European regulations overview and guidance

Comply with EU user consent policy

Choose ad serving options and get user consent

Beginning January 16, 2024, publishers and developers using Google AdSense, Ad Manager, or AdMob will be required to use a Consent Management Platform (CMP) that has been certified by Google and has integrated with the IAB's Transparency and Consent Framework (TCF) when serving ads to users in the European Economic Area or the UK.

Under Google’s updated EU user consent policy, you must make certain disclosures to your users in the European Economic Area (EEA), the UK, and Switzerland and obtain their consent for the use of cookies or other local storage where legally required, and for the collection, sharing, and use of personal data for ads personalization. This policy reflects the requirements of the EU ePrivacy Directive and the General Data Protection Regulation (GDPR).

To support publishers in meeting their duties under this policy, Google offers the ad serving options described below for users in the EEA, the UK, and Switzerland. If you don’t make any changes, the commonly used set of ad technology providers (ATPs) will continue to be used.

The EEA includes the European Union member states and Iceland, Liechtenstein, and Norway.

Get started

  1. Sign in to Google Ad Manager.
  2. Click Privacy & messaging.
  3. Click European regulations.
  4. Click Settings. On the European regulations settings page, update the settings for the sections on this page as described below.
    Only the built-in Administrator user role has edit permissions by default. For a custom user role to see this page, you need to update the permissions to include the View privacy & messaging or Edit privacy & messaging permissions.

Select the type of ads you want to show

You can choose to serve non-personalized ads to all of your users in the EEA, the UK, and Switzerland using the “Non-personalized ads” setting below. However, if you want to give each of your users a choice between personalized and non-personalized ads, select “Personalized ads” and follow the instructions for serving non-personalized ads on a per-request basis.

Personalized ads

Google can continue to show personalized ads as well as non-personalized ads to your users in the EEA, the UK, and Switzerland. This is the setting that will be used unless you make a change on this page.

Personalized ads reach users based on their interests, demographics, and other criteria. Because ad technology providers (ATPs) may collect, receive, and use personal data from users in personalized ads, you must clearly identify all such ad technology providers when you obtain user consent for the collection, sharing, and use of personal data for ads personalization.

Personalized ads through Google Ad Manager/Ad Exchange programmatic transactions:
  • For ads from Google Demand sources (such as the Google Display Network (GDN) and Display & Video 360): Google will restrict creatives from serving (and from competing in the auction) based on pixels from non-consented entities.
  • For ads from non-Google demand sources (such as Real-time bidding (RTB) Ad Exchange buyers and Exchange/Network Bidding partners): It’s the responsibility of the third-party demand source to only include pixels from consented entities in its creatives. Google will send bidders a list of the consented entities in the RTB callout.

Non-personalized ads

Google will show all your users in the EEA, the UK, and Switzerland only non-personalized ads for Open Auction, First Look, Private Auctions, Preferred Deals, and Programmatic Guaranteed deals, and won’t serve other line items with audience targeting for users in the EEA, the UK, and Switzerland. Selecting Non-personalized ads will also remove personalization options when enabling specific line items.

Non-personalized ads are targeted using contextual information rather than the past behavior of a user. Although these ads don’t use cookies for ads personalization, they do use cookies to allow for frequency capping, aggregated ad reporting, and to combat fraud and abuse. Consent is therefore required to use cookies for those purposes from users in countries to which the EU ePrivacy Directive’s cookie provisions apply.

When a signed-in Google user in the EEA, the UK, or Switzerland has directly provided Google with age information, and is under the age of consent set by GDPR, Google will only serve non-personalized ads to that user, regardless of the publisher's EU user consent settings within Google Ad Manager or whether the publisher passes a non-personalized ads signal in the ad tag.

Note the following:
  • If you already set up rules to block user-based data, you should still select the Non-personalized ads option here to ensure that only non-personalized ads are shown. Google will apply the more restrictive settings.
  • The Non-personalized ads option is now supported for Real-time bidding (RTB) buyers, including Ad Exchange third-party buyers and Exchange/Network Bidding partners.

Select ad technology providers (for personalized ads)

To help with compliance under Google’s updated EU user consent policy, you have the option to select your preferred ad technology providers (ATPs) from a list of companies that have provided us with information about their compliance with the GDPR — all of whom also have to comply with our data usage policy to ensure publisher data is protected.

If you select these ad technology providers (including Google and other bidders and vendors), they may use data about your users for the purposes of ads personalization and measurement.

Note the following:
  1. Choose a commonly used set of ad technology providers or create a custom set:
    • Commonly used set of ad technology providers: This is the setting that will be used unless you make a change on this page.
    • Custom set of ad technology providers: Select your preferred ad technology providers.
  2. Clearly identify the providers you select to your users, and obtain users' consent in line with Google's EU user consent policy.
    You could do this by listing your chosen ad technology providers in a consent flow, or listing your chosen providers on a separate page of your site to which you direct your users from a consent flow. In either case, to comply with Google's EU user consent policy, you should link to the details provided by each provider that describes their activities. 

Declare ad technology providers for reservation creatives

Declare ad technology providers that you work with on reservation creatives. Reservation creatives are associated with non-programmatic line items, including guaranteed (Sponsorship and Standard) and non-guaranteed (Network, Bulk, Price Priority, and House).

Google will check for consent for any ad technology providers that you declare when determining whether reservation creatives are eligible to serve.

Learn more about declaring ad technology providers for creatives in Ad Manager reservation campaigns

Set up consent gathering

You can create your own consent dialog that displays a message on your sites or apps asking your users in the EEA, the UK, and Switzerland for consent.

Consent for apps

See the Google Developers guide (Android, iOS) to learn how to use Google’s consent dialog or create your own consent dialog.

After updating your app code, you’ll re-upload your app to the Google Play or App Store. You may need your network ID.

Consent for the web

Learn more about passing consent signals to Google Ad Manager.

Additional considerations

Privacy Sandbox API

Google advertising services are experimenting with new ways of supporting the delivery and measurement of digital advertising in ways that better protect people’s privacy online via the Privacy Sandbox initiative on Chrome and Android. Users with the relevant Privacy Sandbox settings enabled in Chrome or Android may see relevant ads from Google advertising services based on Topics or Protected Audience data stored on their browser or mobile device. Google advertising services may also measure ad performance using Attribution Reporting data stored on their browser or mobile device. The EU user consent policy requires you to obtain valid user consent for these actions in the same way as you rely on consent today for ads personalization and the use of non-essential local storage in the European Economic Area and the UK.

Was this helpful?

How can we improve it?
Clear search
Close search
Google apps
Main menu