ClearLaunch
Feature CheckerRegulations & PoliciesEnforcementRadarVendorsChangelogGuides
FAQ
← All Controls

Cookie + tracker consent management

cookie-consent-managementDomain: data-privacyType: mixed

Description

Cookie consent management is the inventory-and-gating function that sits behind the consent banner: the work of cataloguing every first-party and third-party cookie, SDK, pixel, and tag the product loads, classifying each into one of the standard categories (strictly necessary, functional, analytics, advertising), and gating the non-necessary categories behind opt-in consent in markets that require it (the EU under ePrivacy and GDPR, the UK under PECR, California under CCPA, Brazil under LGPD, and a growing list of others). Implementation has three pieces: the periodic tag scan that catches what is actually loading in production (which often differs from what the marketing team thinks is loading, because tag managers accumulate), the categorization decisions for new tags that get added between scans, and the integration to the consent-banner layer so the categorization actually controls what fires. The categorization is what makes the user opt-out meaningful: a strictly-necessary classification that quietly covers an analytics tag is the recurring enforcement signature, because regulators find it through traffic analysis rather than through document review. Most consent-management failures observed in the EDPB and ICO actions trace back to this layer rather than the surface design.

Required by (4 regulations)

  • APPI

    Act on the Protection of Personal Information (Act No. 57 of 2003, as amended by Act No. 44 of 2020, effective April 1, 2022)

  • CCPA/CPRA

    CCPA §1798.135 — Do Not Sell + Global Privacy Control compliance.

    Cal. Civ. Code §§1798.100-1798.199.100; 11 CCR §7000-7102

  • GDPR

    Article 6/7 + ePrivacy Directive Article 5(3) — opt-in for non-essential cookies.

    Regulation (EU) 2016/679 of the European Parliament and of the Council

  • UK AADC

    PECR Reg. 6.

    Data Protection Act 2018, s.123; Age Appropriate Design: A Code of Practice for Online Services (ICO, 2020)

Fulfilled by (4)

  • onetrust · full · medium effort · $$
  • didomi · full · medium effort · $$
  • osano · full · low effort · $
  • cookieyes · partial · low effort · $

ClearLaunch does not accept payment from vendors. Methodology.

Evidence formats

  • cookie inventory
  • tag manager configuration
  • pre-consent network log
  • IAB TCF signal

ClearLaunch provides legal information based on publicly available regulatory sources. It does not constitute legal advice and does not create an attorney-client relationship. Consult a licensed attorney in your jurisdiction before making compliance decisions.

ClearLaunch

Regulatory intelligence for people who ship products.

Tools
Feature CheckerRegulations & PoliciesVendorsGuidesFor LegalFor EngineeringFor ExecutivesFor Investors
About
AboutMethodologyChangelogFAQRegulatory UpdatesClearLaunch on LinkedIn
Legal
Terms of ServicePrivacy PolicyHow we handle your dataCoverage scope & limitations

Built by Neel Patel, in-house game counsel. Games touch more compliance domains at once than anything else in tech. That's what ClearLaunch was designed around.

ClearLaunch provides legal information based on publicly available regulatory sources. It does not constitute legal advice and does not create an attorney-client relationship. Consult a licensed attorney in your jurisdiction before making compliance decisions. Operated by a Washington-licensed attorney. Not licensed in California or other US states. ClearLaunch provides legal information; consult a licensed attorney in your jurisdiction. Data reviewed through March 2026. Methodology

© 2026 ClearLaunch · Terms · Privacy