CMP or Consent Management Platform allows website and app owners to get user’s consent for collecting and processing their data. This is a mandatory and legal requirement in Europe (GDPR), California in US (CRPA) and in few other countries. If you are showing personalized ads, using analytics, collecting personal information from customers/users or using any third-party cookies on your site, it is necessary to inform users how you are processing their data and get the consent from them. Since Google AdSense shows personalized advertisements, you should show the consent message in required regions to serve ads. Otherwise, ads will NOT be shown and you will lose the revenue.
CMP for Google AdSense
Google follows Transparency & Consent Framework (TCF) from International Advertising Bureau (IAB). As part of this, Google announced that all AdSense publishers should use a certified consent management platform before 16 Jan 2024 to serve ads on EEA (European Economic Area) and UK regions. You can go with one of the Google certified CMPs which will cost you generally based on page views. If you do not want to use a paid CMP, you have two options – either use Google CMP in AdSense or opt-out from GDPR to disable ads on the affected regions.
Obviously, losing revenue is not an option for publishers and you can go for the Google’s own CMP. This article explains how you can setup Google CMP from your AdSense account for free and comply with legal requirements.
Important Things to Know Before You Proceed
- Google uses auto ads script to display the consent message. So, you can either create a GDPR message from auto ads section or from privacy section.
- Consent message will be shown on all the pages where AdSense ad script is present. Since auto ads script is part of individual ad code, you do not need to add additional scripts even if you have disabled auto ads.
- Before trying to create a message, make sure to have proper privacy page on your site. You should link the privacy page URL in GDPR consent message.
The process is like creating ad blocking recovery message with the difference that you do not need additional code for GDPR message.
Creating GDPR Message in AdSense Account
Follow the below process if you have disabled auto ads, otherwise, jump to “For Auto Ads Users” section.
Login to your AdSense account and go to “Privacy & messaging” section. You will see a list of options and click on “GDPR”.
Next page will show you the overall process of creating a GDPR consent message and click on “Get Started” button.
On next page, you will see two tabs – Messages and Settings. First, click on the “Create a GDPR message” button showing under “Messages” tab. The options you select under “Settings” tab will appear in the consent message. We will explain the available settings in next section.
It will open GDPR message editor screen as shown below and enter the name for you message in the box shown on top left corner. After that, click on the “Select site” button on the right section.
Copy and paste your privacy URL and click “Save” button. Finally, click the “Confirm” button to apply the changes.
After adding your site, select the language of the message you want to display.
User Choices in Message
“User Choices” section allows you to show two or three buttons on the message.
- Consent button – enabled by default.
- Manage options – enabled by default.
- Do not consent – select on or off from the dropdown and add the close button if required. We recommend turning this button off.
Editing and Styling the Message
You can click on the item in preview to open the styling for that part and edit the content. For example, instead of “Manage options” you can change to “Manage” and style the buttons to match the layout of your site.
The links on the left sidebar allows you to quickly view how the message, options and ad partners will look in the preview. Go to “Manage options” and “Ad partners” sections and enable the items you want to get consent or legitimate interest or both.
Revocation link will be added by default at the bottom of the page after user’s consent. So, user can click on the link and change the preferences any time.
Publishing GDPR Message
After setting up the message, click on the “Publish” button showing on top right corner. You will a pop-up showing the message will take up to an hour to show on the site and click “OK” button.
You will be taken back to “Privacy & messaging > GDPR” section where you can see the published GDPR consent message. The section will also show a report card with the messages shown, EEA & UK traffic rate and consent rate.
You can anytime disable or edit the GDPR message from here.
Customize GDPR Message Settings
Now, go to “Settings” tab where you can customize the details to show in the consent message. Note that the settings like “Ad partners” is same as what you see in the GDPR message editor.
Below are the options available under “Settings” section:
- Personalized ads – enable this option.
- Review your ad partners – check and select the ad partners.
- Check creatives for consent – enable real-time bidding partner creatives.
- Legitimate interest – enable these settings to maximize your revenue.
- Add purposes for your own use – select additional consent required from users if you use their data on your site.
When saving your changes, Google will ask whether you want to re-prompt user consent. Select “Re-prompt” or “Don’t re-prompt” as per your need and save the settings.
For Auto Ads Users
As mentioned, you can also create or edit GDPR message from auto ads section.
- Go to “Ads” section and click on the pencil icon showing against your site.
- When you are in the auto ads screen, make sure you have enabled auto ads under “Ad settings” tab. Go to “Privacy messages” tab where you can see any previously created GDPR message under “Privacy & messaging > GDPR” section (as explained above).
- Click on the GDPR heading to edit the existing message. If you have not created a message previously, you can create a new one from here.
Testing GDPR Message
Simply open your website from UK or European Economic Area and you should see the GDPR message as setup in your AdSense account.
Users can accept the consent or click “Manage options” to modify the items acceptable for them. Once accepted, ads will show along with a revocation link in footer showing “Privacy and cookie settings Managed by Google…”.