In accordance with the general principles of privacy law, which do not permit the processing of data prior to consent, the cookie law does not allow the installation of cookies before obtaining the user’s consent, except for exempt categories. In practice, this means that scripts that recall banners or even scripts that handle live chat or a Facebook Like button can’t be executed before obtaining prior consent from the user.
The iubenda Cookie Solution includes all the necessary tools to facilitate compliance with the cookie law.
Some cookies are exempted from prior consent and therefore do not require compliance with the instructions contained in this guide. In particular:
*This exemption may not be applicable to all regions and is therefore subject to specific local regulations.
Some details regarding this may differ slightly from one EU Member State to another. This guide takes a comprehensive look at requirements, however, we still suggest that you inform yourself of the privacy authority guidelines applicable to you.
Our cookie management solution offers various tools for the prior blocking of codes that may install cookies.
First of all, you’ll need to make sure that the prior blocking/consent feature is enabled (it is by default). The Cookie Solution dashboard provides two prior blocking/consent checkboxes:
Both have the same effects on prior blocking, billing and analytics, however:
"priorConsent":false. This is useful for testing purposes, or if, for example, you’re working on your site/app locally and don’t want to affect your cookie solution analytics or to have your pageviews counted.
For the methods described below to work, both the options have to be enabled (therefore, both checkboxes must be selected).
Our Cookie Solution plugins for WordPress, Magento, Joomla! and PrestaShop allow you to automate the blocking of scripts drastically reducing the necessity for direct interventions in the site’s code.
The plugin simplifies the blocking of scripts in several ways:
Once installed and set-up, the plugin automatically recognizes and blocks scripts prior to consent.
For platform-specific details, please choose from the dedicated guides listed below:
Drupal users, please see the section on prior-blocking via the PHP class below.
This method has the advantage of being quite fast but with the limit of working only for scripts that don’t require a specific position. Google Tag Manager is therefore not effective for all scripts that display a specific element in a specific position of the page (such as the Facebook Like button).
For more information read the How to Use Google Tag Manager to Simplify the Blocking of Cookies guide.
Google Adsense is different in that it can be blocked through Google Ad Manager (previously DFP – DoubleClick for Publishers). In this case, it is also a kind of manual tagging – like the one described below – but with the difference of the use of Google Ad Manager.
The method in question is therefore only valid for Google Adsense, the complete guide is available here.
With this feature enabled, the Cookie Solution automatically blocks the scripts of advertisers that are a part of the IAB Vendor List (provided that the individual advertisers adhere to the standards of the network), prior to receiving user consent.
This means that you can avoid having to manually set-up the prior blocking mechanism for the particular third parties that are a part of the IAB Vendor List.
If you’re running other scripts related to third-parties that are not included on the IAB Vendor List, you’ll still need to set up prior blocking for those scripts using another method.
Please consider that using this method means that you do not directly block the vendor scripts yourself, therefore, the success of this method depends heavily on the individual vendors’ adherence to regulation. For more hands-on control, please use one of the other methods described in this guide. You can find more information about blocking vendor scripts with the TCF here.
For more general information on the IAB Transperancy & Consent Framework and how to enable it, read the dedicated guide.
This method requires you to identify the scripts that are subjected to the requirement of prior consent. Once that’s done, the scripts must be manually modified so they can be recognized, stopped and then released by our software depending on what the user chooses.
Manual tagging is explained in detail in this guide. The guide explains the processes for manual blocking, together with many practical examples (i.e. how to set up the blocks for a Facebook Like Button, Google Analytics, Adsense and so on).
You can also use the iubenda PHP class for parsing/replacing scripts that generate cookies. This is the class on which our WordPress and Joomla! plugins are based and you can use it to build your own plugin independently for a platform other than those for which we have already developed a dedicated solution.
If you’d like to use the same logic of our WordPress or Joomla! plugin on other systems, you can refer to the guide for our PHP class.
The fastest way to preventively block the scripts that require prior consent is to install a module on your own server that we have developed for Apache, IIS and NGNIX. After the initial configuration, the module will autonomously block all the resources that are subject to prior consent, on all sites on that server that are using the Cookie Solution.
The webserver module is available upon request for plans above 2M pageviews/month. For further information please write to firstname.lastname@example.org
To help advertisers manage cookies for analytics and advertising purposes, Google has introduced Consent Mode, a feature that allows you to avoid prior blocking for Google Analytics and Google Ads (including Google Ads Conversion Tracking and Remarketing).