If you run an online store and use platforms like Google Ads, Google Analytics, or Google Tag Manager, there’s an important policy you need to comply with — set by Google itself.

Google’s EU User Consent Policy lays out strict requirements for how businesses must collect and manage user consent when doing business in the EU, the UK, or Switzerland.

While that might sound like something only lawyers need to worry about, it’s actually something every Shopify merchant using Google services needs to understand. Why?

As of July 2025, Google has started suspending campaign options for account which do not comply with their EU User Consent Policy.

In this article, we’ll break down what the policy actually says, what it means for your Shopify store, and how to stay compliant without sacrificing performance or marketing results. 

Whether you're just starting out or running a high-traffic business, understanding this policy is key to keeping your Google accounts on the safe side.

Background & Legal Foundations

Google’s EU User Consent Policy is based on two main privacy laws:

GDPR - Requires clear, informed, and freely given consent before collecting or processing personal data (like IP addresses, ad IDs, or browsing behavior).

ePrivacy Directive – Requires prior consent before storing or accessing non-essential cookies or similar tracking technologies.

If your Shopify store targets users in the EU, UK, or Switzerland and uses Google services like Ads or Analytics, these rules apply — even if your business is based elsewhere.

What Are The Core Requirements of Google’s EU User Consent Policy?

To comply with Google’s policy, Shopify merchants using services like Google Ads, Analytics, or AdSense must meet 5 main requirements when targeting users in the EU, UK, or Switzerland:

1. Obtain Valid Consent Before Using Cookies

You must get explicit consent before setting any cookies or firing tracking scripts that are not strictly necessary, including those for:

• Google Ads (conversion tracking, remarketing)
• Google Analytics
• Google Tag Manager with marketing tags
• AdManager
• AdSense
• AdMob
• YouTube API
• Blogger

Why do we need consent to ads measurement?

Google uses cookies and various ad identifiers to support ads measurement & analytics. Existing ePrivacy laws require consent for such uses.

2. Request Consent for Personal Data Use

Consent must also cover the use of personal data for:

• Ad personalization
• Analytics
• Cross-site tracking

This means your banner must explain what data is collected and how it will be used, especially if used for behavioral targeting or audience segmentation.

3. Disclose All Data Partners

You must list every third-party provider (including Google) involved in data collection or processing. Merchants using Google Ads or AdSense must:

• Identify each vendor (Google and other ad tech partners)
• Link to their privacy policies or processing purposes
• For Google services - link to their Business Data Responsibility

This is especially important if you're serving personalized ads.

4. Enable Consent Withdrawal

Provide users with a clear way to withdraw consent at any time (e.g. via a “Manage cookies” footer link).

Keep in mind that the option to withdraw consent must be as easy as the option to give it. 

At a minimum - you need to provide clear instructions on how users can change their cookie choices.

5. Maintain Records

Keep records of consent (who gave it, when, and for what purposes) in case of audits or regulatory requests.

At a minimum, a record should include the text and choices presented to users as part of an opt in mechanism + a record of the date and time of the user’s choice.

Who Must Comply With The Policy?

If you're an online business (including Shopify merchants) and use Google services and target users in the EU, UK, or Switzerland, then this policy applies to you — regardless of where your business is based.

Services that trigger compliance:

• Google Ads (Search, Display, Shopping, Remarketing)
• Google Analytics (especially with Advertising Features enabled)
• Google Tag Manager (if used to load tracking tags)
• AdSense / Google Ad Manager
• Any service that sets cookies or collects personal data for ads or measurement

What “targeting” means:

• You sell or ship to EU/UK/Swiss countries
• You run ads targeting users in these regions
• Your website is available in local languages or uses EU currencies

For Advertisers:

If you run personalized ads, you are also responsible for:

• Ensuring valid consent is collected
• Using a Google-certified CMP integrated with IAB TCF v2.2
• Properly sending consent signals to Google (via Google Consent Mode or TCF string)

How Does Google Enforce The Policy?

