Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Enterprise consent management platform from Visible Inc. It scans websites for cookies and trackers, displays a multi region banner, stores the consent record in localStorage and cookies, and exports data subject access requests.
Visible Privacy is an enterprise grade Consent Management Platform built by Visible Inc., a US privacy technology company. It bundles a cookie banner with a multi region rule engine, an automated cookie and tag scanner, a consent log and a workflow to receive and export data subject access requests. The product targets organisations that operate across the European Union, the United States, Brazil and Quebec and that need a single tool to address GDPR, CCPA, LGPD and Law 25.
The CMP writes a first party cookie that contains a unique consent identifier and the high level user choice, plus a richer localStorage entry that stores the per category breakdown, the timestamp and the CMP version. The scanner additionally records the list of cookies, scripts and third party domains observed on each scanned page, alongside the page URL and an internal scan identifier. Consent events are sent to the Visible backend for audit and reporting.
The CMP cookie and localStorage entry are strictly necessary because they store the proof of consent required by Article 7 GDPR. They can therefore be written before the banner is displayed. The cookie scanner relies on the legitimate interest of the controller (Article 6(1)(f) GDPR) since it operates on the controller own pages. The banner itself must respect EDPB Guidelines 03/2022 on dark patterns, with equal weight Accept and Reject buttons and a granular per category control.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Visible Privacy supports the IAB TCF v2.2 mode, the Google Additional Consent mode and a free form custom mode for jurisdictions outside the IAB framework. The banner can be configured to require an explicit opt in for EU and EEA visitors and to default to opt out for US visitors covered by the CCPA. A persistent Cookie settings link must be exposed in the site footer so visitors can review and withdraw consent at any time.
Visible Inc. is established in the United States and hosts the Visible Privacy backend on AWS, primarily in US regions, with EU edge caching for banner delivery. Transfers of personal data from the EEA to the US rely on the EU US Data Privacy Framework certification of Visible or on standard contractual clauses, depending on whether the certification is active at the time of contracting.
Configure region specific banner templates inside Visible Privacy, declare Visible Inc. as a processor in the privacy policy, sign the Data Processing Addendum and verify the active transfer mechanism, set a short retention for cookie scan reports, restrict DSAR workflow access to authorised staff, document the integration in the records of processing and run periodic banner audits against EDPB Guidelines 03/2022.
Websites using Visible Privacy must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is usually not required for the CMP itself, but is recommended when Visible Privacy is rolled out across multiple high traffic regional sites, when DSAR workflows are connected to CRM systems or when the scanner monitors employee facing intranets. Document the cookie scan retention, the DSAR audit trail and the US hosting.
Sample consent text
We use Visible Privacy to display the cookie banner and store your choice. This sets a first party cookie and a localStorage entry that record your consent so that we can prove it and respect it on future visits. You can update your choice at any time via the Cookie settings link in the footer.
Third-party domains contacted
visibleprivacy.comcdn.visibleprivacy.comapi.visibleprivacy.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| vp_consent | http_persistent | 12 months | First party cookie storing the unique consent identifier and the high level user choice for Visible Privacy. |
| vp_cid | http_persistent | 12 months | Visitor identifier used to correlate consent updates with the consent log stored in the Visible backend. |
| vp_consent_state | local_storage | 12 months | localStorage entry that records the per category breakdown of the consent, the timestamp and the CMP version. |
| vp_region | http_persistent | 6 months | Stores the detected jurisdiction (EU, US state, Brazil, Quebec) so the correct banner template loads on the next visit. |
Visible Privacy is an essential service, but transparency matters. Manage all your consent with FlowConsent.
Visible Privacy sets a first party cookie that contains a unique consent identifier and the high level user choice, plus a localStorage entry with the per category breakdown, the timestamp and the CMP version. A scanner internal cookie may be present during automated audits run by the controller.
No. The CMP cookie and the localStorage entry are strictly necessary because they store the proof of consent required by Article 7 GDPR. They can therefore be written before the banner is displayed. Consent is needed for the downstream tools that Visible Privacy controls.
Legal obligation under Article 6(1)(c) GDPR for storing the consent record. Legitimate interest under Article 6(1)(f) GDPR for the cookie scanner operating on the controller pages and for the DSAR workflow.
Yes. Visible Inc. hosts the backend mainly on AWS US regions. EEA data is transferred under the EU US Data Privacy Framework certification of Visible or under standard contractual clauses. A transfer impact assessment should be documented before deployment.
A DPIA is recommended when Visible Privacy is deployed across many regional sites, when DSAR workflows are tied to CRM systems containing rich personal data or when the cookie scanner is run on intranets where employee monitoring concerns apply.
Configure region specific banner templates, enable equal weight Accept and Reject buttons, expose a persistent Cookie settings link, sign the Visible data processing addendum, verify the transfer mechanism and grant DSAR workflow access only to staff with a documented need to know.
Comparable enterprise CMPs include OneTrust, Cookiebot by Usercentrics, Didomi, TrustArc, Sourcepoint and Iubenda. Several of them offer EU hosting, which can simplify the transfer analysis.
Add a dedicated entry for Visible Privacy as the CMP, indicate that the CMP cookie and the localStorage entry are strictly necessary, describe the retention (often twelve months by default), name Visible Inc. as a processor located in the United States and link to the Visible privacy notice.