If you run Google Analytics or Google Ads on a site with EU visitors, Google Consent Mode v2 is not optional anymore. Without it, your tags either break the rules or stop reporting data. This guide explains what it is, why Google made it mandatory, and how to set it up the right way.
What Is Google Consent Mode v2?
Google Consent Mode v2 is a framework that tells Google's tags whether a visitor has consented to analytics and advertising cookies. Instead of firing normally or not at all, your tags adjust their behavior based on the consent signal your cookie banner sends. It is the bridge between your consent banner and Google's tracking.
In plain terms: when someone clicks accept or reject on your banner, Consent Mode passes that choice to Google Analytics, Google Ads, and other Google tags. Those tags then know whether they are allowed to read and write cookies.
Why Did Google Make Consent Mode v2 Mandatory?
Google made Consent Mode v2 mandatory in 2024 for anyone using Google advertising products with traffic from the European Economic Area. If the consent signals are missing, Google stops collecting data for audiences and remarketing, so your ad campaigns lose their targeting and measurement.
The push came from the EU's Digital Markets Act, which forced Google to prove it only processes personal data when a user agrees. Consent Mode v2 added two new signals, ad_user_data and ad_personalization, on top of the older analytics and ad storage signals. Without them, Google Ads features like remarketing simply go dark.
Basic vs Advanced Consent Mode
There are two ways to run Consent Mode, and the difference matters for both your data and your compliance.
- Basic Consent Mode blocks Google tags completely until the visitor consents. No pings are sent before consent. You keep the cleanest compliance posture, but you lose all data from users who reject.
- Advanced Consent Mode loads Google tags in a limited state and sends anonymous, cookieless pings even before consent. Google then uses modeling to estimate the conversions you cannot measure directly.
Advanced mode recovers more data, but those cookieless pings are a grey area for strict regulators. Basic mode is the safer default if your priority is staying clearly on the right side of GDPR.
What Happens If You Skip Consent Mode v2?
If you skip it, you face two problems at once. Your Google Ads audiences and remarketing lists stop growing for EU users, and your analytics data develops blind spots. On the compliance side, tags that fire without a proper consent signal are exactly what regulators are fining companies for.
Enforcement is not theoretical. France's data protection authority, the CNIL, handed Google a combined 325 million euro fine in 2025 over how its cookie consent was handled. European authorities issued close to half a billion euros in fines in a single month of 2025. Cookie violations sit in GDPR's top penalty tier, up to 20 million euros or 4 percent of global turnover.
How Do You Set Up Consent Mode v2?
You set up Consent Mode v2 by connecting a consent management platform to your Google tags, so the banner sends the consent signals automatically. Doing it by hand means writing custom dataLayer code and updating it every time Google changes the spec, which is why most sites use a CMP instead.
The clean path looks like this:
- Add your consent banner and pick which cookie categories map to analytics and advertising.
- Make sure the banner sets Google's default consent state to denied before any choice is made.
- When the visitor accepts, the banner updates the consent signals and your Google tags start collecting.
Consentify handles this wiring for you. When you enable the Google Consent Mode v2 integration, the banner sends the correct signals for you, so you do not touch a line of dataLayer code. You can confirm what is actually firing with a free cookie scan of your own site.
Does Consent Mode v2 Make You GDPR Compliant?
No. Consent Mode v2 tells Google tags how to behave, but it does not stop other scripts on your site, like Meta Pixel, Hotjar, or a chat widget, from firing before consent. True compliance means every non-essential script waits for a yes, not just the Google ones.
This is the trap. A site can have Consent Mode v2 set up perfectly and still be non-compliant because a Facebook Pixel loads on page one. Real compliance needs a banner that blocks all tracking scripts until consent, which is the point we make in our guide to GDPR cookie requirements. If you also run Google Analytics, our post on keeping Google Analytics GDPR compliant covers the analytics side in detail.
How Does Consent Mode v2 Work With GA4?
In Google Analytics 4, Consent Mode v2 controls the analytics_storage signal. When a visitor consents, GA4 tracks normally with cookies. When they reject, GA4 either sends nothing (basic mode) or sends anonymous, cookieless pings that Google uses to model the missing sessions (advanced mode).
The catch with modeling is that it needs volume. Google only fills in modeled conversions once your property passes certain traffic thresholds, so smaller sites in basic mode will simply see gaps in their GA4 reports for users who reject. That is the honest trade-off, and it is why your consent rate matters so much for data quality.
How Do I Test If Consent Mode v2 Is Working?
You test Consent Mode v2 by checking that Google's default consent state is denied before any click, then flips to granted after the visitor accepts. Google Tag Assistant and the consent section inside Google Tag Manager's preview mode both show these states live as you interact with the banner.
Do a quick manual pass. Open your site in a fresh browser, watch the consent state sit at denied, click accept, and confirm it switches to granted. Then run a free cookie scan to catch any tracker that fires before you ever touch the banner, since those are the ones that create real risk regardless of your Consent Mode setup.
Common Consent Mode v2 Mistakes
Most Consent Mode v2 problems come from a handful of repeat mistakes:
- Default not set to denied. If the default state is granted, Google tags fire before consent, which defeats the whole point.
- Only wiring the Google tags. Consent Mode covers Google. Meta Pixel, TikTok, Hotjar, and chat widgets still need blocking separately.
- Treating advanced mode as automatically safe. Cookieless pings before consent are a grey area, so do not assume advanced mode removes your compliance duty.
- Forgetting the v2 signals. Sites that upgraded late sometimes still miss
ad_user_dataandad_personalization, which breaks Google Ads features.
How Consentify Handles Consent Mode v2
Consentify blocks every tracking script behind consent by default, then layers Consent Mode v2 on top for your Google tags. So you get both halves of the job in one setup: the Google signals that keep your ad data flowing, and the hard script blocking that keeps regulators happy. Setup takes a few minutes and the free plan includes it.
Want Consent Mode v2 done right, without touching code? Try Consentify free, one domain, no watermark, no time limit.