Skip to content
Consent Management
Guides
Configure GPC

Consent Management: Configuring Global Privacy Control

2minFidesConsent Management
This tutorial requires Fides Cloud or Fides Enterprise. For more information, talk to our solutions team. (opens in a new tab)

In this tutorial, we'll review how to configure the Global Privacy Control (GPC).

Prerequisites

For this tutorial, you'll need:

  • A Fides Cloud or Fides Enterprise account
  • The role of Owner or Contributor for your Fides organization.
  • At least one system with a data use on your Data Map. Read how to add systems to the Data Map now.
  • At least one privacy notice configured. Read how to configure privacy notices now.

Enable Global Privacy Control (GPC)

To enable global privacy control for a privacy notice, navigate to ConsentNotices to view a list of available privacy notices or create a new notice.

Select the privacy notice you would like to add GPC support to.

Navigate to the configuration to toggle whether this privacy notice should conform and respond to the Global Privacy Control. Learn more about the Global Privacy Control here.

Privacy Notice GPC Configuration
Important note about GPC

Any privacy notice that has GPC signal enabled means that when a visitor has GPC opt-out on their browser set to true, they will be immediately opted out for the associated data process.

GPC adaptive text templates

Fides supports GPC-adaptive text templates that allow you to display different content based on whether a Global Privacy Control signal is detected from the visitor's browser. This enables you to personalize your privacy experience messaging to acknowledge and respond to GPC signals.

Using template markers

To create adaptive text, use the following template markers in your privacy experience text (banner title, banner description, modal title, or modal description):

  • __GPC_START__ and __GPC_END__: Content between these markers will only be displayed when GPC is detected
  • __NO_GPC_START__ and __NO_GPC_END__: Content between these markers will only be displayed when GPC is not detected

Example usage

Here's an example of how to use GPC adaptive text in your banner:

We value your privacy. __GPC_START__Your GPC signal has been detected and we've automatically applied your opt-out preferences.__GPC_END__ __NO_GPC_START__You can manage your privacy preferences below.__NO_GPC_END__

When a visitor has GPC enabled in their browser, they will see:

We value your privacy. Your GPC signal has been detected and we've automatically applied your opt-out preferences.

When GPC is not detected, they will see:

We value your privacy. You can manage your privacy preferences below.

Previewing GPC adaptive text

When editing a privacy experience in the Admin UI, you can use the GPC preview toggle to test how your text will appear with and without GPC enabled. This allows you to verify your template markers are working correctly without needing to change your browser's GPC settings.

The preview toggle only affects the preview display in the Admin UI. The actual GPC detection on your live site will always respect the visitor's browser GPC settings.

GPC adaptive banner button

You can configure your privacy experience banner to show or hide the primary action button based on whether GPC is detected. This is useful when you want to immediately honor GPC signals without requiring user interaction.

To enable this option:

  1. Navigate to ConsentPrivacy experiences
  2. Select or create a "Banner and modal" privacy experience
  3. In the banner configuration, select GPC adaptive from the button options dropdown

When GPC adaptive is enabled:

  • If GPC is detected, the banner will display the acknowledge button
  • If GPC is not detected, the banner will display the opt-in and opt-out buttons

This complements the GPC-enabled privacy notices by providing a streamlined experience for users who have already expressed their privacy preferences through the GPC signal.

GPC and the Consent Form experience

The Consent Form experience lets a visitor opt out of the sale or sharing of their personal information without identity verification. It honors Global Privacy Control in two ways: it applies the GPC opt-out automatically on page load, and it surfaces a dedicated GPC prompt banner inviting the visitor to optionally provide their identity for a full opt-out.

Automatic GPC opt-out on load

When a Consent Form experience loads in a browser that is sending a GPC signal, Fides applies the opt-out automatically, with no visitor interaction. For every GPC-enabled privacy notice (a notice with the Global Privacy Control setting toggled on) that the visitor has not already set a preference for, Fides sets that notice to opt-out, records the consent method as gpc, and writes the result to the visitor's browser cookie right away. The preference is then persisted to the Fides backend in the background, so the experience finishes initializing without waiting on the network.

This is the same automated GPC handling used by the other privacy experiences and is driven by the GPC setting on each privacy notice (see Enable Global Privacy Control (GPC) above). No extra configuration is required to make a Consent Form honor GPC.

The GPC prompt banner

Because the opt-out has already been applied, the Consent Form does not need to interrupt the visitor. Instead, when GPC is active it shows a separate GPC prompt banner at the bottom of the page: a lightweight invitation with a title, a short description, and a single call-to-action button that opens the Consent Form, where the visitor can optionally supply their identity details to extend the opt-out into a full request across systems.

Consent Management - Consent Form GPC prompt banner

The prompt only appears when both of the following are true:

  • A GPC signal is detected from the visitor's browser, and
  • The standard banner resurfacing rules say the banner should be shown. For a Consent Form, this resurfaces specifically when the visitor's saved consent method is gpc (the automatic opt-out described above), and stays hidden once consent was set by an override or banner display is otherwise disabled.

Configuring the GPC prompt text

The prompt's copy comes entirely from the Consent Form experience's translations. Configure the following text fields on the experience (one set per language):

  • GPC prompt title (gpc_prompt_title)
  • GPC prompt description (gpc_prompt_description)
  • GPC prompt CTA button label (gpc_prompt_cta_button_label)

All three fields support the same GPC adaptive text markers described above, so you can tailor the wording depending on whether a GPC signal is present, for example to explicitly acknowledge that the visitor's signal has already been applied.

For end-to-end setup of the Consent Form, including its identity fields and the two-tier opt-out model, see the Configuring the Consent Form Experience guide and the Consent Form concept page.

Configure GPPGoogle Consent Mode v2