Home

News & Views

26 Mar 2025

Understanding Cookie Compliance

Jon Monk - Head of Optimisation & Performance

As event organisers we rely on website data to drive leads or registrations, optimise marketing campaigns, and engage your audience year-round. But with evolving privacy regulations and Google’s latest Consent Mode 2.0 update, ensuring cookie compliance on your website is no longer optional—it’s essential.

In this blog, we break down what cookie compliance means, why it matters for your event marketing, and how to stay ahead with the right tools.

What is Cookie Compliance?

Cookie compliance means ensuring that your event websites obtain, manage, and store user consent for cookies in line with privacy regulations.

Cookies are small data files stored on a user’s device, used for tracking, analytics, and personalisation.

Compliance means giving visitors clear choices about what cookies they accept and ensuring tracking respects their preferences.

Why is Cookie Compliance Important?

Cookie laws exist to protect user privacy by ensuring websites do not track individuals without consent. Various global regulations set out requirements:

GDPR (EU & UK) – Requires explicit consent for all non-essential cookies.
ePrivacy Directive (EU) – Covers how cookies are stored and accessed.
CCPA (California, USA) – Users must be able to opt-out of data selling and tracking.
LGPD (Brazil) – Similar to GDPR, requiring prior consent.
Other Countries – Many regions, including Australia, Canada, and Japan, have introduced cookie consent rules.

Ignoring these regulations can result in hefty fines and legal action.

What Is Google Consent Mode 2.0?

Google Consent Mode v2 is an update to Google’s framework for handling consent in compliance with privacy laws. It enables websites to communicate users’ consent choices to Google products like:

Google Analytics 4 (GA4)
Google Ads / Floodlight
Enhanced Conversions & remarketing tools

Consent Mode v2 introduces two new consent signals to enhance privacy controls:

ad_user_data – Controls if personal data (e.g. IP address) can be used for advertising.
ad_personalization – Controls whether data can be used to personalise ads (e.g. remarketing).

With Consent Mode v2, Google can adjust data collection behaviour based on user consent while still allowing aggregated, non-identifiable data to be collected for basic measurement if no consent is given.

Why Google Introduced Consent Mode 2.0

Consent Mode v2 was introduced to address increasing pressure from privacy regulators and provide:

A GDPR-compliant way to run Google Ads and Analytics
Greater transparency and granular user control
A reliable method to respect and enforce consent choices

Websites not using Consent Mode 2.0 will experience limited data visibility in Google tools, affecting marketing, analytics, and campaign performance.

Impact on Analytics & Ad Performance

Without proper cookie compliance and Consent Mode v2:

Google Analytics Data may be incomplete or missing.
Conversion tracking (e.g. from Google Ads) becomes unreliable.
Remarketing audiences shrink, limiting ad targeting.
Ad performance and ROI decline, as Google lacks the data to optimise campaigns.

The Risks of Not Being Compliant

Failure to comply has serious consequences:

1. Legal & Financial Risks

Fines & Legal Issues – GDPR fines can reach €20 million or 4% of global revenue.
User Trust & Reputation – Poor compliance damages credibility.

2. Impact on Analytics & PPC Performance

Loss of Data – Google Analytics will report lower traffic and conversions.
Reduced Ad Performance – Google Ads will have less data for targeting and higher ad costs due to inefficiencies.
Retargeting Limitations – Fewer users in remarketing lists means weaker ad campaigns.

Separate Cookie Compliance for Third-Party Registration Pages

Each domain that collects user data must have its own cookie compliance. If your registration form is hosted on a separate domain by a third-party provider, you need a separate cookie consent solution.

Some registration companies include cookie compliance, but others do not. Check with your registration provider to see if they offer a compliant cookie banner.

If they don’t, you cannot use the same cookie settings as your ASP website. For example, if you use CookieBot on your ASP site, you will need to buy an additional CookieBot licence for your registration pages to stay compliant.

Key Points to Remember:

Each domain must have its own cookie consent solution.
If your registration form is hosted on a separate domain, a separate consent solution is required.
Some registration providers offer cookie compliance, while others do not.
You must check with your provider to ensure compliance.
If your provider does not offer a solution, you will need to purchase an additional CookieBot licence or use another compliant tool.

The Simple Fix: Use a Compliant Cookie Banner

We recommend switching to a compliant solution like CookieBot*, which:

Meets GDPR, CCPA, LGPD, and other global regulations
Integrates with Google Consent Mode 2.0
Automatically updates based on user location and applicable laws

In Summary

Consent Mode 2.0 is now mandatory for full functionality in Google Ads and Analytics.
A basic cookie banner is no longer sufficient under GDPR and Google’s new requirements.
Each domain (main site, registration page, etc.) must have its own compliant solution.
Use tools like CookieBot to stay compliant and keep your data flowing.

* Disclaimer

It is the responsibility of the website owner to ensure compliance with cookie and privacy regulations based on the regions in which they operate, the visitors they receive, and the applicable laws of those jurisdictions.

ASP provides technical implementation support for clients, but ultimate compliance rests with the website owner.

Keen to find out more?

Chat to our Optimisation team to find out more or get some technical help with cookie compliance.