Frequently Asked Questions

If your website sets any non-essential cookies (analytics, marketing, social media embeds), you likely need a consent banner. The GDPR (EU/UK), LGPD (Brazil), and PIPEDA (Canada) require opt-in consent before setting such cookies. The CCPA (California) requires at minimum an opt-out mechanism. Even if you only use Google Analytics, a consent banner is required in most jurisdictions.

Strictly necessary cookies are those required for the basic functioning of your website. Examples include session cookies for login, shopping cart cookies, CSRF protection tokens, and load balancer cookies. These do not require consent under GDPR. Analytics cookies (including Google Analytics), advertising cookies, and social media cookies are never considered strictly necessary.

LiteConsent includes a Setup Assistant that scans your website and detects cookies and tracking scripts. When you run it from the Setup Assistant tab, it creates a debug session where you browse your site while LiteConsent records all cookies and third-party resources. It then automatically creates cookie records and resource rules for you. You can also manually add cookies in the Categories tab.

Yes. Google Analytics sets cookies that track user behavior, which makes them non-essential under GDPR and similar regulations. You must obtain consent before loading Google Analytics for visitors in the EU/UK. LiteConsent handles this automatically through Google Consent Mode v2: GA4 loads on page load but respects consent signals, so it only collects data when the user has granted analytics consent.

When a visitor clicks "Reject" or declines non-essential cookies, LiteConsent blocks all scripts and cookies in the rejected categories. Only strictly necessary cookies continue to work. The visitor's rejection is stored as a consent record, and the banner will not appear again until the consent expires (configurable, default 365 days). The visitor can change their preferences at any time through the consent widget.

GDPR does not specify an exact renewal period, but the common best practice is to re-ask every 6 to 12 months. LiteConsent lets you configure the consent expiry period in your site settings. When consent expires, the banner reappears automatically. You should also re-ask consent if you add new cookie categories or significantly change how you process data.

LiteConsent is designed to meet GDPR requirements for cookie consent. It provides: prior consent before non-essential cookies are set, granular category-level choices, an easy way to withdraw consent, consent logging for accountability, and clear information about what each cookie does. However, full GDPR compliance also depends on your broader data processing practices, privacy policy, and other factors beyond cookie consent alone.

Yes. LiteConsent loads once and persists across client-side navigation. The consent state is stored in a cookie, so it survives page transitions in SPAs built with React, Vue, Next.js, Nuxt, or any other framework. The LiteConsent script does not re-initialize on route changes unless you explicitly call it.

Yes. Each LiteConsent plan includes a number of sites. You can configure each site independently with its own banner design, categories, languages, and jurisdiction settings. The number of sites available depends on your plan. You can also group related domains to share consent across them.

Opt-in (GDPR model): No non-essential cookies are set until the visitor actively agrees. The visitor must click "Accept" or select categories before any tracking begins. This is the default for EU/UK visitors.

Opt-out (CCPA model): Cookies may be set by default, but the visitor must have a clear way to opt out (e.g., "Do Not Sell My Personal Information"). This is the model used for California visitors. LiteConsent automatically switches between these modes based on the visitor's jurisdiction.