This article is for Google tag users who receive user data from end users in the European Economic Area (EEA) through websites, apps, or offline resources.
Overview: Consent mode parameters
| Consent Type |
Description |
| ad_storage |
Enables storage (such as cookies) related to advertising. |
| ad_user_data |
Sets consent for sending user data related to advertising to Google. |
| ad_personalization |
Sets consent for personalized advertising. |
| analytics_storage |
Enables storage (such as cookies) related to analytics e.g. visit duration. |
In addition to the consent mode parameters, there are the following privacy parameters:
| Storage Type |
Description |
| functionality_storage |
Enables storage that supports the functionality of the website or app e.g. language settings. |
| personalization_storage |
Enables storage related to personalization e.g. video recommendations |
| security_storage |
Enables storage related to security such as authentication functionality, fraud prevention, and other user protection. |
Tag behavior with consent mode
If all consent options are granted, tags behave as follows:
|
Web
|
Mobile apps
|
- Cookies pertaining to advertising may be read and written.
- IP addresses are collected.
- The full web page URL, including ad-click information in URL parameters (e.g., GCLID / DCLID) is collected.
- Third-party web cookies previously set on google.com and doubleclick.net, and first-party conversion cookies (e.g.,
_gcl_*) are accessible.
|
- Advertising identifiers (e.g., Advertising ID/IDFA) may be collected.
- The app-instance ID generated by the Google Analytics for Firebase SDK is collected.
|
When one or more forms of consent are not granted (not set or denied), there are additional behaviors to consider:
|
ad_personalization='denied'
|
|
Web & Mobile apps
|
|
Personalized advertising is disabled, the following features won't receive data:
- Remarketing in Google Ads, Display & Video 360, Search Ads 360
- Personalized advertising with Google's advertising products
|
|
ad_user_data='denied'
|
|
Web & Mobile apps
|
- Ad measurement and personalization for online advertising is disabled, including use cases supported by user_id and user-provided data (hashed, consented user data).
Note: Both ad_user_data and ad_personalization need to be granted to enable personalized advertising in Google advertising platforms.
- Click-ID keyed conversion data export to Ads platform is limited, for example, bidding optimization in Google Ads based on GA4 conversions, when ad_user_data=denied.
|
|
ad_storage='denied'
|
|
Web
|
Mobile apps
|
- No new cookies pertaining to advertising may be written.
- No existing first-party advertising cookies may be read.
- Requests are sent through a different domain to avoid previously set third-party cookies from being sent in request headers.
- Google Analytics will not read or write Google Ads cookies, and Google signals features will not accumulate data for this traffic.
- Full page URL is collected, may include ad-click information in URL parameters (e.g., GCLID / DCLID). Ad-click information will only be used to approximate accurate traffic measurement.
- IP addresses are used to derive IP country, but are never logged by our Google Ads and Floodlight systems and are immediately deleted upon collection.
|
- No Advertising ID/IDFA may be collected.
- Google Signals features will not accumulate data for this traffic.
- IP addresses are used to derive IP country, but are never logged by our Google Ads and Floodlight systems and are immediately deleted upon collection.
|
|
analytics_storage='denied'
|
|
Web
|
Mobile apps
|
- Will not read or write first-party analytics cookies.
- Cookieless pings will be sent to Google Analytics for future measurement. Google Analytics 4 will use cookieless pings for modeling.
|
- No IDFV may be collected.
- Events without device or user identifiers will be sent to Google Analytics for future measurement. Google Analytics 4 will use these events for modeling.
|
|
Web & Mobile apps
When analytics_storage='denied', cookieless pings are sent to Google Analytics. No Analytics cookies are set, accessed, or read from the device. Consequently, cookieless pings are anonymized and non-identifiable Google Analytics events.
Cookieless pings, as part of regular HTTP/browser communication, may include the following information: user agent, screen resolution, IP address. Note that Google Analytics 4 does not store or log IP addresses.
If an advertiser sets other fields, such as user_id and custom dimensions, they will be sent normally. The data collected in the cookieless ping is used for behavioral and conversion modeling, to fill the gaps in your data.
|
|
ad_storage='denied' and ads_data_redaction='true'
|
|
Web
|
- No new cookies pertaining to advertising may be written.
- No existing advertising cookies may be read.
- Requests are sent through a different domain to avoid previously set third-party cookies from being sent in request headers.
- Google Analytics will not read or write Google Ads cookies, and Google signals features will not accumulate data for this traffic.
- In Google Analytics full page URL is collected, may include ad-click information in URL parameters (e.g., GCLID / DCLID). Ad-click information will only be used to approximate accurate traffic measurement. In Google Ads, ad-click identifiers (e.g., GCLID / DCLID) in consent and conversion pings are redacted.
- IP addresses used to derive IP country, but are never logged by our Google Ads and Floodlight systems and are immediately deleted upon collection.
|
Related resources