Consent and event collection
Consent state determines whether and how analytics events may be collected. Frameworks like Google Consent Mode pass signals such as analytics_storage to adjust behaviour: with consent granted, events are collected normally; when denied, collection is restricted or limited to cookieless signals. This page explains the mechanics of consent-gated event collection — it is educational, not legal advice.
What this means
Consent state — the user's choices about storage and tracking — decides whether analytics events are collected and in what form. Google's Consent Mode is one widely documented framework: a page sets consent signals such as `analytics_storage` and `ad_storage` to 'granted' or 'denied', and tags adjust accordingly. With consent granted, events flow as normal; when denied, behaviour is restricted.
The key idea is that collection is conditional on consent, not unconditional.
Granted versus denied behaviour
When analytics consent is denied under Consent Mode, tags can be configured to send limited, cookieless pings or to suppress collection, depending on setup. This means a portion of activity is intentionally not fully measured — a coverage gap that grows with the share of users who decline. Read your event totals as 'consented activity', and avoid assuming denied-consent traffic looks identical to consented traffic. Implementation specifics and legal obligations vary by region and platform; treat this as mechanics, not compliance guidance.
- Consent signals (e.g. analytics_storage) gate collection
- Denied consent limits or suppresses event collection
- Totals represent consented activity, not all activity
How it appears in analytics and logs
If consent is denied, expected events may be absent or limited — a measurement gap that reflects consent choices, not broken tracking. Read coverage against your consent rates.
Diagnostic use case
Gate event collection on consent so analytics respects user choices, understanding what data is and is not collected in each consent state.
What WebmasterID can help detect
WebmasterID's first-party, privacy-first posture means measurement can rely on aggregate first-party signals rather than cross-site tracking, which simplifies how event collection respects consent.
Common mistakes
- Treating consent gating as legal compliance on its own.
- Assuming denied-consent traffic mirrors consented traffic.
- Firing events before consent state is resolved.
Privacy and accuracy notes
Consent gating is a privacy control, not a substitute for legal compliance. Lawful bases, banner design, and retention are jurisdiction-specific; consult qualified counsel. This is educational, not legal advice.
Related pages
- Enhanced measurement (auto events)
Enhanced measurement is a GA4 setting that automatically collects a set of interaction events — scrolls, outbound clicks, site search, video engagement, file downloads, and form interactions — without extra code. It is convenient but not magic: it only covers standard patterns, can over- or under-count, and each option can be toggled. This page explains what it does and its limits.
- Server-side event tracking
Server-side event tracking sends events from your own server (or a server-side tag container) to the analytics backend, instead of firing them directly from the visitor's browser. It can improve data control, resilience to ad-blockers, and where data is processed — but it does not remove consent obligations and can hide client context. This page covers the model and the trade-offs.
- GDPR and web analytics: the practical picture
The GDPR governs processing of personal data of people in the EU. For analytics that means: identifiers and IP addresses can be personal data, consent is often required for cookie-based tracking, and minimisation matters. Cookieless, first-party, anonymised measurement reduces the surface — but this is a factual overview, not legal advice.
- Privacy-first analytics
Measure with consent-respecting first-party data.
Sources and verification notes
Last reviewed 2026-06-24. Facts are checked against primary/official sources where available; uncertain specifics are marked “Data not yet verified” rather than guessed.