Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
French consent management platform (CMP) that displays a cookie banner, collects and stores user choices, blocks third party scripts before consent and exposes a TCF v2.2 string and Google Consent Mode v2 signal to downstream vendors.
Biskoui is a French Consent Management Platform (CMP). It displays the cookie banner, lists the trackers and partners present on a website, collects the visitor''s choice for each purpose, blocks third party scripts until consent is given, stores proof of that consent and forwards a TCF v2.2 string and a Google Consent Mode v2 signal so analytics and advertising vendors can react accordingly.
Biskoui sets a strictly necessary first party cookie containing the consent decision, a technical identifier and a version. The consent log stores the choice, timestamp, banner version, language, country, hashed IP and user agent for legal accountability. No advertising or analytics cookie is set by Biskoui itself.
The CMP cookie is necessary to comply with the obligation to obtain and prove consent under Article 7 GDPR and Article 82 of the French Data Protection Act. It is therefore exempt from prior consent under Article 5(3) of the ePrivacy Directive. Biskoui supports CNIL recommendations, IAB TCF v2.2 and Google Consent Mode v2.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
You do not need consent to load Biskoui itself, but the banner must follow CNIL and EDPB guidance: clear purposes, equal weight reject and accept, granular categories, easy withdrawal, no nudging, periodic re prompting and proof of consent stored for at least the duration required by your DPA.
Biskoui processes consent logs entirely in the European Union. As a French operator, it is fully subject to the French DPA, the CNIL and the EU GDPR. No transfer to the United States or other third countries is required.
Sign the DPA, declare your vendor list honestly, design the banner with reject and accept of equal weight, expose a permanent re consent entry point, store proof of consent for at least the retention period set in your policy (CNIL recommends 6 months minimum), document the legal basis for the consent log itself and review the configuration after every new vendor activation.
Websites using Biskoui must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is not required for the CMP itself, since it only stores proof of consent. A DPIA can still be useful when Biskoui is the visible part of a stack that triggers high risk processing (programmatic advertising, behavioural profiling), so that the consent flow is documented as part of the broader analysis.
Sample consent text
We use Biskoui (French consent management platform) to ask for and store your consent for the cookies and trackers on this website. Biskoui sets a strictly necessary first party cookie that contains only your choice and a technical identifier.
Third-party domains contacted
biskoui.comcdn.biskoui.comapi.biskoui.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| biskoui_consent | http | 6 months | Stores the consent decision per purpose, the banner version and a pseudonymous identifier so the choice can be replayed on every page view. |
| biskoui_uid | http | 6 months | Pseudonymous identifier linking the consent decision to its entry in the consent log for accountability. |
| euconsent-v2 | http | 6 months | IAB TCF v2.2 consent string read by partner vendors that support the framework. |
Biskoui is an essential service, but transparency matters. Manage all your consent with FlowConsent.
Biskoui sets a strictly necessary first party cookie (biskoui_consent) that stores the consent decision per purpose, plus biskoui_uid linking the choice to the consent log and the IAB euconsent-v2 string when TCF is enabled. No advertising or analytics cookie is set by Biskoui itself.
No. The CMP cookie is strictly necessary to comply with the obligation to obtain and prove consent, so it falls under the exemption of Article 5(3) of the ePrivacy Directive. The banner itself, however, must obtain consent for all the non essential trackers on the site.
Article 6(1)(c) GDPR (legal obligation) for storing proof of consent required by Article 7. Article 6(1)(f) GDPR (legitimate interest) for fraud and abuse prevention on the banner. Other trackers governed by Biskoui rely on the consent recorded by the CMP itself.
No. As a French CMP, Biskoui hosts consent logs in the European Union and is fully subject to GDPR and CNIL supervision. No transfer to the United States or other third country is required.
No, the CMP itself does not need a DPIA. A DPIA may still cover the consent flow as part of the broader analysis of high risk processing (programmatic advertising, behavioural profiling) that Biskoui gates.
Configure the banner with reject and accept of equal visual weight, expose a permanent settings entry point, list every vendor and purpose, scan the site to validate that scripts are blocked before consent, set a sensible re prompt period, sign the DPA and store proof of consent for at least 6 months.
Other CMPs available to European websites include Axeptio, Didomi, OneTrust, Cookiebot, Iubenda, Sirdata, CookieFirst, Klaro, Usercentrics, Tarte au Citron and Sourcepoint. Each has its own pricing, hosting and TCF / Consent Mode integration profile.
Document Biskoui as a processor in the privacy notice, describe the strictly necessary cookies it sets, link to its privacy policy, list the trackers it actually gates, and refresh the policy any time you add a new vendor to the Biskoui configuration.