Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Uniconsent is a Consent Management Platform operated by Transfon Ltd in the United Kingdom. It provides a configurable cookie banner, IAB Transparency and Consent Framework 2.2 support, Google Consent Mode v2 integration, server side consent logging, and per region rules for GDPR, CCPA and LGPD. Uniconsent acts as a privacy enhancing technology: it collects only the data needed to demonstrate consent, and does not perform marketing tracking of its own.
Uniconsent is a Consent Management Platform operated by Transfon Ltd from the United Kingdom. It belongs to the IAB Europe Transparency and Consent Framework as a registered CMP and provides a configurable banner for desktop, AMP, mobile apps and connected TV. Publishers and advertisers use Uniconsent to collect, store and signal user consent across multiple jurisdictions including the European Union, the United Kingdom, California, Quebec and Brazil.
Uniconsent collects only the data necessary to prove and propagate consent: a unique consent identifier, the IAB TC String, the timestamp of the decision, the consent UI version, the policy version, the chosen purposes and vendors, geolocation at country level, and the user agent. It does not perform behavioural tracking or build advertising profiles, and it does not share visitor identifiers with third parties beyond what the TCF requires.
As a CMP, Uniconsent is treated by European supervisory authorities as a privacy enhancing technology. It can be deployed on legitimate interest under Art. 6(1)(f) GDPR because it is the mechanism that ensures compliance with Art. 7 GDPR and Art. 5(3) of the ePrivacy Directive. No prior consent is therefore required for the CMP itself, provided that the banner is non manipulative and reject is as easy as accept.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
The Uniconsent banner must respect the EDPB Guidelines 03/2022 on consent: equal prominence between Accept and Reject, no pre ticked boxes, granular purposes, easy withdrawal at any time, and a clear vendor list. When the IAB TCF integration is enabled, the consent string must reflect the user choice and be transmitted to downstream advertising vendors through standard signals.
Uniconsent is operated from the United Kingdom, covered by the EU adequacy decision adopted in 2021. Some of the underlying cloud sub processors may have US affiliates, in which case the operator must rely on Standard Contractual Clauses and document a Transfer Impact Assessment as required since Schrems II. Per region data residency options can be enabled to limit cross border flows.
Configure Uniconsent with a clear language toggle for every market you operate in, ensure that Accept All and Reject All are symmetrical, integrate Google Consent Mode v2 to gate Google products, configure the vendor list with only vendors you genuinely use, log consent for the duration required by your supervisory authority, and document Uniconsent in your Article 30 register with the legal basis of legitimate interest.
Websites using Uniconsent must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is generally not required for Uniconsent itself, as it is a privacy enhancing technology used to comply with consent obligations under the GDPR and ePrivacy Directive. The CMP processes only the minimum data necessary to record and prove consent choices.
Sample consent text
This website uses Uniconsent to record your cookie preferences and forward your consent signal to advertising and analytics partners through the IAB Transparency and Consent Framework. The platform stores your consent choices to comply with the GDPR and ePrivacy obligations.
Third-party domains contacted
cmp.uniconsent.comuniconsent.comapp.uniconsent.comcdn.uniconsent.comapi.uniconsent.comconsent.uniconsent.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| __uc_consent | functional | 1 year | Stores the visitor consent decision, the TCF policy version, the TC string, and the list of allowed purposes and vendors. Strictly necessary to remember the user choice across pages and visits. |
| __uniconsent | first_party | 12 months | Stores the visitor consent decision per purpose and per vendor (IAB TCF v2.2 categories). Strictly necessary to prove consent under Article 7 GDPR. |
| euconsent_v2 | first_party | 12 months | IAB Transparency and Consent Framework v2.2 consent string. Read by downstream advertising and analytics vendors integrated with the TCF. |
| __uc_session | functional | session | Short lived session identifier used to coordinate the consent banner state during the current browser session and to link banner interactions with the resulting consent record. |
| __uc_geo | functional | 1 day | Caches the geographical region detected for the visitor (EU, UK, California, etc.) so that the appropriate banner variant and legal framework are applied without repeated geo lookups. |
| __uc_region | first_party | 12 months | Caches the detected regulatory region (EU, UK, US California, Brazil) so the right banner is shown on return visits. |
| __uc_gcm | first_party | 12 months | Mirrors the Google Consent Mode v2 signal (ad_storage, analytics_storage, ad_user_data, ad_personalization) for the Google tag. |
| __uc_tcstring | functional | 1 year | Mirror of the IAB TCF v2.2 transparency and consent string, exposed for downstream vendors that read the signal directly from cookie storage rather than from the CMP API. |
| __uc_uid | first_party | 12 months | Anonymous pseudonymous identifier used to link the consent log entry stored by Quirk Solutions to the cookie on this browser. |
Uniconsent is an essential service, but transparency matters. Manage all your consent with FlowConsent.
Uniconsent sets a first party cookie storing the consent identifier and a few helper cookies for the banner UI (language preference, dismissed state). It also writes the IAB TC String to a shared cookie when the IAB TCF integration is enabled, so downstream vendors can read it.
No. Uniconsent is a Consent Management Platform, which European authorities treat as a privacy enhancing technology. It runs on legitimate interest because it is required to gather consent for the other tags. The CMP must, however, not be used to manipulate the user choice.
Legitimate interest under Art. 6(1)(f) GDPR: collecting and storing consent is mandatory under Art. 7 GDPR and Art. 5(3) of the ePrivacy Directive. Uniconsent processes only what is needed to record and demonstrate the consent decision.
Uniconsent is operated from the UK, which benefits from an EU adequacy decision. Cloud sub processors with US affiliates may exist and rely on Standard Contractual Clauses and a Transfer Impact Assessment. Verify the Data Processing Agreement and Sub Processor list before deployment.
A DPIA is not required for Uniconsent itself. It may still be required for the underlying advertising or analytics stack that the CMP gates, especially when large scale behavioural profiling is involved.
Configure the banner with equal prominence between Accept and Reject, expose all vendors and purposes, enable Google Consent Mode v2 forwarding, log consent records server side, set retention rules consistent with your supervisory authority, and document Uniconsent in your Article 30 register.
Yes. Several European CMPs offer equivalent IAB TCF 2.2 support and Google Consent Mode v2 integration: Didomi (France), Axeptio (France), CookieFirst (Netherlands), Cookiebot (Denmark), Klaro (Germany) and Complianz (Netherlands). Most of them keep data inside the EU by default.
Mention Uniconsent as the CMP, list its strictly necessary cookies, explain that it stores your consent choice and the IAB TC String, and describe how to withdraw consent. Re trigger the consent banner if the configuration changed materially, such as new vendors or new purposes.