Google’s EU User Consent Policy Requirements

This article will explain and provide three solutions when you get an email from Google stating the following or similar:

Our policy review indicates that while the site(s)/app(s) below contain a consent notice, the text of this does not meet the requirements of our policy

Why do I get this email?

You might have received this email yourself, which would mean you’re using one of Google’s Advertising Products, either on an app or website. For this article, we will take the most common advertising product as an example; Google Adsense. You’re also using a consent management tool, in this case, most likely Complianz, but the email is not related to any specific tooling.

The email notifies you of two things:

  1. You need to conform to Google EU Consent Policy (which is different from GDPR or ePrivacy and deals with Advertising only.)
  2. The requirement you’re failing is text-based.

There are 3 Solutions – One better than the other.

Google EU Consent Policy focuses on advertising only, and while you’re conforming with GDPR & ePrivacy while using Complianz, Google has their additional requirements before you can use Adsense or be penalized. This is how to conform to the guidelines, starting with the worst plan.

1. (Don’t) Use Google’s Adsense Consent Notice

To conform with these guidelines, Google offers its consent notice. This, however, only focuses on advertising, not GDPR or ePrivacy, and therefore is compliant only with Google’s guidelines. To comply with GDPR & ePrivacy (for example), you will need a more dedicated, broader consent management tool to run side-by-side. This also means two different notices, for example.

This is not recommended.

2. Use Complianz without TCF* enabled

Google partnered with IAB Europe for easier compliance with these guidelines and created the Transparency and Consent Framework (TCF). TCF is not easy to implement yourself and needs constant updates due to guidelines changes. This is all handled in Complianz Premium. But if you’re using Complianz without TCF (e.g., in Free), you can always do it yourself by following these instructions:

https://support.google.com/adsense/answer/7670013?hl=en&ref_topic=7670012

As the warning from Google is based on textual changes, the most occurring warnings during these reviews are the text on the cookie banner and the missing vendor list on your cookie policy. A privacy policy, however, is also a must. To begin: 

1. The text on the cookie banner.

The text on the banner can be changed to:

‘We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show (non-) personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.’

You can reply to Google’s email for specifications if needed.

2. The ad partner or vendor list

The other missing link is the ad partners or vendor list, which Google requires you to display on your cookie policy. These are all the third parties you share data with.

How to get your vendor list? Please follow these instructions: https://support.google.com/adsense/answer/10960670?hl=en&visit_id=637925343440737063-3244975734&ref_topic=10924861&rd=1#zippy=

This should solve most issues. If Google still flags your implementation, please ask for specific instructions from Google itself.

3. Use Complianz with TCF enabled (Premium)

They partnered with IAB Europe for easier compliance with these guidelines. This framework (TCF) is available in Complianz Premium and works without configuration. It’s the easiest solution. Read more here.

Join 1M+ users and install The Privacy Suite for WordPress locally, automated or fully customized, and access our awesome support if you need any help!

Complianz has received its Google CMP Certification to conform to requirements for publishers using Google advertising products.