This article describes the GDPR message Google will set up for you if you don’t publish your own by January 16, 2024.
Beginning January 16, 2024, publishers will be required to use a Google-certified Consent Management Platform (CMP) that integrates with the IAB’s Transparency and Consent Framework (TCF) when serving ads to users in the European Economic Area (EEA) and the UK. If you don't currently have a suitable GDPR message, you'll be invited to choose a GDPR message option when you sign in to your Ad Manager account. If you choose to create a GDPR message but don't publish it by January 16, 2024, we’ll publish a default GDPR message for you using Google's own CMP. You can customize this GDPR message later.
For sites, no action is needed for Google to publish a default GDPR message for you using Google's own CMP.
For apps to show the published message, you must install the latest Google Mobile Ads SDK version to use ad unit deployment (Version 22.5.0+ for Android or Version 10.8.0+ for iOS). Ad unit deployment requires an app open or interstitial ad in order to show a GDPR message. Note that it's your responsibility to add a consent revocation link to your app.
Note: Ad unit deployment is an intermediate solution to help you meet the requirement deadline. To continue serving personalized ads to users in the EEA and UK, we strongly recommend that you adopt a Google-certified CMP as soon as possible.
If you decide to use Google’s CMP, you can create a message in Ad Manager and add the Google User Messaging Platform (UMP) SDK to your app. If we create a message on your behalf using ad unit deployment, you can still use this message after you upgrade to the UMP SDK.
You can switch to another CMP at any time. You're welcome to use any Google-certified CMP. If you choose to use another CMP, our systems will detect this and we won't set up a GDPR message for you on January 16, 2024.
Confirm your GDPR consent options
Before your GDPR message goes live, you'll need to sign in to Ad Manager to finish setting up your message. We’ll need some information about the consent choices you want to show your users.
In the "Confirm consent options in your GDPR message" dialog, decide on the options that will be presented to your users, including whether you want to include the Do not consent option. If included, your message will present your users with a choice to not consent to your ad partners and your ad partners’ purposes with a single click on the first page of the message.
Your message will either show:
- Consent and Manage options
Your message will include 2 choices. Learn more about the elements included in a two-button GDPR message.
- Consent, Manage options, and Do not consent
Your message will include 3 choices. Learn more about the elements included in a three-button GDPR message.
If you don't sign in to your account before January 16, 2024, your consent message will show Consent, Manage options, and Do not consent. Note that you can change your GDPR settings at any time.
If we publish a GDPR message for you, it will have the following default settings.
|Site URL or app
|The site URL or domain of your site, or the apps in which this message will be displayed.
|We’ll attempt to detect which of your sites or apps do not have a CMP implemented.
|Ad unit deployment (for apps only)
|Enables the message to be shown on interstitial and app open ad units in your app.
The language in which the message will be displayed.
For sites, we'll attempt to detect the language of your site and set this as the language of the message. If we can't, we will use English as the default language.
For apps, we'll create messages in all EEA and UK languages available for messages in Privacy & messaging. If we can't match the language with the user's language, we will use English as the default language.
User consent options
The user consent options displayed to site/app visitors in the message.
This will be set to the consent options you choose in Ad Manager.
If you don't choose an option, then your consent message will show: "Consent, Do not consent, or Manage options". Your message won't include a "Close" option.
The format and styling of the message.
No customization of fonts, styles, colors, etc.
The logo associated with your site or app.
Note: To show a logo on your app’s consent message, you must implement the UMP SDK and customize your message. Logos are not available on apps using ad unit deployment.
Consent revocation link
A link to allow the site or app visitor to revoke their consent for personalized ads on your site/app.
It’s your responsibility to add a consent revocation link to your app or site.
Under the Google EU User Consent Policy, you must identify each ad partner that receives the personal data of users in the European Economic Area (EEA) and UK and provide information about the use of that data.
"Commonly used ad partners". This is a preselected list of ad partners (formerly referred to as "ad technology providers").
If you previously selected “custom ad partners” in your GDPR settings, we will use your selected ad partners.
If you use both Ad Manager and AdMob to monetize your apps, the consent message will show the combination of ad partners selected in both products.
Legitimate interest controls
The legitimate interest controls displayed to site or app visitors in the message.
All options will be turned on and displayed.
View an example of a GDPR message with three buttons (Consent, Do not consent, Manage options).
You can change the text and format elements of your default message at any time. Some settings you might want to update include:
- Styling: You can edit and format your message to match your site or app's editorial and visual standards.
- User consent options: You can change the button options in your message, for example, if you don't want to show a "Do not consent" button.
- Logo: If you have a logo associated with your site or app, you can add a logo to your message.
- Ad partners: You can add or remove any ad partners from the preselected list. Learn how to manage GDPR ad partners.
- Legitimate interest controls: You can decide whether to display the legitimate interest controls to visitors and if you want to turn them off. Learn how to manage legitimate interest settings.
Learn more about GDPR messages.