Google has informed the largest web agencies in Europe that they’ll start auditing websites that use Google Ads. The reason for the audits is that Google wants to check if the websites comply with Google’s EU user consent policy — an agreement that adheres to the GDPR, the ePrivacy Directive and equivalent legislation in the UK.
The alleged audit affects Google Ads-users in EU/EEA.
If the Google Ads users are not compliant, they risk having their conversion tracking and remarketing lists deactivated, and — worst case —their entire Ads account suspended.
So, how do you know if you comply with Google’s EU user consent policy?
Let’s begin by clarifying the policy.
What is Google’s EU user consent policy?
Google’s EU user consent policy is an agreement between Google and anyone using their products in the European Economic Area (EEA)* and the United Kingdom (UK) markets.
Is Google’s EU user consent policy a brand new agreement?
Why does Google suspend Google Ads Europe accounts?
If you’re running campaigns in Google Ads to European audiences (EU, EEA and/or UK), you need to be aware of strict Google compliance rules. Advertisers risk facing account suspensions due to Google’s EU user consent policy violations, payment issues, or ad disapprovals. Understanding these rules can help keep your Google Ads Europe account active and compliant.
How will Google ensure compliance with the EU user consent policy?
As of this latest update, sent out to the biggest agencies in Denmark, Google will ensure compliance by scanning websites that use their Google Ads product. If a site is found to be non-compliant with the EU user consent policy, they will be notified.
What do I need to do in order to comply with Google’s EU user consent policy?
What does the need to collect consent mean in Google’s EU user consent policy?
1. This may go without saying, but first, your cookie banner has to be displayed when a user from the EEA accesses it.
2. Then, you have to make sure that the cookie banner informs your users of how their personal data will be used if they give their consent. This ensures users understand what they are asked to say ‘yes’ or ‘no’ to.
Ultimately, users must be informed of how you intend to use their personal data, and that cookies may be used for both personalized and non personalized advertising.
3. In addition to this, you also have to ensure that users can see which third parties (including Google) will have access to the user data you collect on your website or app.
4. Google also underlines that you must include a link to Google’s Business Data Responsibility Site on the cookie banner. That way your website and app users can access the full disclosure of how Google will use their personal data if they choose to consent. The same goes for any other third parties involved.
5. No cookies are allowed to be set before the user has consented. Google underlines that even their non-personalized ads still require cookies to operate. So, you can never fire Google tags for personalized ads before consent is obtained.
6. Google also stresses that you have to allow the end-users on your website or app to revoke their consent. This means that you must provide information on how they can withdraw their consent. Additionally, withdrawing consent must be as easy as it is to give it.
Do I need to keep a record of the consents?
Is my current cookie banner compliant with the EU user consent policy?
As stated before, Google recommends using a certified cookie banner, since that will make it easier to adhere to Google’s requirements. It also ensures the cookie banner is correctly integrated with Consent Mode v2. The latter is of utmost importance to marketers if they intend to get the most out of Google Ads and Analytics while complying with the EU user consent policy.
If you want to ensure your cookie banner is set up correctly, you can test it here for free.
Does Google’s EU user consent policy apply if I don't use personal data for personalized ads?
Will Google’s EU user consent policy still be applicable when the third-party cookie is gone?
The so-called Privacy Sandbox APIs in Chrome, which were set to replace the third-party cookie, and/or the privacy initiatives that came to replace it int he meantime, will still require user consent in accordance with the legal frameworks which Google’s EU user consent policy is explicitly based on – such as the GDPR, ePrivacy Directive and the Digital Markets Act (DMA).
Make sure your website is compliant today by implementing a Google-compliant CMP. It’s free for 14 days, and Google Consent Mode v2 integration is included by default.
Frequently asked questions
Google enforces strict policies for advertisers in Google Ads Europe, including transparency requirements, GDPR compliance, and prohibited content rules.
Ensure your website complies with Google’s policies, use verified payment methods, and follow regional advertising and cookie regulations in your country.
Check the suspension reason in your Google Ads dashboard, correct any violations, and submit an appeal for reinstatement.
Yes, Google Ads advertisers in Europe must comply with GDPR, consumer protection laws, and Google’s EU user consent policy and any local policies they may have for your country or target EU markets.
If your account was permanently suspended, you’ll need to appeal or create a compliant digital marketing strategy, including how to manage user consent, before attempting to advertise again.
Absolutely. Google Consent Mode v2 is fully integrated into all our pricing plans, including the free version, at no extra cost. You’ll also find ready-made cookie consent banner templates and CMP implementation guides for a smooth setup process.