Google Consent Mode v2

Mandatory for EEA + UK
since March 2024.

Google Consent Mode v2 is the API Google's tags use to receive consent signals from your cookie banner. Without it wired correctly, EEA and UK visitor data stops flowing to Google Ads and Analytics — and personalized advertising features become unavailable. ClearConsent ships GCM v2 wired in by default.

EEA + UK regulatory requirement Pre-wired in ClearConsent banners Google-recommended consent signals

If your banner doesn't speak Google's consent API, your Google Ads remarketing pool from EEA visitors quietly empties out. The banner is showing; the signal is not arriving.

/ The risk
01 / What it is

The bridge between your banner and Google.

Google Consent Mode v2 is a JavaScript API that Google's tags (gtag, GTM, Google Ads, Google Analytics 4) listen to for consent signals. When a visitor clicks "Accept" or "Reject" on your cookie banner, your banner needs to call gtag('consent', 'update', { ... }) with the right consent state for Google's tags to behave appropriately.

Google Consent Mode v1 (the original) shipped in 2020 with two consent types: ad_storage and analytics_storage. Consent Mode v2 added two more in March 2024: ad_user_data (whether Google can use the visitor's data for personalization) and ad_personalization (whether to show personalized ads). All four are now required for EEA and UK visitor traffic to keep flowing into Google Ads campaigns.

02 / What changed

v1 vs v2 at a glance.

/ Google Consent Mode v1 vs v2
Consent signal v1 (2020)Optional v2 (March 2024)Required for EEA/UK
ad_storage Whether Google can store ad-related cookies + +
analytics_storage Whether Google can store analytics cookies + +
ad_user_data Whether Google can use the visitor's data for ad personalization · +
ad_personalization Whether to show personalized ads to this visitor · +
Default state What's assumed before the banner gets a click granted denied (EEA)
03 / How ClearConsent does it

Wired in by default.

Default denied

On first paint, ClearConsent calls gtag('consent', 'default', ...) with all four signals set to denied for visitors detected as EEA/UK.

Banner shows

Visitor sees the banner with Accept / Reject / Preferences. Google Consent Mode v2 starts in the default-denied state on every plan; on Pro, the auto-blocker additionally holds GA4, GTM, and Meta Pixel from firing until the visitor consents.

Update on choice

Click Accept → gtag('consent', 'update', { all granted }). Click Reject → signals stay denied. Personalization respects the choice.

04 / Verifying yours

How to check it's actually working.

Two ways to verify GCM v2 is correctly wired on your store:

  • Run the ClearConsent scan. The scan checks for a gtag('consent', ...) call in your page source and reports whether the four v2 signals are present in the default state. If they're all there, the score's per-law breakdown for GDPR + UK PECR will reflect the credit.
  • Use Google Tag Assistant. Install the official Tag Assistant Companion Chrome extension and visit your store from an EEA IP (or use a VPN). Tag Assistant will report each Google tag's consent state on page load and after banner interactions. Expected: all four v2 signals visible, default state denied for EEA, granted after clicking Accept.

If you're seeing v1 signals only or no consent state at all, contact us via the contact form. The fix is usually a banner re-install (which regenerates the JS to current GCM v2 specifications).

05 / Why Google made it mandatory

The regulatory pressure.

GCM v2 isn't a Google ad-tech feature; it's Google's response to EEA enforcement of GDPR + ePrivacy. The Court of Justice of the European Union (CJEU) ruled in 2020 (Schrems II) that EU data transfers to the US require additional safeguards, and subsequent French and Italian DPA decisions specifically targeted Google Analytics' compliance with GDPR data-flow principles. Consent Mode v2 is Google's attempt to provide a compliant data-collection path.

For a Shopify merchant: if your EEA visitors are seeing ads on your store powered by Google Ads remarketing, the consent signals need to be flowing. If they're not, the audience pool empties out, conversion attribution breaks, and you may also be technically out of compliance with PECR + GDPR for personalized advertising. ClearConsent's banner is configured to handle this automatically.

Test yours

Is your store GCM v2 compliant?

Free on the home page. The diagnostic checks for GCM v2 wiring among ~30 other privacy signals. If your current banner is missing the v2 signals, the score will say so and the per-law breakdown will explain what's needed.

Run the diagnostic How scoring works →