Three steps between trackers and compliance.
Most consent management platforms stop at the banner click. Consentpane blocks the scripts that fire before that click, serves jurisdiction-appropriate banners automatically, and writes every consent decision to an immutable audit log.
Every tracker blocked until the visitor decides.
The moment Consentpane's SDK loads, it wraps the browser's script execution context. Any script classified as non-essential — analytics, ad pixels, session recording — is queued but not initialised until consent is granted or explicitly denied.
This is not the same as delaying script load. Consentpane prevents scripts from initialising at all. No race condition where GA4 fires in the 200ms before the banner appears. No temporary device fingerprint. The legal record starts clean from first load.
- Works with GA4, Meta Pixel, HubSpot, Segment, Intercom, and any custom third-party script
- Zero configuration needed — the SDK infers vendor category from script URLs automatically
- Custom classification rules for non-standard scripts via the dashboard
| Script | Category | Status |
|---|---|---|
| Google Analytics (gtag.js) | Analytics | BLOCKED |
| Meta Pixel (fbevents.js) | Advertising | BLOCKED |
| HubSpot Tracking | Analytics | BLOCKED |
| Intercom Messenger | Support | BLOCKED |
| Segment (analytics.js) | Analytics | BLOCKED |
| Visitor clicked Accept All — scripts released | ||
| Google Analytics (gtag.js) | Analytics | ALLOWED |
| Meta Pixel (fbevents.js) | Advertising | ALLOWED |
| HubSpot Tracking | Analytics | ALLOWED |
Jurisdiction-aware banners. No per-market configuration.
Consentpane resolves the visitor's location at the IP level and serves the legally appropriate consent UI. EU/EEA visitors see a GDPR-compliant dialog with equal prominence Accept and Reject buttons — no dark patterns. California residents see a CCPA-style opt-out with a "Do Not Sell My Personal Information" link. Visitors from other regions get a lightweight notice-only banner.
You define your brand colors, logo, and copy once. The consent UI adapts to each regulatory context automatically. As state-level privacy laws expand — US states continue passing new frameworks — Consentpane's ruleset updates without any action on your side.
The record a DPA inquiry expects, written from day one.
Every consent decision is stored as a structured event: visitor identifier, IP region, decision type (accept / reject / partial / withdrawal), regulation applied, banner version shown, and ISO-8601 timestamp. The record exists from the first pageview — not assembled retroactively from server logs when an inquiry arrives. Export to CSV or query via the REST API at any time.
| Visitor ID | IP Region | Banner Ver. | Decision | Regulation | Timestamp | Session ID |
|---|---|---|---|---|---|---|
| #4821A | Frankfurt, DE | v2.4.1 | Accept | GDPR | s_8ab2… | |
| #7203G | Sacramento, CA | v2.4.1 | Reject | CCPA | s_3cf7… | |
| #3390D | Amsterdam, NL | v2.4.1 | Accept | GDPR | s_9da1… | |
| #8817B | Boston, MA | v2.4.1 | Accept | GDPR | s_2fe4… | |
| #5542C | Toronto, CA | v2.4.1 | Accept | GDPR | s_7bc3… | |
| #1129E | Austin, TX | v2.4.1 | Reject | GDPR | s_0ae9… | |
| #9901H | Paris, FR | v2.4.1 | Accept | GDPR | s_4dd5… | |
| #6630F | London, UK | v2.4.0 | Reject | GDPR | s_1ab8… | |
| #2245J | Chicago, IL | v2.4.0 | Accept | GDPR | s_6ec2… | |
| #7782K | Berlin, DE | v2.4.0 | Accept | GDPR | s_5ff0… |
Ready to close the pre-consent gap on your site?
14-day free trial. One script tag. Pre-consent blocking and audit logging active from the first load.
Start free trial