Mode signals and sends a gtag('consent', 'update', ...) call. Google's tags pick up the new state and behave accordingly.

The mapping:

Visitor acceptsGoogle signals updated to granted
Functionalfunctionality_storage
Performanceanalytics_storage
Targetingad_storage, ad_user_data, ad_personalization

(Necessary cookies always map to security_storage: granted.)

What you should check

Your Google tags respect Consent Mode. In Google Tag Manager, every Google tag has a "Consent Settings" section. The default ("No additional consent required") is usually correct, because Google's tags read the Consent Mode state automatically.

Order of scripts. The One Privacy snippet should load before your Google tags so the default call fires first. See Getting your script.

Test it. Open Chrome DevTools, go to the Network tab, and reload your website. Verify that Google Analytics requests don't fire until the visitor accepts (or that they fire in "consentless" mode and switch behavior after consent).

For developers

If your developer wants to read the same signals from your own code, see the JavaScript API and Google Consent Mode (developer reference).

What's next

GDPR guide.

CCPA / CPRA guide.

Installing with Google Tag Manager.