Implement Cookie Consent Requirements

In This Article

Cookie consent requirements are a critical part of GDPR complaince and is critical to your app's success. To prevent your app from being uninstalled by customers striving for compliance, ensure your app's compatibility with the requirements and test thoroughly.

Make sure to:

Check the visitor's consent policy at the start of each session, and comply completely with the set policy.
Listen to changes in the policy during the session, and comply with any changes.

The following sections describe how to complete these two steps based on extension type.

iframe apps

Access the visitors’ consent policies with these wix.utils functions:

getCurrentConsentPolicy – Get the current user policy.
onConsentPolicyChanged – Listen to any changes in the policy.

Worker iframe apps

Access the visitors’ consent policies with these wix.worker functions:

Utils.getCurrentConsentPolicy – Get the current user policy.
Utils.onConsentPolicyChanged – Listen to any changes in the policy.

The consent policy will also be passed as a query param in the iframe URL.

Embedded script apps

Embedded script apps will be automatically rendered or blocked based on the site visitor’s approval or denial of the above options, which correspond to the script type selected during setup.

If your script falls into more than one category (for example, it's Functional, but also collects Analytics about users) you should select the more restrictive category (so in our example, the script should be marked as Analytics).

If your script has marketing or analytical functionalities but needs to be listed in one of the less restrictive categories in order to carry out its main functionalities, you should do one of the following:

Create two embedded script components, each one containing the relevant script for its category.
Have conditional code that checks the policy before running code that requires a more lax policy. If your script structure does not allow you to do this, you can ask for approval to be marked as Functional/Essential via our support, as long as your app takes the user policy into account.

In order to take the users’ selected policy into account, you should use a client side API and event:

consentPolicyManager.getCurrentConsentPolicy() – Get the current user policy.
consentPolicyChanged – Listen to any changes in the policy. This is a custom event triggered on the document when the policy is changed.

This means that the rest of your script (or functionality) should be loaded only if the user has accepted.

Function – getCurrentConsentPolicy(callback)

window.consentPolicyManager.getCurrentConsentPolicy()

Property	Type	Description
defaultPolicy	boolean	False only if the User has selected a policy
policy	ConsentPolicy (object)	The policy that is currently active
createdDate	Date / undefined	If this is NOT a defaultPolicy this is when the policy was set

ConsentPolicy includes:

Property	Type	Description
essential	boolean	Always true - means we allow our necessary cookies / BI
analytics	boolean	If we are allowed to send / use analytics cookies / BI
functional	boolean	If we are allowed to send / use functional cookies / BI
advertising	boolean	If we are allowed to send / use advertising cookies / BI
dataToThirdParty	boolean	Relates to CCPA law - if we are allowed to transfer data to 3rd parties or embed their scripts

Event – consentPolicyChanged

Dispatched on the document object. Triggers when a consent policy change was completed successfully.

Sample listener code:

Copy

The detail object under the event contains a ConsentPolicy object.

Wix Blocks apps

Access the visitors’ consent policies with these Velo functions:

getCurrentConsentPolicy() – Get the current user policy.
onConsentPolicyChanged – Listen to any changes in the policy.

Did this help?