How can I integrate a third-party cookie consent tool with Piwik PRO?

Administration

Needed permissions: owner

If you want to keep using your cookie consent tool instead of switching to our Consent Manager, you can integrate it with Piwik PRO. This way, you’ll be able to collect full data from visitors who gave their consent and anonymous data from the others.

In this article, we’ll explain how to set it up.

Before you start

Here are some things to know before you start:

  • You can use this integration for Cookiebot, OneTrust, Termly and the like.
  • Our consent system works with Tag Manager. Every tag in Tag Manager is linked to a consent category and only activates when consent is given (there’s also a category that doesn’t need consent). This integration shows you how to match up the analytics consent category between your cookie consent tool and Piwik PRO.
  • You need to install our container code on each page of your website. Read more
  • The Piwik PRO tag (tracking code) in Tag Manager needs to have the following consent type: Analytics. This is the default setting.
  • You’ll need to add some JavaScript methods to your site’s source code that will make the visitor non-anonymous. You may need the help of a web developer to do this. But if you can’t find such help, you can skip these methods and collect anonymous data from all visitors.
  • If you want to synchronize other consent types, use our JavaScript methods.
  • This integration doesn’t collect or pass consent statistics. However, you can use our JavaScript methods to create such an integration.

To integrate Piwik PRO with a third-party cookie consent tool, follow these steps:

  1. Log in to Piwik PRO.
  2. Go to Menu > Administration.
  3. Navigate to Sites & apps.
  4. On the left, pick the site or app you want to set up.
  5. Navigate to Privacy.
  6. Turn on Ask visitors for consent.
    Ask visitor for consent in Piwik PRO
  7. Click View to customize the consent setting:
    • Collect anonymous data from non-consenting visitors: You can collect anonymous data from visitors who haven’t given their consent. Their IP addresses will be completely masked. You will not recognize new and returning visitors. And you will only know their country. It’s up to you to decide whether to use a session hash and visitor cookies for these visitors or not.
    • Use a session hash: If you use a session hash, it’ll be created for each session based on the visitor’s IP address, operating system, browser name, browser version, browser language, enabled browser plugins and site/app ID. This hash will help us recognize events that belong to the same session. Note: This setting applies to non-consenting visitors.
    • Use visitor cookies: If you use visitor cookies (_pk_id and _pk_ses), we’ll use them to recognize events that belong to the same session. They will expire 30 minutes after the last event. Note: This setting only applies to non-consenting visitors.

    Note: Some triggers in Tag Manager create cookies to function correctly. If you use one of the following conditions in triggers, we’ll set a cookie:

    • Event condition > Traffic source
    • Event condition > Returning visitor
    • Event condition > Campaign
    • Event condition > External referrer 
    • Multiplicity > Fire tag once per session
    • Multiplicity > Fire tag multiple times per session, excluding first
    • Multiplicity > Fire tag once per page view

    Make sure that tags with those triggers are set with the right consent type.

    We also set essential cookies that store visitor’s consent decision. More about cookies

    Note: We observed on our sites that only 25 to 75 percent of people give full consent. So you may want to collect non-sensitive data from visitors who don’t agree to data collection and usage.

  8. Turn on Use a custom consent form.
    Custom consent form in Piwik PRO
  9. In your website’s source code, call the setInitialComplianceSettings() method on the first visitor’s entry. This method sets a ppms_privacy cookie and sets the decisions to -1.
    ppms.cm.api(
      "setInitialComplianceSettings",
      {
        consents: ["analytics"],
      },
      console.log,
      console.error
    );

    Note: For non-anonymous visitors, Piwik PRO sets a first-party cookie, creates a session hash, unmasks IP address and reads full location data (Latitude, Longitude, Organization, Provider, City, Region, Country, Continent). Read more

    Note: You can skip this step and collect anonymous data from all visitors.

    Tip: You may need to ask your web developer to help you add these methods to your site’s source code.

  10. Call the setComplianceSettings() method when a visitor agrees to analytics on your third-party consent form. This will make the visitor non-anonymous.
    ppms.cm.api(
      "setComplianceSettings",
      {
        consents: {
          analytics: {
            status: 1,
          },
        },
      },
      console.log,
      console.error
    );
  11. All done! Now Piwik PRO will collect full data from visitors who consent to analytics and anonymous data from the others.

Was this article helpful?

Technical support

If you still have any questions, visit our community.
There’s always someone happy to help!

Back to help center