PrestaShop GDPR & Legal

Cookie Manager Tarteaucitron — Turnkey GDPR compliance for PrestaShop

The GDPR-compliant cookie banner without giving up measurement.

Data protection authorities have multiplied sanctions on non-compliant cookie banners. Cookie Manager Tarteaucitron brings your PrestaShop store up to date with the latest requirements: modern Axeptio-style banner, Google Consent Mode v2 pre-integrated, consent audit log, automatic third-party service scanner, and 11 major services (GA4, GTM, Meta Pixel, TikTok, Hotjar, Microsoft Clarity, etc.) ready to use. The module uses the open-source tarteaucitron.js engine with a modern UX layer and a complete audit system for DPA inspections.

PrestaShop 8 + 9 Consent Mode v2 Audit logs Multistore Auto scanner AES-256
  • 30-day refund
  • 12 months updates
  • 24h support
www.datafirefly.com/en/
v1.0.0 · updated 2025-03-11
What it does

The short version.

01

Compliant GDPR with no effort

Cookie banner compliant with CNIL and EU GDPR with granular consent per category. Refusal as easy as acceptance, compliant with the latest 2024-2025 enforcement.

02

Axeptio-style interface

Floating card with smooth animations, iOS toggles in the preferences panel, quick-access bubble post-consent. 100% customisable from the admin.

03

Google Consent Mode v2

Granted / denied signals automatically sent to GA4, Google Ads, GTM. Compatible with Google's conversion modelling mode. Stop losing measurement while staying GDPR.

04

Automatic service detection

Built-in scanner that analyses your front-office and recognises GA4, GTM, Facebook Pixel, Hotjar, LinkedIn, TikTok, Microsoft Clarity, Intercom, Stripe and more. One-click activation.

The long version

Everything you'd want to know before you install.

A detailed look at how Cookie Manager Tarteaucitron — Turnkey GDPR compliance for PrestaShop works, why we built it the way we did, and the thinking behind the features above.

§ 01

Why a specialised GDPR module

European data protection authorities have actively been auditing cookie banners since 2022. Sanctions have hit Google (€60M), Amazon (€35M) but also European e-commerce SMEs (up to €1M fine). The most-audited non-compliances: refusal less accessible than acceptance, third-party cookies dropped before consent, lack of audit log. Cookie Manager Tarteaucitron solves these three points with a modern approach.

§ 02

Tarteaucitron + modern UX

The tarteaucitron.js engine is one of the most respected open-source consent management tools in Europe (used by gouv.fr sites). It is technically irreproachable but its UX is dated. Our module keeps the tarteaucitron engine (a guarantee of reliability and technical compliance) and enriches it with a modern Axeptio-style UX: floating card, iOS toggles, smooth animations. The best of both worlds.

§ 03

Google Consent Mode v2: don't lose measurement

Many merchants think GDPR compliance = losing 50% of analytics data. With Consent Mode v2 (introduced by Google in 2024), this is no longer true: even without full consent, your tags can send anonymised data that feeds modelled conversions. The module implements it automatically with default state configuration (denied recommended for EEA).

§ 04

Automatic third-party service scanner

Manually configuring each service (GA4, GTM, Meta Pixel, TikTok, Hotjar, etc.) takes hours. The built-in scanner analyses your front-office in one click and automatically identifies the third-party services present. One-click activation of detected services with default configuration. For custom or exotic services, the dedicated tab allows adding unlimited services with custom JS.

§ 05

Audit log for DPA inspections

Every acceptance, refusal and personalised preference is logged in database with an anonymous identifier and a hashed IP (to respect GDPR while keeping traceability). In case of DPA or data protection authority inspection, you have the historical proof of every consent with timestamp, hashed IP, detailed choice. CSV export of logs available.

§ 06

Stripe: essential cookie by default

Interesting special case: Stripe drops cookies necessary for payment, which are legally considered "essential cookies" to the service — not requiring consent. The module treats them this way: active without consent request, but displayed in the "Always active" category of the preferences panel for transparency. Avoids payments failing when a customer refuses cookies.