Google takes enforcement of the EU User Consent Policy seriously — especially for businesses serving ads or using analytics without proper consent.

In fact, just recently in July 2025, some advertisers started receiving emails from Google that their ad tools were disabled due to non-compliance with the EU Consent Policy.

Here is our post on LinkedIn covering the notice:

Enforcement actions may include:

• Email notifications from their official email: publisher-policy-no-reply@google.com
• Ad account restrictions (your ads won’t run unless unless valid consent is detected on your website)
• Account suspensions in Google Ads or Ad Manager
• Disabling personalized ads if consent signals are missing or incorrect
• Conversion tracking may be disabled entirely

So what may cause a violation of the Google policy?

Most commonly, it is due to one of these reasons:

• Missing or inconsistent consent signals (e.g., no Consent Mode)
• Loading tracking scripts before consent
• No provided way to withdraw consent
• Missing list of ad tech vendors

If you're a Shopify merchant using Google services, failing to follow this policy could stop your ad campaigns, mix up your analytics, and not to mention risk legal exposure under GDPR.

How Can Shopify Merchants Be Compliant?

Meeting Google’s EU User Consent Policy requirements is actually not that difficult as it may seem.

Just make sure you are following these 4 steps:

✅ 1. Show A Cookie Banner To EU Visitors

By displaying a cookie banner on your storefront - you allow visitors from the regulated regions (EU, UK, Swiss) to freely choose if they allow or decline cookies by providing them with the options.

✅ 2. Implement Google Consent Mode v2

After setting up your cookie banner, you need to send the consent choices to Google by integrating Google Consent Mode (aka GCM v2).

What it does is it adjusts tag behavior automatically based on user choice (e.g. enables marketing cookies if the user has accepted, and vice versa). 

These consent signals are then automatically sent to Google and it makes sure all your Google services are running compliantly.

Consent Mode can be implemented manually or automatically via a trusted app solution like Consentmo. 

Our integration is very low effort and all you need to do is paste your Google Ads ID & Analytics ID - that’s it!

✅ 3. Maintain Consent Records

Store the banner text and choices shown to each user (required by the Google policy). Also, log the date, time, and consent state of each user.

The simplest way is by installing a compliance app that includes this functionality. 

For example, at Consentmo we offer built-in Consent Records tracking — even on the Free Plan.

✅ 4. Add Easy Withdrawal Access

Users must be able to change their preferences at any time — and it should take no more than 2 clicks.

You can do so by including a “Manage Cookie Settings” or similar link in your footer or account pages.

With Consentmo, you can also enable a Cookie Widget - a small widget visible on your storefront which provides info on the current cookie state, and a 1-click option to withdraw consent, making it a very GDPR-friendly feature.

Conclusion

Google’s EU User Consent Policy for Shopify Stores:

• Applies to any store using Google services (Ads, Analytics, Tag Manager) in the EU, UK, or Switzerland
• Requires valid, GDPR-compliant consent before tracking
• You must disclose all ad tech vendors (including Google)
• Consent Mode v2 is required to send consent signals
• Consentmo is a trusted Shopify app that automates setup (banner, records, Google Consent Mode v2)

The Google EU User Consent Policy closely resembles the requirements laid out by the GDPR and ePrivacy directive. 

It is Google’s way of being responsible towards user data collection by making sure the publishers and advertisers who are part of the platform handle data compliantly.

By using a Google-certified CMP, enabling Google Consent Mode v2, and maintaining proper consent records, you can avoid disruptions to your marketing campaigns while respecting your customers’ privacy rights.

Unlike generic cookie banner apps, Consentmo is built specifically for Shopify and already includes Consent Mode v2, built-in consent record storage, and certified CMP functionality. Many competitors require manual setup or lack IAB TCF v2.2 support.

Want to dive deeper into Google Consent Mode v2 and how it works?

Check out our dedicated blog post next: Google Advanced Consent Mode Guide for Websites and Shopify Stores

‍