Subscribe to receive notifications of new posts:

Consent management made easy and clear with Cloudflare Zaraz


5 min read

This post is also available in 简体中文, 繁體中文, 日本語, 한국어, Deutsch, Français and Español.

Consent management made easy and clear with Cloudflare Zaraz

Depending on where you live you may be asked to agree to the use of cookies when visiting a website for the first time. And if you've ever clicked something other than Approve you'll have noticed that the list of choices about which services should or should not be allowed to use cookies can be very, very long. That's because websites typically incorporate numerous third party tools for tracking, A/B testing, retargeting, etc. – and your consent is needed for each one of them.

For website owners it's really hard to keep track of which third party tools are used and whether they've asked end users about all of them. There are tools that help you load third-party scripts on your website, and there are tools that help you manage and gather consent. Making the former respect the choices made in the latter is often cumbersome, to say the least.

This changes with Cloudflare Zaraz, a solution that makes third-party tools secure and fast, and that now can also help you with gathering and managing consent. Using the Zaraz Consent Manager, you can easily collect users’ consent preferences on your website, using a consent modal, and apply your consent policy on third-party tools you load via Cloudflare Zaraz. The consent modal treats all the tools it handles as opt-in and lets users accept or reject all of those tools with one click.

The future is private

The privacy landscape around analytics cookies, retargeting cookies, and similar tracking technologies is changing rapidly. Last year in Europe, for example, the French data regulator fined Google and Facebook millions of euros for making it too difficult for users to reject all cookies. Meanwhile, in California, there have been enforcement actions on retargeting cookies, and new laws on retargeting come into effect in 2023 in California and a handful of other states. As a result, more and more companies are growing wary of potential liability related to data processing activities performed by third party scripts that use additional cookies on their websites.

While the legal requirements vary by jurisdiction, creating a compliance headache for companies trying to promote their goods and services, one thing is clear about the increasing spate of regulation around trackers and cookies – end users need to be given notice and have the opportunity to consent to these trackers.

In Europe, such consent needs to occur before third-party scripts are loaded and executed. Unfortunately, we’ve noticed that this doesn’t always happen. Sometimes it’s because the platform used to generate the consent banner makes it hard to set up in a way that would block those scripts until consent is given. This is a pain point on the road to compliance for many small website owners.

Some consent modals are designed in a deceptive manner, using dark patterns that make the process to refuse consent much more difficult and time-consuming than giving consent. This is not only frustrating to the end users, but also something that regulators are taking enforcement actions to stop.

Cookie banner on a website. Refusing consent to cookies is made harder and time-consuming than giving consent, which can at best be frustrating to users and at worst draw enforcement actions from regulators in a number of jurisdictions.

Cloudflare Zaraz is a tool that lets you offload most of third-party scripts’ jobs to Cloudlare Workers, significantly increasing the performance and decreasing the time it takes for your site to become fully interactive. To achieve this, users configure third-party scripts in the dashboard. This means Cloudflare Zaraz already has information on what scripts to load and the power to not execute scripts under certain conditions. This is why the team developed a consent modal that would integrate with tools already set up in the dashboard and make it dead-simple to configure.

screenshot of the consent modal with some tools preconfigured and default styles
screenshot of the same modal on mobile

To start working with the consent functionality, you just have to provide basic information about the administrator of the website (name, street address, email address), and assign a purpose to each of the tools that you want to be handled by the consent modal. The consent modal will then automatically appear to all the users of your website. You can easily customize the CSS styles of the modal to make it match your brand identity and other style guidelines.

a screenshot of the custom CSS added in the Dashboard

In line with Europe’s ePrivacy Directive and General Data Protection Regulation (GDPR), we’ve made all consent opt-in: that is, trackers or cookies that are not strictly necessary are disabled by default and will only execute after being enabled. With our modal, users can refuse consent to all purposes with one click, and can accept all purposes just as easily, or they can pick and choose to consent to only certain purposes.

The natural consequence of the opt-in nature of consent is the fact that first-time users will not immediately be tracked with tools handled by the consent modal. Using traditional consent management platforms, this could lead to loss of important pageview events. Since Cloudflare Zaraz is tightly integrated with the loading and data handling of all third-party tools on your website, it prevents this data loss automatically. Once a first-time user gives consent to a purpose tied to a third-party script, Zaraz will re-emit the pageview event just for that script.

There’s still more features coming to the consent functionality in the future, including giving the option to make some purposes opt-out, internationalization, and analytics on how people interact with the modal.

Try Zaraz Consent to see for yourself that consent management can be easy to set up: block scripts that don’t have the user’s consent and respect the end-users’ right to choose what happens to their data.

We protect entire corporate networks, help customers build Internet-scale applications efficiently, accelerate any website or Internet application, ward off DDoS attacks, keep hackers at bay, and can help you on your journey to Zero Trust.

Visit from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.

Follow on X


Related posts