Cookie consent laws aren't optional. Under GDPR, CCPA, and the ePrivacy Directive, every website that places non-essential cookies on a visitor's device must obtain clear, informed consent before doing so — or risk fines of up to €20 million or 4% of global annual turnover. Yet most website owners either display a banner that doesn't actually block cookies, rely on a free plugin that hasn't been updated for the latest regulatory guidance, or spend hours manually configuring scripts one by one.
A proper consent management platform (CMP) solves this by handling cookie detection, blocking, and user preference storage automatically — but only if it's configured correctly for each domain you operate. Misconfigured domain settings are one of the most common reasons businesses fail cookie consent audits even when they believe they're compliant.
Secure Privacy gives you granular, per-domain control over every aspect of your cookie consent setup: which cookies are blocked and when, how your consent banner looks, which compliance template governs your region's regulations, and how Google Analytics and Google Ads behave in response to user choices. By the end of this guide, you'll have every section of the Secure Privacy Domain Settings page fully configured — giving you an audit-ready, regulation-aligned privacy setup across all your websites.
Who Is This Guide For?
This guide is for website owners, webmasters, and compliance managers who use Secure Privacy to manage cookie consent and data privacy compliance across one or more domains. Whether you're setting up a domain for the first time, migrating after a rebrand, or fine-tuning blocking behaviour to satisfy a recent audit, this reference covers every available setting.
How to Access Domain Settings in Secure Privacy
Step 1 — Log In to Your Secure Privacy Account
Log in to your Secure Privacy account at app.secureprivacy.ai using your registered credentials.
Step 2 — Open the Domains Tab
After logging in, navigate to the Domains tab in the top navigation bar. This section lists all domains associated with your account, along with their current configuration status.
Step 3 — Select the Domain to Configure
From the domain list, click the name of the specific domain you want to configure. This opens its individual Domain Settings page, where all customization options are available.
The Domains tab lists all domains in your account. Click a domain name to open its settings.
Customizing Domain Settings: Every Option Explained
The Domain Settings page is organized into five key sections. Each section controls a distinct aspect of your website's privacy and cookie consent behaviour. Below is a detailed walkthrough of each.
Domain Name
Edit the domain name to ensure it accurately reflects the current website address. Keeping this up to date is particularly important after domain migrations, rebranding, or when launching a site on a new TLD — an incorrect domain name can cause the Secure Privacy script to fail consent logging for the wrong origin.
Design — Customize Your Cookie Consent Banner
Assign a cookie banner design template to this domain to control how your consent widget appears to visitors. You can select from existing brand-matched designs or create a new one. A well-designed, on-brand consent banner increases opt-in rates and builds visitor trust — both of which are measurable signals of an effective consent management setup.
For detailed instructions on adjusting colors, layout, and button text, refer to the Design Settings guide.
The Design section lets you assign or create a cookie banner template for this specific domain.
Blocking — Control How Cookies Are Managed on Your Domain
The Blocking section is the most compliance-critical setting on this page. It determines whether Secure Privacy automatically enforces cookie blocking before consent is given, or whether you manage blocking manually. Two modes are available:
Automatic Blocking (Recommended Default)
Automatic blocking is the recommended setting for most websites and the default for all new domains. When enabled, Secure Privacy automatically prevents all non-essential cookies and third-party trackers from loading on a visitor's device until they have provided explicit consent. Only cookies classified as strictly necessary — those required for core site functionality such as session management or shopping cart persistence — are permitted to run without consent.
This mode is fully aligned with GDPR Article 7, the ePrivacy Directive, and guidance from data protection authorities across the EU. It requires no manual script management, making it the most practical choice for the majority of website owners.
Manual Blocking
Manual blocking disables Secure Privacy's automatic cookie regulation, meaning all cookies and services load without restriction until a user actively opts out. This mode is intended for developers or compliance teams who need fine-grained control and prefer to manually specify which scripts or services to allow or restrict via the tag manager or script rules.
Important: Manual blocking places full responsibility for privacy compliance with the website operator. In this mode, non-essential cookies may fire before consent is obtained — which is not compliant with opt-in frameworks such as GDPR without additional manual configuration. Use this mode only if you have a specific technical reason and understand the compliance implications.
