How to Configure Your Consent Banner for Different Geographical Regions

Regions are used to customize the behavior and experience based on an individual user’s location. As an example, this allows you to provide different experiences to users based on regional differences (like GDPR in the EU vs. CCPA/CPRA in California). When a user visits your site, we will automatically determine their location and will match them to the most granular region rule that you have setup in Concord. This can go down to the state/province level, which allows for different experiences for different laws (like CCPA/CPRA in California). While you can get as granular as you want, we typically recommend a single global policy that meets the strictest guidelines across regions, or higher splits (like separate GDPR and United States regions). If you have any questions on how and why to configure your regions in certain ways, please reach out to our support team.

Adding a Custom Region

Login to Concord and navigate to Deployment → Regions. The Default region can be configured from this page or through settings on the Consent → Consent Settings → General Settings. Note that the Default region cannot be deleted and that a user will see the Default consent banner if there are no other matching region rules based on the user’s location.

Click the Add Region button, select one of the following region template options, and click the Next button.Add a descriptive name for the region template.

  • GDPR
  • United States
  • Custom

Note that we will pre-populate the region settings on the following screens based on that choice, but the specific settings can always be adjusted later if preferred.

Click next to keep the default regions based on your previous selection or add or remove the regions that you want to apply to this region template.

On the Details page:

  1. Add a descriptive name for the region template.
  2. Configure the following options:
    • Consent Mode:
      • Express: In Express Consent Mode, the user must interact with the Consent Banner or the Privacy Center to set their preferences. No consent is initially assumed merely by landing on or using the site. Express mode is required for full GDPR compliance.
      • Implied: When using Implied Consent Mode, Concord will automatically generate implied consent events for all categories when the user lands on the site. They can later choose to opt-out of certain categories via your Consent Banner or Privacy Center (depending upon your configured settings and options there). This mode is compliant in most non-GDPR regions, including the United States.
    • Blocking Mode:
      • Disabled: No blocking or detection of cookies and scripts will occur.
      • Discovery: Can be used to capture the cookies and scripts on your site for categorization without blocking.
      • Permissive: Will allow Strictly Necessary, Ignored, & Unclassified cookies and scripts to run until user consent preferences are set.
      • Strict: Will only allow Strictly Necessary & Ignored cookies and scripts until user consent preferences are set. Scripts that are set as Ignored are not known trackers and are marked as Ignored to avoid issues on your site, but should be classified when they track users in any fashion.
  1. Do Not Sell: Enable or disable Do Not Sell on your consent banner. This is required in a number of regions, including most states in the United States.
  2. Global Privacy Control: Enable or disable Global Privacy Control on your consent banner. This is required in a number of regions, including most states in the United States.
  3. Click the Done button to save your region template.

To add additional regions, repeat the above steps.

Editing a Region

Your newly configured region template will now show in the Regions table. You can click Edit to change your template configuration or Delete to delete any of you region templates other than the Default region.