The Explicit Consent Prompt Manager makes it easy to deploy a prompt to your website to allow users to opt-in or opt-out of tracking. This tool offers full access to customize the code behind the scenes as well as offers translated content to global customers. This feature replaces the functionality previously offered by the Privacy Manager extension and is part of our consent management features designed to help you stay compliant with GDPR.

In this article:

How It Works

The Explicit Consent Prompt Manager works together with the Consent Preferences Manager to present tracking options to your customers. A consent prompt notifies your customers about your desire to track their activity on your digital property and to acquire their consent. Explicit consent is a proactive approach in encouraging your customers to opt-in or opt-out by forcing a pop-up prompt until a selection is made.

  • If a customer opts-out, the website suppresses all tracking activity and cookie storage that is not directly relevant to the digital experience.
  • If the customer opts-in, the website can track the user behavior (commonly using third-party services).

Explicit Consent Prompt example:


The Explicit Consent Prompt Manager in iQ Tag Management makes it easy to create and deploy a consent prompt to your website using your existing installation. This feature can be used with the Consent Preferences Manager to offer your customers more granular control over how they are tracked.

The Explicit Consent Prompt satisfies a requirement of the General Data Protection Regulation that a data subject (EU residents) must give explicit consent before activity can be tracked.

Visitor Experience

After you deploy to your website using the standard iQ JavaScript container ( utag.js ), the consent prompt operates automatically – no additional coding is needed for the consent prompt to function. The prompt behavior is based on the configured load rule and the presence of a consent cookie. The prompt is triggered automatically on pages matching the load rule if that cookie is not detected. After a response to the prompt is submitted (for example, the visitor selects "Opt-in" or "Opt-out"), the consent cookie is created and subsequent page views do not trigger the consent prompt.

The consent prompt can be displayed programmatically using the JavaScript helper functions.


The Explicit Consent Prompt in Tealium iQ offers the following features:

  • Display Templates
  • Customizable Style and Layout
  • Multi-Language Support
  • Configurable Display Condition
  • Global Settings for Enterprise Rollout
  • Consent Logging (requires DataAccess or EventStream)

This feature does not require additional code on your site. All of the configuration is bundled with your existing installation of our JavaScript library (utag.js).

After you configure and activate the consent prompt, the changes are released in your next publish.


The Explicit Consent Prompt is set up using the following screens:

  • Content
    Use this screen to enter the message displayed to your customers, add multiple language translations, and provide your company's logo URL and privacy policy link.
  • Customization
    Customize the design and layout of your prompt by editing the CSS, HTML, and JavaScript used to display your prompt.
  • Display Rule
    Use your data layer to create a load rule that determines when to display the consent prompt.
  • Options
    Adjust additional options, such as logging consent changes using DataAccess or marking non-tracking tags that are not governed by consent management, such as chat widget.
  • Default Consent Categories (JavaScript Code Extension) (when Consent Preferences is disabled)
    If you do not use the Consent Preferences Dialog and have a server-side product enabled (EventStream, AudienceStream, or DataAccess), then this JavaScript Code extension is required to set the default consent categories.

    If you skip this step, incoming events might be ignored.

Global Settings

The Explicit Consent Prompt can be configured for multiple profiles simultaneously when using the global parameters setting. This allows you to configure your consent prompt at the account level and have each profile inherit that configuration.

To learn more, see Managing Global Consent Content.

Getting Started

Use the following steps to begin setting up the explicit consent prompt:

  1. In the left sidebar, go to Client-Side Tools > Consent Management.
  2. In the Explicit Consent Prompt section, click Get Started to launch the configuration.
    If the Explicit Consent Prompt is already set up, you can toggle it on or off from this screen.


On the Content screen, customize the message displayed in the consent prompt, add languages for translated content, define custom parameters, and view a preview of the prompt you created.

Consent Manager_Explicit Consent Prompt.jpg

Content Parameters

The Explicit Consent Prompt uses parameters to construct the final prompt that displays on your site. The prompt is templatized so that the values of the parameters can be easily substituted. Parameters are referenced using the format: {{parameter_name}}.