Choose Automatic Blocking for regulation-aligned cookie control, or Manual Blocking for custom script-level management.
Google Consent Mode — Preserve Analytics While Respecting User Choices
Google Consent Mode is a framework that allows Google services — including Google Analytics 4, Google Ads, and Google Tag Manager — to adapt their data collection behaviour based on each visitor's consent status. When a user declines analytics cookies, Google's services switch to cookieless, modeled measurement rather than stopping entirely, preserving conversion and audience data while respecting the user's choice.
Configuring Google Consent Mode through Secure Privacy ensures that consent signals are passed correctly to all connected Google services — a requirement for advertisers using Enhanced Conversions or running campaigns to EU audiences under Google's EU User Consent Policy. The default value is OFF. Select your preferred mode (Basic or Advanced) from the options in this section.
Enable Google Consent Mode to ensure Google Analytics and Google Ads respect visitor consent decisions.
Templates — Apply Pre-Built Legal Compliance Configurations
The Templates section lets you apply a pre-defined legal compliance template that simultaneously configures your cookie banner, consent widget, preference centre, privacy policy, cookie declaration, data request form, and contextual consent layer — all at once. Each template is preconfigured for a specific regulatory framework (such as GDPR for EU visitors, CCPA for California, or LGPD for Brazil), letting you deploy compliant privacy measures in minutes rather than hours.
For a full breakdown of available templates and their configurations, visit the Templates Settings guide.
Select a compliance template to instantly configure all privacy components for GDPR, CCPA, or other applicable regulations.
Keeping Your Domain Settings Compliant Over Time
Data protection regulations evolve frequently — GDPR guidance is updated by national DPAs, and frameworks like CCPA continue to be amended by new legislation. Regularly reviewing your domain settings ensures your cookie consent configuration remains aligned with current compliance requirements. As a best practice, audit each domain's settings when you:
Add new third-party scripts or analytics tools to your site
Migrate to a new domain or rebrand
Receive guidance from a data protection audit or legal review
See a regulatory update affecting your operating regions
For further assistance, contact the Secure Privacy support team at [email protected].
Frequently Asked Questions
Do I need a cookie banner on my website to comply with GDPR?
Yes. Under GDPR and the ePrivacy Directive, you must obtain freely given, specific, informed, and unambiguous consent before placing any non-essential cookies on a visitor's device. A compliant cookie banner — one that actually blocks cookies until consent is granted — is the standard mechanism for meeting this requirement. Simply displaying a banner without blocking cookies is not sufficient.
What is the difference between Automatic Blocking and Manual Blocking in Secure Privacy?
Automatic Blocking is the recommended default. It prevents all non-essential cookies and third-party trackers from loading until a visitor gives consent, with no manual configuration required. Manual Blocking disables this automation, allowing all cookies to load freely until a user opts out. Manual mode is intended for advanced users managing custom script rules and requires additional configuration to remain GDPR-compliant.
What does Google Consent Mode do and do I need it?
Google Consent Mode tells Google Analytics and Google Ads how to behave when a user has declined cookies. Instead of stopping entirely, Google switches to cookieless, modeled measurement — preserving useful conversion data without violating the user's choice. If you run Google Ads campaigns targeting EU users or use Enhanced Conversions, enabling Google Consent Mode is required under Google's EU User Consent Policy.
Can I configure different settings for different domains in Secure Privacy?
Yes. Secure Privacy's Domain Settings are applied per domain. You can assign different cookie banner designs, blocking modes, Google Consent Mode settings, and compliance templates to each domain in your account — making it straightforward to manage a multi-site portfolio with different regional regulations or brand identities.
Which compliance template should I choose for a GDPR website?
For websites targeting EU visitors, select the GDPR template. This preconfigures your cookie banner, preference centre, cookie declaration, and other privacy components according to GDPR and ePrivacy Directive requirements — including opt-in consent, granular category controls, and a record of consent. See the Templates Settings guide for the full list of available regulatory frameworks.