Sending Consent Signals to Ad Platforms
Consent signals communicate a user’s data privacy preferences to ad platforms. Sending accurate consent signals is required to comply with regulations such as GDPR (EU/EEA/UK) and CCPA (US), and is increasingly enforced by ad platforms like Google and Meta as a condition for running targeted ads.
CustomerLabs lets you configure consent-based event triggers per destination and send consent signals to ad platforms — even if your website does not have a cookie consent banner.
Configuring Consent Settings for Destinations
Section titled “Configuring Consent Settings for Destinations”By default, CustomerLabs sends event data to connected destinations without requiring additional user consent parameters. For destinations that operate in regulated regions, you can require specific consent parameters before events are forwarded.
How to Configure
Section titled “How to Configure”- In your CustomerLabs account, navigate to
Destinations→Consent Triggerstab. - Locate the destination you want to configure. Only active destinations can have consent settings updated.
- Click the Action icon next to the destination.
- A dialog box presents two options:
No Additional Consent Required (default) No additional consent parameters are needed. Events are forwarded to the destination regardless of user consent state.
Required Additional Consent Events are only forwarded when the specified consent parameters are present and granted. You can select from default consent parameters in the dropdown or click Add Custom Consent Parameter to define your own.
Sending Consent Updates via _cl.trackConsent()
Section titled “Sending Consent Updates via _cl.trackConsent()”When a user accepts or modifies their consent preferences (via your cookie banner or a custom consent mechanism), pass those preferences to CustomerLabs using the _cl.trackConsent() function.
_cl.trackConsent({ "ad_user_data": "granted", "ad_personalization": "granted", "ad_storage": "denied"});The full list of supported consent parameters:
{ "ad_user_data": "granted", "analytics_storage": "granted", "ad_personalization": "granted", "ad_storage": "granted", "functionality_storage": "granted", "personalization_storage": "granted", "security_storage": "granted"}Each parameter accepts "granted" or "denied" as its value. If you use a Google Certified CMP that pushes consent data to the DataLayer, you can transmit these values via GTM instead of calling the function directly.
Sending Consent Signals Without a Consent Banner
Section titled “Sending Consent Signals Without a Consent Banner”If your website does not display a cookie consent banner, you can still send consent signals to ad platforms using a Custom Integration in CustomerLabs. This approach sets a default consent state on page load for all users.
Google Consent Signals (Without a Banner)
Section titled “Google Consent Signals (Without a Banner)”Google requires consent signals to be sent for ad targeting in regions covered by GDPR and similar regulations. If you do not have a cookie banner, use the following steps to deny consent by default for all users.
Step 1: Open Custom Integration
Navigate to Destinations → Custom Integration and enable the JavaScript integration.
Step 2: Name and Add the Script
Name the integration Google Consent and paste the following code into the script field:
(function() { ((window.CLabsgbVar || {}).generalProps || {}).uid && _cl.trackConsent({ ad_storage: 'denied', ad_user_data: 'denied', ad_personalization: 'denied', analytics_storage: 'denied', functionality_storage: 'denied', personalization_storage: 'denied', security_storage: 'denied' });}());This script runs on page load and sets all consent types to denied by default for any identified user.
Step 3: Save the Integration
Click Save to activate the custom integration. The script will now run on your website.
Step 4: Set Trigger Paths
Define the URLs where this consent denial should be applied. You can add multiple URLs using Add New Firing Rule. For example:
https://example.com/contacthttps://example.com/privacy-policyhttps://example.com/terms
Step 5: Verify the Consent Cookie
To confirm the integration is working:
- Load a page on your website in a browser.
- Right-click → Inspect → navigate to the Application tab.
- Select Cookies from the left panel and choose your page URL.
- Search for the cookie named
User Consent— you should see the consent permissions are set to denied.
Consent Parameter Reference
| Parameter | Description |
|---|---|
ad_storage | Storage (cookies) related to advertising |
ad_user_data | Consent to send user data to Google for ads |
ad_personalization | Consent for personalized advertising |
analytics_storage | Storage related to analytics (e.g. visit duration) |
functionality_storage | Storage supporting website functionality (e.g. language) |
personalization_storage | Storage related to personalization (e.g. recommendations) |
security_storage | Storage for security features (e.g. authentication, fraud prevention) |
Meta Consent Signals / CCPA Limited Data Use (Without a Banner)
Section titled “Meta Consent Signals / CCPA Limited Data Use (Without a Banner)”Meta’s Limited Data Use (LDU) flag restricts how Meta processes user data for residents of certain US states covered by CCPA (California, Colorado, Connecticut, Florida, Texas, and Oregon). If you do not have a cookie banner, use the following steps to set a CCPA consent cookie and enable LDU in your Meta destination.
Step 1: Open Custom Integration
Navigate to Destinations → Custom Integration and enable the JavaScript integration.
Step 2: Name and Add the Script
Name the integration CCPA and paste the following code into the script field:
(function() { var key = 'ccpa_consent'; var value = '1'; var expiryDate = new Date(); expiryDate.setFullYear(expiryDate.getFullYear() + 1); var expires = "expires=" + expiryDate.toUTCString(); document.cookie = key + "=" + value + ";" + expires + ";path=/";})();This script sets a cookie named ccpa_consent with a value of 1 (opt-out / consent declined) that persists for one year. If a user clears their browser cookies, the cookie will be removed.
Step 3: Save the Integration
Click Save to activate the custom integration.
Step 4: Set Trigger Paths
Define the URLs where this consent cookie should be set. Add multiple URLs using Add New Firing Rule. For example:
https://example.com/contacthttps://example.com/privacy-policyhttps://example.com/terms
Step 5: Verify the Consent Cookie
To confirm the cookie is being set:
- Load a page on your website in a browser.
- Right-click → Inspect → navigate to the Application tab.
- Select Cookies from the left panel and choose your page URL.
- Search for
ccpa_consent— the cookie should be present with a value of1.
Step 6: Enable Limited Data Use in the Meta Destination
- In CustomerLabs, go to
Destinations→ Facebook and open the destination’s configuration settings. - Toggle on the Limited Data Usage option.
- In the LDU configuration, enter the following:
- Cookie Name:
ccpa_consent - Cookie Value:
1(opt-out / consent declined) or0(no consent recorded)
- Cookie Name:
Step 7: Install the Meta Pixel Extension
Install the Meta Pixel Extension in your browser to validate that the pixel is firing correctly and that LDU-flagged events are being tracked as expected.
LDU-flagged users will be synced through both events and audiences. Meta identifies each user’s state and applies LDU during data processing on their side.
Related
Section titled “Related”- Destination Logs — Verify that consent-gated events are being delivered correctly.
- Destination Snapshot — Monitor event success and failure rates across destinations.