In 2025, without clear consent management, analytics loses its teeth. Consent Mode v2 is a way to inform Google tags about user consent and automatically adapt their behavior: when consent is not given, tags either don’t write cookies or (in advanced mode) send cookieless signals for modeling. Since late 2023 two new permissions – ad_user_data and ad_personalization – were introduced, so older implementations are no longer sufficient.
What Consent Mode v2 actually is (in simple terms)
By default, Google tags use four consent signals: ad_storage, analytics_storage, ad_user_data and ad_personalization. Their values determine whether cookies can be stored, whether advertising data can be sent, whether ads can be personalized, and so on. This is not a banner – it’s an API that works together with your CMP (Consent Management Platform). Google officially documents these signals and their impact on measurement and personalization.
Consent Mode has two modes. “Basic” – when there is no consent, nothing is sent (no cookieless signals). “Advanced” – when there is no consent, anonymous pings are sent and Google uses them to model missing sessions and conversions (GA4/Ads). This helps preserve the overall data picture while respecting user choice.
When it is required (and what changed)
If you serve users in the EEA/UK and run personalized advertising through the Google ecosystem, you must use a Google-certified CMP integrated with IAB TCF. Google’s enforcement dates: January 16, 2024 for EEA/UK, and July 31, 2024 for Switzerland. Without a certified CMP, personalized ads cannot be shown.
Even if you don’t run personalized ads but use GA4, Google recommends upgrading to Consent Mode v2 so the new consent signals are passed and reporting/modeling works correctly. Certified CMPs usually migrate automatically; custom cookie banners must be updated manually.
How not to lose measurement: three practical scenarios
1) Analytics only, no ads.
Use “Advanced” mode: without consent no cookies are stored, but GA4 receives cookieless signals and can model traffic and conversions. You keep the overall performance view.
2) Analytics + Google Ads without ad personalization.
Allow ad_user_data only for measurement (e.g., enhanced conversions), while ad_personalization remains denied if the user does not consent. Tags adapt automatically.
3) Analytics + personalized ads.
In the EEA/UK (and Switzerland from 2024-07-31) you must use a Google-certified CMP (IAB TCF) and correctly pass all four consent signals. Otherwise personalized advertising is not allowed.
WooCommerce: what to do in practice
In WordPress, the setup depends on three things: a CMP plugin, correct GTM/gtag configuration and validation.
- Install a Google-certified CMP and set default consent to “denied”. Only after user acceptance should the CMP update values via
gtag('consent','update',…). - Bind GA4 and Google Ads tags to consent so no cookies are set without permission.
- In “Advanced” mode allow GA4 cookieless pings to preserve overall traffic modeling.
In practice this means: guest checkouts are measured correctly, personalization activates only after explicit consent, and reports don’t develop “holes” after the banner appears. If you use many third-party scripts, make sure they react to CMP signals – otherwise they must be blocked until consent is given.
PrestaShop: same principles, more discipline
PrestaShop projects often include more complex integrations (B2B, multiple payment and shipping modules). The key is that all modules receive the consent state before loading third-party scripts. After installing a Google-certified CMP, configure Consent Mode v2 in GTM/gtag and verify that the purchase event on the thank-you page does not send personalization signals without consent. “Advanced” mode keeps the GA4 funnel usable even if some users decline.
How to verify it works (GA4 + browser)
Start with GA4 DebugView – you’ll see which events arrive with which consent states. Then inspect network requests in the browser and look for the gcd parameter, which encodes all four consent values. If cookies or personalization signals are sent without consent, your tags bypass CMP logic.
Interpretation is simple: if conversions drop too much after showing the banner, check whether you are really using “Advanced” mode and not accidentally blocking GA4 cookieless pings. If ad performance drops only in the EEA/UK, verify that ad_personalization is passed only for users who agreed.
Most common mistakes (and how to avoid them)
The two biggest mistakes are not upgrading to v2 (missing new signals) and mixing Basic with Advanced while expecting modeled data. Third – using a non-certified CMP, making personalized ads illegal in the EEA/UK. Fourth – loading third-party tags too early so they ignore consent. Google’s official documentation clearly explains what is required and how modeling works.
Minimal action plan for WooCommerce/PrestaShop
- Choose a Google-certified CMP with IAB TCF for EEA/UK traffic.
- In GTM/gtag upgrade to Consent Mode v2 and set default values to denied.
- Keep GA4 running in Advanced mode to receive cookieless modeling signals.
- Validate the gcd parameter and GA4 DebugView to ensure signals match user choices.
If needed, this setup is usually combined with ongoing website maintenance and implementation work for WooCommerce/PrestaShop.
Recommended reading
- “What changed for EEA traffic” and v2 updates (official): Google Tag Manager Help.
- v2 implementation and “Basic vs Advanced” (official): developers.google.com guide.
- CMP requirements for EEA/UK/CH (official): Ad Manager / AdSense Help.
- Consent signal definitions (official): Consent mode reference.
