CNIL with Consent: Tracking Ecommerce and other actions after consent is given FAQ

Consent-exempt tracking with CNIL is covered in this FAQ. The FAQ includes the requirement to restrict or disable Ecommerce tracking and disable Heatmaps, Session Recordings and other Matomo features. However, if you want to track these actions once a visitor grants consent or if you want to use tracking that is not exempt from consent, then you will need to obtain visitor’s consent before tracking them using Matomo Analytics.

If you have a third-party Consent Management Platform (CMP), your provider should provide a method for you to check the status of visitor consent. There are many CMPs, so the method of getting consent status will vary. This example will use CookieBot methods – you will need to check with your CMP provider to find an equivalent method.

CookieBot makes consent status available within the Cookiebot.consent variable on each page. This variable can be used to fire Ecommerce actions only when the consent status for “statistics” is granted. For example:

//Track an ecommerce order only if 'statistics' consent is granted
if (typeof Cookiebot !== 'undefined' && Cookiebot.consent) {
  if (Cookiebot.consent.statistics == true) {
    _paq.push(['trackEcommerceOrder',
      "000123", // (Required) orderId
      0, // (Required) grandTotal (revenue)
      0, // (Optional) subTotal
      0, // (optional) tax
      0, // (optional) shipping
      false // (optional) discount
    ]);
  }
}

The above method can also be used to enable Heatmaps and Session Recordings when consent is granted:

//enable Heatmaps and Session Recordings only if 'statistics' consent is granted
_paq.push(['HeatmapSessionRecording::disable']);
if (typeof Cookiebot !== 'undefined' && Cookiebot.consent) {
  if (Cookiebot.consent.statistics == true) {
    _paq.push(['HeatmapSessionRecording::enable']);
  }
}

Previous FAQ: CNIL Compliance for Ecommerce Tracking

Using Third-party Consent Managers

Feedback on this page