How to integrate GetTerms CMP with Matomo

Cloud On-Premise

This guide provides general technical implementation advice. It does not constitute legal advice. Consult with a qualified privacy professional to ensure full compliance with applicable laws.

Website owners are responsible for their website’s compliance with privacy laws. This includes responsibility for collecting and retaining a log of their visitors’ valid tracking consents where required.

A Consent Management Platform (CMP) is a tool that helps website owners ensure compliance with privacy laws by managing visitor consent for cookie-based or cookieless tracking. It presents website visitors with a consent banner explaining data processing activities and allows them to accept or decline specific purposes, such as analytics or marketing.

CMP integration with Matomo can be implemented using the Matomo tracking code or Matomo Tag Manager. The Matomo Tag Manager method is covered in a separate guide.

This guide focuses on two integration methods using the Matomo tracking code.

Each method is based on different regulatory requirements, so it is important to consider your organisation’s legal obligations and tracking needs when integrating the CMP:

  1. Consent-based Tracking: For websites targeting users in countries that require prior consent for use of cookies and similar technologies for analytics and marketing (for example, most or EU and EEA countries), enable cookieless or cookie-based Matomo tracking only after obtaining visitor consent.

  2. Opt-out Tracking for CNIL Exemption: For organisations relying on the CNIL consent exemption for website analytics, limited tracking is permitted, provided that conditions of exemption are strictly met and users are offered a clear opt-out mechanism. CNIL exemption is strict and if any conditions of the CNIL exemption are not met, consent is also required.

Before you start

  1. Create your GetTerms account.
  2. Complete the necessary steps to configure your cookie banner in line with the consent method used and the legal requirements that apply to your website.
  3. Ensure your Matomo JavaScript code snippet is added to the web pages you want to track and placed before the closing head </head> tag.
  1. To install the consent manager initialisation script, copy the script from your GetTerms account in Cookie Banner > Installation.
  2. Add the CMP script to the web pages you want to track. This should be placed as the first script below the opening <head> tag.

GetTerms displays cookies using user-friendly category names in the banner (for example, Performance), but the actual consent values are stored in the cookie_preferences object in localStorage. These stored values use predefined category keys such as: Essential Cookies, Functional, Marketing, Analytics, and Unclassified.

For integrations, always use the stored consent object. For example, even if Matomo cookies appear under the Performance category in the banner, the corresponding consent signal may be stored under:

consent.cookie_preferences['Analytics'] === true

You can inspect the stored consent object in your implementation to confirm which category controls your tags:

console.log(JSON.parse(localStorage.getItem('getterms_cookie_consent')));

This ensures that tracking behaviour matches the actual consent signal used by GetTerms.

In regions with strict privacy and ePrivacy laws, such as the EU or UK, websites must obtain explicit consent before collecting analytics data. Consent-based tracking ensures that no tracking occurs until a website visitor actively provides consent.

This method can operate in either cookieless (JavaScript-based) or cookie-based mode, but tracking is only activated after the visitor gives consent. When consent is revoked or denied, any existing Matomo cookies are removed from the visitor’s browser and tracking stops.

Install and modify the Matomo tracking code

  1. If you do not have the tracking code installed yet, go to Administration matomo admin gear icon > Websites > Tracking Code and select the website you want to track.
  2. Copy the tracking code shown in the code box and paste into a text editor.
  3. Insert the line _paq.push(['requireConsent']); before _paq.push(['trackPageView']).
  4. Paste the modified tracking code before the </head> tag on all the website pages you are tracking.
  5. If you already have the Matomo tracking code on the page, replace it with the updated tracking code:
<!-- Matomo -->
<!-- SAMPLE CODE - DO NOT COPY THIS -->
<!-- COPY THE TRACKING CODE FROM YOUR MATOMO DASHBOARD -->
<script>
  var _paq = window._paq = window._paq || [];
  _paq.push(['requireConsent']);
  _paq.push(['trackPageView']);
  _paq.push(['enableLinkTracking']);
  (function() {
    var u="//matomo/";
    _paq.push(['setTrackerUrl', u+'matomo.php']);
    _paq.push(['setSiteId', '1']);
  })();
</script>
<script src="//matomo/matomo.js"></script>
<!-- End Matomo Code -->

The following script listens for consent updates and enables/disables tracking when consent is granted/denied. Add the consent handling script before the closing tag on all website pages that contain the Matomo tracking code.

(function () {
  var MAX_WAIT = 40;
  var waitCount = 0;

  function getConsentFromStorage() {
    try {
      var stored = localStorage.getItem('getterms_cookie_consent');
      return stored ? JSON.parse(stored) : {};
    } catch (e) {
      return {};
    }
  }

  function hasAnalyticsConsent(consent) {
    return !!(
      consent &&
      consent.cookie_preferences &&
      consent.cookie_preferences['Analytics'] === true
    );
  }

  function deleteMatomoCookies() {
    var cookies = document.cookie.split(";");

    cookies.forEach(function (cookie) {
      var name = cookie.split("=")[0].trim();

      if (
        name.indexOf('_pk_') === 0 ||
        name === 'mtm_consent' ||
        name === 'mtm_consent_removed'
      ) {
        var domains = [
          location.hostname,
          '.' + location.hostname
        ];

        domains.forEach(function (domain) {
          document.cookie = name + "=;expires=Thu, 01 Jan 1970 00:00:00 UTC;path=/;domain=" + domain + ";";
        });

