FlowConsent

Migrating from another consent banner

Step-by-step guide to migrate from Cookiebot, OneTrust, Termly, Iubenda, Klaro, or any other CMP to FlowConsent without breaking your tracking.

You already have a cookie banner from Cookiebot, OneTrust, Termly, Iubenda, Klaro, Axeptio, Didomi, or another CMP, and want to switch to FlowConsent. This guide gets you migrated without breaking your analytics or your compliance posture.

Before you start

Have these ready:

  • The list of third-party services currently on your site (your old CMP probably exports this)
  • The category mapping you use today (necessary / analytics / marketing / preferences, or a custom split)
  • Access to your site's <head> (template, CMS, or tag manager)
  • About 30 minutes for the first migration

1. Create your FlowConsent banner

Sign up at app.flowconsent.com and create a banner pointing to your site. FlowConsent will scan the page and detect third-party services automatically.

Don't deploy yet. Keep your old banner running until step 4.

2. Reconcile the service list

Open the Services tab in the Builder. Compare it to your old CMP's service list:

  • For each service the auto-scan didn't catch, click + Add service and configure it manually
  • For each service the auto-scan flagged that you don't actually use anymore, archive it
  • Verify the category for each service matches your previous setup. If marketing was previously sub-categorized (e.g. "advertising" vs "remarketing"), use the Cookie list tab to add a custom category

3. Match the look and copy

Open the Style tab to match your existing brand:

  • Layout (most CMPs default to a bottom bar or a modal — pick the same)
  • Primary color and accent color from your existing banner
  • Border radius, font, button shape

Then Information + Translations for the copy. If you've spent time refining your old banner's wording, paste it as-is. FlowConsent doesn't impose specific phrasing.

Important — keep equal-size Accept and Reject buttons. CNIL and EDPB enforce this; if your old banner had a small "Reject" link or a hidden one, this is your chance to fix it.

4. Deploy and switch the snippet

In the Deployment tab, deploy your FlowConsent banner. Copy the snippet:

<!-- FlowConsent CMP -->
<script src="https://YOUR-WORKSPACE.consent.flowconsent.com/cookie-manager.js?code=YOUR_LICENSE_CODE"></script>

Now in your site's <head>:

  1. Remove the old CMP's snippet entirely (Cookiebot's cd.cookiebot.com/uc.js, OneTrust's optanon.blob.core.windows.net, etc.)
  2. Paste the FlowConsent snippet in the same spot — as high as possible inside <head>, before any tracking script
  3. Deploy your site

If your old CMP wrapped your tracking scripts (e.g. Cookiebot's data-cookieconsent="statistics" attribute), leave those attributes in place — FlowConsent honors the same convention via data-service attributes. You can review and adjust per-service in the Services tab.

5. Verify both before and after

In an incognito window on your site:

  1. Banner appears on first visit
  2. Network tab is clean before you click Accept — no GA, no Meta Pixel, no HubSpot fires
  3. Click Accept all → tracking scripts fire as expected
  4. Refresh → no banner, tracking continues to work
  5. Open Analytics → Sessions in your FlowConsent dashboard — you should see the test session within ~1 minute

If something's off, check the troubleshooting guide or look at the Logs tab inside the banner for deploy errors.

If you need to keep proof of past consents for audit purposes, FlowConsent doesn't import legacy records from another CMP. Two options:

  • Keep your old CMP's export as cold storage (most CMPs offer a CSV export). It's still valid evidence under GDPR.
  • Pro / Enterprise plans — contact [email protected] for assisted import. We accept Cookiebot, OneTrust, Termly, and Iubenda exports.

Common gotchas

  • Google Tag Manager users — if your previous CMP fired tags through GTM via a custom event (e.g. cookieconsent_accepted), update the trigger to listen for FlowConsent's event. See the JS API for event names.
  • Sites with a service worker — clear the service worker cache after deploying. Some PWAs cache the old CMP script aggressively.
  • CSP-protected sites — add the FlowConsent worker domain to your Content-Security-Policy script-src directive. The exact domain depends on your plan: consent.flowconsent.com (Pro/Enterprise) or your-worker.workers.dev (Free).
  • Multi-language sites — if your old CMP auto-detected the user's language, configure the same in Information → Detection method to avoid showing the wrong language.

Cancelling the old CMP subscription

Once your FlowConsent banner has been live for at least 7 days with no compliance issues, you can cancel your old CMP. Most providers require 30-day notice — check your contract.