Skip to main content
Pro Plan6 minutesBeginner

Consent & privacy metrics: see how your cookie banner performs

View your own cookie-banner accept/reject/dismiss rate over time, an identified-vs-anonymized split, and a data-provenance audit — fed by one line of code from your banner. Zenovay stays cookieless.

consentcookie-bannerprivacygdprprovenance
Last updated:

The Consent tab shows how your own cookie-consent banner is performing — how many visitors accept, reject, or dismiss it over time, how many of them were identified versus anonymous, and an audit of how that visitor data was collected. You feed it with one line of code from your banner. Zenovay itself stays cookieless.

The important part first: Zenovay does not run your banner

Read this before anything else, because it shapes everything below:

  • Zenovay is cookieless and does not operate your consent banner. This feature measures your banner, not Zenovay's behaviour.
  • Zenovay does not auto-detect consent. There is no automatic hook into your cookie banner. You have to tell Zenovay what the visitor chose by calling one function (shown below).
  • If you don't instrument your banner, the tab is empty. That's expected — it only ever measures what you explicitly send it.
  • The provenance audit is a best-effort aid, not a compliance certificate. It reconstructs a likely collection basis from the events you send plus signals Zenovay already sees. Your privacy policy, DPA, and your own consent records remain authoritative.

Adding this feature does not make Zenovay set a cookie. Nothing about the cookieless tracker changes.

Where to find it

Open any domain's dashboard and select the Consent tab. It's available on the Pro, Scale, and Enterprise plans. On the Free plan the tab is visible but shows an upgrade prompt instead of data — upgrade to Pro to unlock it.

For security and privacy reasons, the Consent tab (which includes a provenance/audit list) is only available on the authenticated dashboard — it does not appear on public or shared dashboards.

Step 1 — Instrument your banner

When your own cookie-consent banner resolves — the visitor clicks Accept, clicks Reject, or dismisses it — call the existing Zenovay tracking function:

<script>
  // Call this when your own cookie-consent banner resolves:
  window.zenovay && window.zenovay('track', 'consent', {
    action: 'accept'        // 'accept' | 'reject' | 'dismiss'
    // categories: ['analytics','marketing']  // optional
  });
</script>

That's the entire integration. A few notes:

  • action is required and must be accept, reject, or dismiss. Use dismiss when the visitor closed the banner without making a choice (the "X", an outside click, or pressing Escape).
  • categories is optional. If your banner lets visitors pick categories, pass the ones they agreed to (for example ['analytics','marketing']). Leave it out for a simple accept/reject banner.
  • No new script, no new endpoint. This is the same window.zenovay('track', name, props) call you'd use for any custom event. The window.zenovay && guard makes the line safe even if the tracker hasn't loaded yet.
  • Call it once per decision. If a visitor later changes their mind in a preferences modal, call it again with the new action — that's recorded as a new decision, which is what you want for the timeline.

Wire that call into wherever your banner's buttons live. If you use a consent platform (Cookiebot, OneTrust, Osano, Termly, etc.), put the call inside that platform's "consent given/changed" callback.

Prerequisite

The Zenovay tracking script must already be installed and loading on the site (see Installing the tracking script). Without it these calls are a safe no-op and the Consent tab stays empty.

Vanilla banner: send the right action for each outcome

The snippet above hard-codes action: 'accept'. Copy-pasted literally it records accept for every outcome — including rejections. Add a tiny helper and call it with the matching action from each button:

<script>
  function zvConsent(action) {
    window.zenovay && window.zenovay('track', 'consent', { action: action });
  }
  // Wire each outcome to the matching action:
  acceptBtn.addEventListener('click', () => zvConsent('accept'));
  rejectBtn.addEventListener('click', () => zvConsent('reject'));
  closeBtn .addEventListener('click', () => zvConsent('dismiss')); // X / outside-click / Esc
</script>

Swap acceptBtn / rejectBtn / closeBtn for your banner's real elements. The key idea: each path sends its own action — never one hard-coded value for all of them.