The standard built-in content parameters are:

  • Title {{title}}
    The main heading of the consent prompt.
  • Message {{message}}
    Your message to customers to inform them about your tracking intentions and links to other resources such as a privacy policy or contact form.
  • Opt-in/Opt-out {{opt_in}} / {{opt_out}}
    The two options available:
    • opt-in - grant consent
    • opt-out - deny consent
  • Confirmation Button {{confirmation_button}}
    The label on the submission button.

To edit the content of the standard parameters, modify the text fields and click Finish.

Sample HTML code with parameters:

<div class="example_body">
<div class="privacy_prompt">
<div class="privacy_prompt_content">
<div class="privacy_prompt_footer">
<div class="button right">{{confirmation_button}}</div>
<div class="close_btn_thick"></div>

Custom Parameters

Custom parameters can be added to further customize the prompt. These parameters can be referenced within the standard parameters or in the CSS/HTML/JavaScript code.

Best Practice: Avoid putting translatable text directly in the HTML or JavaScript. Instead, construct the code with {{parameters}} and define the values using custom parameters.

Use the following steps to add a custom parameter:

  1. Scroll down to the Custom Parameters section and click + Add Parameter.
    The Custom Parameter dialog displays.
  2. Enter a name for the parameter.
  3. Click Apply.
    The new custom parameter displays in the list.
  4. Enter a value for the new parameter.
    This value are substituted where the parameter is referenced.
  5. Click Finish.


The consent prompt can be displayed in multiple languages. For each language you add you must provide the translations for each content parameter and custom parameter.

The consent prompt detects the language setting in the visitor's browser (two-character language code) and displays the corresponding version. If the detected language is not configured, the default language is displayed.

Add a Language

To add a language:

  1. In the Language side panel, click + Add.
    Consent Manager_Consent Preferences Dialog_Add Language.jpg

  2. Select the desired language and click Apply.
    The new language displays in the side panel.

Click the new language to enter translated text for all content parameters and custom parameters.

Set the Default Language

The default language is used to display the consent prompt when the user's detected browser language is not configured.

To set a default language:

  1. Check the Make Default Language box located in the language title bar.
  2. Click Preview to view your language configuration.

Override the Language

You can override the consent manager language setting with a data layer variable by using the Universal Tag settings override object. Specify the name of the data layer variable which stores the language to be used in the consent manager.

For example, if your data layer contains a variable named site_language:

window.utag_cfg_ovrd = window.utag_cfg_ovrd || {}
window.utag_cfg_ovrd.gdprDLRef = "site_language";

Do not set the two-character language code directly. This override setting expects a variable name, not a language code value.

Customization (CSS, HTML, JavaScript)

On the Customization screen, the code is behind the consent prompt – the CSS, HTML, and the JavaScript that runs the prompt. This code can be edited to adjust the look and design of the prompt to match your website.

The JavaScript code is minified before it is published into the utag.js file. If the minification process fails for any reason (such as a syntax error), the publish process halt and return a warning message in iQ. Upon successful publish, when utag.js executes on the page, the consent prompt JavaScript code is injected into the <head> of the page.

Display Rule

On the Display Rule screen, select the load rule to determine when to load the consent prompt and display it to customers. To comply with GDPR regulation, the consent prompt must be presented to data subjects residing in the European Union (EU). You can select an existing load rule or create one to satisfy that criteria. If you are unsure, a guide is offered to generate a load rule for you.

GDPR Load Rule Creation Guide

The GDPR load rule creation guide is a series of questions about your website, domain, and data layer that generates the best load rule for the consent prompt. The questions are designed to determine the easiest way to identify your EU visitors using the data available in the data layer. The guide has pre-built the list of EU country names and generates the conditions needed to detect them all in one load rule.

Identifying EU data subjects can be accomplished the following ways:

  • Domain, Subdomain, or Pathname
    If your iQ profile is loaded on a website that is dedicated to EU citizens or your business only operates within the EU, then the domain, subdomain, or pathname of the URL likely contains a country code that can be used in a load rule.
    Examples: , ,
  • Data Layer Country Variable
    If your iQ profile is loaded on a website that allows visitors to choose their country or language, then this information can be represented in the data layer and used to create a load rule.
    Examples: utag_data.country_code = "de"

If you skip the load rule creation guide, you can create your own load rule or, if your iQ profile is loaded on a site entirely dedicated to serving EU citizens, you can use the default load rule, "All Pages".


