GDPR/CCPA + Cookie Management

By default, the app is set to show in the following countries: EEA/EU counties + Brazil and California. You need to make sure you have enabled it for the countries where your business is operating and such requirement is enforced by law. First step after enabling the Cookie Consent Bar is making sure to enable it for the specific region you are interested in being compliant for, i.e. GDPR (Europe, EEA, and Brazil), CCPA (California), or both GDPR + CCPA. You can do that from here:

Make sure that your Privacy Policy page is up to date. You should manually update your Privacy Policy and Terms & Conditions texts to be compliant with all requirements. If you do not have a Privacy Policy/Terms & Conditions page yet, please follow these instructions - Shopify guide on setting store policies  Depending on which law you want to be compliant with, you will need to describe these transparency requirements as per this FAQ question 29. What are the transparency requirements for GDPR and CCPA? in our FAQ page.

You are able to choose which of the cookies to be selected/active in the Preferences popup when a customer lands on your store. Depending on how you want your cookies to be configured in the Preferences popup, we would advise you to check the following FAQ question for more instructions - 26. How can I set the cookie bar to block marketing & analytics cookies by default?
*Note that if your business is operating in Germany, you would need to setup an Accept All button on the cookie consent bar. For information on how to apply this configuration, please check FAQ question 53. How can I have an Accept All button added to the Cookie Consent Bar? in the app FAQ.

4.Special attention to the blocking of Google Analytics and Facebook Pixel

If you want to further block Google Tag Manager, Google Analytics, Facebook Pixel and implement Facebook Flag for Limited Data Use, please check question numbers: 17, 18, 19, 20 and 21 from our FAQ  

• 17. How to enable better Google Tag Manager blocking?
• 18. How to enable better Google Analytics blocking?
• 19. How to enable better Google Analytics 4 blocking?
• 20. How to enable better Google Ads blocking?
• 21. How to enable better Facebook Pixel blocking?
• 22. How to implement the Facebook Flag for Limited Data Use (LDU)?

5.Check the configuration of the GDPR/CCPA Compliance pages on your store

Make sure to add the GDPR/CCPA Compliance pages as a link to your footer. This way your website visitors will be able to easily navigate to them and request all kinds of different information for their account data (account edit, data report, deletion request etc). For this, please check questions 12 and 13 from our FAQ.

• 12. Where is my GDPR page, and how can I access it?
• 13. How can I add the GDPR page to my store front?
• 91. How can I add a CCPA Do Not Sell Rule link to the store footer?

Once this is done, you can test the GDPR/CCPA requests yourself. 

According to the GDPR law, consent shall be as easy to withdraw as to give. That is why we advise on adding a link or a button to a page of your choosing, that will trigger the preferences popup again. This way, your website visitors will be able to change their preferences. We would also advise adding this to your store’s Privacy Policy page. More on how you can do that you will be able to find in question 11 in our FAQ:

• 11. Is there a way to show the preferences popup after a visitor has already accepted the cookies?