If you use a consent management platform instead of your own buttons, fire the call from its "consent ready / changed" callback. Cookiebot is the most common, so fire on the first consent and on every later change:

<script>
  // Cookiebot — fire on first consent and on every change
  window.addEventListener('CookiebotOnConsentReady', function () {
    var c = window.Cookiebot && window.Cookiebot.consent;
    var action = (c && (c.marketing || c.statistics)) ? 'accept' : 'reject';
    window.zenovay && window.zenovay('track', 'consent', { action: action });
  });
</script>

For OneTrust, Osano, Termly and similar platforms, make the same window.zenovay('track', 'consent', { action }) call inside that platform's "consent given/changed" callback.

Verify it works

After wiring, open your browser's DevTools → Network, trigger the banner, and confirm a request to the Zenovay endpoint fires on Accept, Reject, and Dismiss. The Consent tab fills within a minute.

Step 2 — Read the dashboard

Once visitors start interacting with your banner, the Consent tab fills in. It has three sections.

A chart of accept / reject / dismiss decisions per day for the selected period, plus the rates (accept rate, reject rate, dismiss rate). This is where you see whether a banner copy change, a layout tweak, or a new regulation moved the needle.

Identified vs. anonymized

Of the visitors who interacted with your banner, how many were identified (you had previously identified them via the visitor-identification API, so the decision is tied to a known person) versus anonymized (no stable identity — the cookieless default). It's an aggregate split; the tab never shows an individual's identity.

Data-provenance / collection audit

A reverse-chronological list of consent decisions. Each row shows the time, the action, whether the visitor was identified or anonymized, the collection basis Zenovay inferred, and a coarse country:

Collection basisWhat it means
with_consentThe visitor accepted
without_consentThe visitor rejected or dismissed
anonymizedNo stable identity — treated as anonymous collection
gpc_opt_outThe request carried Global Privacy Control, so behavioural processing was suppressed

The audit shows country only — never a raw IP address. Any IP used internally for the daily-rotating hashed visitor identifier is hashed with a per-day salt and is never stored or displayed in plaintext. This is the same as everywhere else in Zenovay.

Remember: the collection basis is inferred to help you audit your own banner. It is not a legal determination.

What "Pro+" means here

"Pro+" means the feature is available on the Pro, Scale, and Enterprise plans. On Free, the tab still appears (so you know it exists), but instead of charts it shows an upgrade prompt. Upgrading to any paid plan unlocks the full Consent tab — there's nothing else to enable.

Privacy summary

  • No new cookies and no new device storage. This feature adds nothing to your visitors' browsers. Zenovay's cookieless guarantee is unchanged.
  • GPC is honoured. A visitor sending Sec-GPC: 1 is excluded from behavioural processing; their interaction is logged with the gpc_opt_out basis so you can audit your own honoring behaviour.
  • No plaintext IPs. The audit shows country only.
  • Aggregate by design. The rate and split views are counts and percentages.
  • You instrument it. Zenovay measures the consent events you send and does not infer consent on its own.

Zenovay is designed for GDPR readiness and runs on SOC 2-certified infrastructure providers. Operating a lawful consent banner for your own site — the wording, the granularity, storing your own consent records, and honouring withdrawals — remains your responsibility.

Troubleshooting

The tab is empty. You almost certainly haven't called zenovay('track', 'consent', …) from your banner yet, or the call isn't firing. Open your browser's DevTools network panel, trigger your banner, and confirm a request to Zenovay goes out when you click Accept/Reject. Also confirm the Zenovay tracker itself is installed and loading.

The numbers are lower than my total visitors. That's expected. Only visitors who actually see and interact with your banner produce a consent row, and GPC-protected visitors are intentionally excluded from behavioural processing.

Everyone shows as "anonymized". The identified/anonymized split depends on you having called the visitor-identification API. Without it, every visitor is anonymous by design (cookieless).

The tab shows an upgrade prompt. Your plan is Free. Consent & privacy metrics is a Pro+ feature — upgrade to Pro, Scale, or Enterprise.

Was this article helpful?