From the Options screen, you can enable event logging and tags to omit.

Event Logging

The event logging option requires DataAccess (EventStore or EventDB) or EventStream and logs every consent action taken by your visitors. These consent actions can then be logged to EventStore, EventDB, or EventStream. Each time a visitor grants or revokes consent using the consent prompt, the action is logged for auditing purposes.

This option is offered to help you comply with Recital 42 of the GDPR, which requires that proof of consent be available for auditing purposes. In addition, the event logging option provides you with the data needed to enable you to analyze the volumes and percentages of visitors that opt in or opt out of consent and the types of cookies each visitor is opting in or out of as a result of your efforts.

Learn more about Event Logging for Consent Management.

Tags to Omit

Not all tags deployed via iQ Tag Management are for tracking or data collection. Tags and extensions can also be used to serve site functionality, such as pop-up modals, product feedback, site support, or chat clients. Use the Tags to Omit setting to create a list of tags to be exempted from the tracking restrictions.

Consent Cookie

The consent prompt uses a cookie named CONSENTMGR. The presence of this cookie and the values it contains determines the behavior of the prompt and reflect the state of the visitor's consent. The key/value pairs are delimited by the " |" character.

The CONSENTMGR cookie stores the following key/value pairs related to the consent and preferences prompts:

  • c1..N – integer value 1 or 0 indicating the tag category consent status where 1..N is the category number. 1=allowed, 0=not allowed (for use with the Consent Preferences prompt)
  • consent – a Boolean value that reflects the consent state of the visitor:
    • true – consent was given using the opt-in option
    • false – consent was declined using the opt-out option
  • ts – the timestamp of the last consent state change

Example value of the CONSENTMGR cookie: ts:1525369619|consent:true|c1:0|c2:0|c3:0|c4:0|c5:0|c6:0|c7:1|c8:0|c9:1|c10:0|c11:0|c12:1|c13:0|c14:0|c15:0

Default Consent Categories (JavaScript Code Extension)

This step is only needed if the Consent Preferences Dialog is disabled and if you have a server-side product (EventStream, AudienceStream, DataAccess) enabled. This step uses the JavaScript Code extension to add the default consent categories to the data layer to ensure that server-side events continue to be processed.

To add the default consent categories:

  1. Add a JavaScript Code extension.
  2. Add this line of code to set the default list of consent categories:b["consent_categories"] = ["analytics", "affiliates", "display_ads", "search", "email", "personalization", "social", "big_data", "misc", "cookiematch", "cdp", "mobile", "engagement", "monitoring", "crm"];
  3. Scope the extension to the Tealium Collect tag.

JavaScript Helper Functions

After enabled and published, the consent prompt introduces JavaScript utility functions into the utag namespace to allow you to integrate additional functionality. The namespace utag.gdpr contains all of the consent management utility functions.


Displays the explicit consent prompt. Integrate this function into your site to provide visitors a way to change their consent setting. To set the language dynamically, you can send the language as a parameter when calling the function. This overrides both the window.utag_cfg_ovrd.gdprDLRef defined above and the browser detection logic.


<a href="javascript&colon;utag.gdpr.showExplicitConsent('EN')">Change Consent</a>


Returns an object of key/value pairs from the CONSENTMGR cookie (mentioned above). The values are retrieved from['cp.CONSENTMGR'].

Example of consent declined:

> utag.gdpr.getCookieValues()
ts: "1525369619",
consent: "false"

Example of partial consent has been given for categories 7, 9, and 12:

> utag.gdpr.getCookieValues()
ts: "1525369619",
consent: "true",
c1: 0,
c2: 0,
c3: 0,
c4: 0,
c5: 0,
c6: 0,
c7: 1,
c8: 0,
c9: 1,
c10: 0,
c11: 0,
c12: 1,
c13: 0,
c14: 0,
c15: 0