Beginning January 16, 2024, publishers and developers using Google AdSense, Ad Manager, or AdMob will be required to use a Consent Management Platform (CMP) that has been certified by Google and has integrated with the IAB's Transparency and Consent Framework (TCF) when serving ads to users in the European Economic Area or the UK.
Under Google’s updated EU User Consent Policy, you must make certain disclosures to your users in the European Economic Area (EEA), the UK, and Switzerland and obtain their consent for the use of cookies or other local storage where legally required, and for the collection, sharing, and use of personal data for ads personalization. This policy reflects the requirements of the EU ePrivacy Directive and the General Data Protection Regulation (GDPR).
To support publishers in meeting their duties under this policy, Google offers the ad serving options described below for users in the EEA, the UK, and Switzerland. If you don’t make any changes as described below, the commonly used set of ad technology providers will continue to be used.
Get started
- Sign in to your AdSense account.
- Click Privacy & messaging European regulations Settings.
The European regulations settings page appears. Update the settings for the sections on this page as described below.
Select the type of ads you want to show
You can choose to serve non-personalized ads to all of your users in the EEA, the UK, and Switzerland using the “Non-personalized ads” setting below. However, if you want to give each of your users a choice between personalized and non-personalized ads, select “Personalized ads” and follow the instructions for serving non-personalized ads on a per-request basis.
Personalized ads
Google can continue to show personalized ads as well as non-personalized ads to your users in the EEA, the UK, and Switzerland. This is the setting that will be used unless you make a change on this page.
Personalized ads reach users based on their interests, demographics, and other criteria. Because ad technology providers may collect, receive, and use personal data from users in personalized ads, you must clearly identify all such ad technology providers when you obtain user consent for the collection, sharing, and use of personal data for ads personalization.
Non-personalized ads
Google will show all your users in the EEA, the UK, and Switzerland non-personalized ads only.
Non-personalized ads are targeted using contextual information rather than the past behavior of a user. Although these ads don’t use cookies for ads personalization, they do use cookies to allow for frequency capping, aggregated ad reporting, and to combat fraud and abuse. Consent is therefore required to use cookies for those purposes from users in countries to which the EU ePrivacy Directive’s cookie provisions apply. Google does not require you to obtain consent for using the browser’s Trust Token API to combat fraud and abuse.
Select ad technology providers (for personalized ads)
To help with compliance under Google’s updated EU User Consent Policy, you have the option to select your preferred ad technology providers (ATPs) from a list of companies that have provided us with information about their compliance with the GDPR — all of whom also have to comply with our data usage policy to ensure publisher data is protected.
If you select these ad technology providers (including Google and other bidders and vendors), they may use data about your users for the purposes of ads personalization and measurement.
- Choose a commonly used set of ad technology providers or create a custom set:
- Commonly used set of ad technology providers: This is the setting that will be used unless you make a change on this page.
- Custom set of ad technology providers: Select your preferred ad technology providers.
- Clearly identify the providers you select to your users, and obtain users' consent in line with Google's EU user consent policy.
You could do this by listing your chosen ad technology providers in a consent flow, or listing your chosen providers on a separate page of your site to which you direct your users from a consent flow. In either case, to comply with Google's EU user consent policy, you should link to the details provided by each provider that describes their activities.
Set up consent gathering
You can create your own consent dialog that displays a message on your site(s) asking your users in the EEA, the UK, and Switzerland for consent. Learn more about passing consent signals to AdSense.
Additional considerations
Privacy Sandbox API
Google is experimenting with new ways of supporting the delivery and measurement of digital advertising in ways that better protect people's privacy online via Chrome's Privacy Sandbox initiative. When accessing certain Sandbox APIs as part of the Privacy Sandbox Origin Trials (including Topics, Fledge, and the Attribution Reporting API) you may be using personal data for ads personalization and/or accessing local storage. The EU user consent policy requires you to obtain valid user consent for these actions in the same way as you rely on consent today for ads personalization and the use of non-essential local storage in the European Economic Area and the UK.