        // fallback (no domain)
        document.cookie = name + "=;expires=Thu, 01 Jan 1970 00:00:00 UTC;path=/;";
      }
    });
  }

  function applyConsent(consent) {
    if (hasAnalyticsConsent(consent)) {
      _paq.push(['setConsentGiven']);
    } else {
      _paq.push(['forgetConsentGiven']);
      deleteMatomoCookies();
    }
  }

  function waitForMatomo() {
    if (typeof _paq === 'undefined') {
      if (waitCount < MAX_WAIT) {
        waitCount++;
        return setTimeout(waitForMatomo, 250);
      }
      return;
    }

    // Apply stored consent on initial load
    applyConsent(getConsentFromStorage());

    // Listen for GetTerms updates
    document.addEventListener('getterms-consent-updated', function (event) {
      applyConsent(event.detail || {});
    });
  }

  // Start after DOM is ready
  document.addEventListener('DOMContentLoaded', waitForMatomo);
})();

Test the integration

Once you have installed the Matomo tracking code and added the consent handling script to your website, you can test the tracking behaviour for different regions to validate your privacy compliance setup.

  1. GetTerms allows you to optionally block page interaction before consent preferences are set.
  2. Open your website and use the consent manager widget to decline tracking consent.
  3. In your Matomo instance, open the Visitors > Real-time report, and check that no tracking occurred.
  4. Next, grant consent and verify that tracking started.
  5. For cookie-based tracking, open the browser’s developer tools and view Application or Storage > Cookies tab to confirm cookies were set.
  6. Revoke consent and confirm the Matomo cookies are deleted from the browser.

This simple test confirms that the integration correctly respects regional privacy requirements and only activates tracking after consent is granted.

Method 2: Opt-out Tracking (CNIL Exemption)

The French supervisory authority, the Commission nationale de l’informatique et des libertés (CNIL) permits certain forms of website analytics to be used without prior consent, provided that strict conditions are met. This is commonly referred to as CNIL consent exemption for audience measurement tools. Our self-assessment against CNIL consent-exemption criteria can be found here.

Organisations relying on the CNIL consent exemption can track website visitors by default provided that all exemption conditions are met.

Note: To comply with this exemption, you must implement the necessary settings in Matomo to ensure data collection remains privacy-friendly and adheres to CNIL’s guidelines.

Refer to the Matomo Analytics Configuration Guide and Self-Assessment as required for CNIL consent-exemption (English version or French version).

While CNIL’s exemption is specific to France, supervisory authorities in a small number of other EU countries have also exempted narrow scope of website analytics from consent (with opt-out right). The Opt-out tracking method can also be used in the context of those exemptions, if Matomo is configured in line with the specific requirements. Refer to the ePrivacy Directive overview, National Implementations, and Matomo’s Website Analytics Guide for details.

To configure tracking under the CNIL exemption (opt-out model), it’s important to assess whether your site qualifies for this setup. Consult with your data privacy officer or legal team before relying on the CNIL exemption.

If you fully comply with CNIL’s criteria for exempt audience measurement tools, there are different approaches you can take to integrate with your consent manager platform (CMP).

  1. Your website targets visitors in countries where CNIL or very similar exemption exists (e.g., France, Spain, Italy), or you have an establishment in such countries:
    • Configure your CMP to either load Matomo Analytics cookies and start tracking without prior consent, or
    • Re-categorise the Matomo cookies as Essential/Necessary.
    • The CMP banner must clearly inform users about the use of consent exempt website analytics tracking and include a visible and easily accessible opt-out mechanism (e.g. a link to your privacy policy with an opt-out checkbox).
      opt-out form matomo
  2. If your website serves a broader audience that targets visitors from countries that require prior consent for cookie based or cookieless website analytics (e.g. most of EU countries):
    • Consider splitting your banner configuration if the CMP supports region-specific geotargeting and consent rules.
  3. Follow the steps in this guide, How to include a web analytics opt-out feature on your site to add the embedded Matomo opt-out form to your website. The form includes all required JavaScript to allow users to opt-out of tracking.
  4. Alternatively, you can create a custom opt-out form using HTML and JavaScript, as explained in this developer guide.

Test the integration

Once configured, test the tracking behaviour and validate your privacy compliance setup.

  • Perform test actions on your website and view the Visits in Real-time report to verify tracking requests are sent to Matomo.
  • Select to opt-out of tracking.
  • Open the browser’s developer tools and view the Application or Storage > Cookies tab to verify that the mtm_consent_removed cookie is set.
  • Perform test actions on your website and view Visits in Real-time report to ensure no tracking requests are sent to Matomo after opting out.
  • Change the settings to opt back in and resume tracking.
  • Perform test actions on your website and view the Visits in Real-time report to ensure tracking requests are sent to Matomo.

This test confirms that the integration respects the user’s choice to opt out and behaves in accordance with CNIL’s exemption criteria.

⚠️ If you use Matomo features like Heatmaps, User ID, Ecommerce, Advertising Conversion, or Session Recording, or you want to access or export raw data you must switch to Method 1 (Consent-based Tracking), as these features fall outside the exemption.

Previous FAQ: Integrate Consent Managers (CMP) with the Matomo Image tracker