GDPR/CCPA compliance Cookies Consent Management.

• Package: Cookie Guard JS
• Version: v3.4.0
• Copyright: 2026 JosebaMirena.com
• License: MIT License
• Author: Joseba Mirena (@joseba-mirena)

A GDPR/CCPA 2026 compliance, simple and customizable Cookies Management system.

Cookie consent compliance is NOT as complicated as some companies want you to believe.

Many "compliance solutions" charge hundreds or thousands of euros per year, claiming you need:

• ❌ Complex backend databases to store consent
• ❌ IP tracking and user accounts
• ❌ Expensive legal teams
• ❌ Monthly subscription fees

They are lying and fear-mongering to scare you into paying.

• ✅ Blocks third-party scripts until consent
• ✅ Stores consent preferences (with timestamp)
• ✅ Provides granular controls (Analytics/Marketing)
• ✅ Offers easy opt-out (Reject All button)
• ✅ Works across 22 languages
• ✅ Completely FREE and open source

Cookie consent compliance is about respecting user privacy - not about complex systems or expensive subscriptions.

See the compliance table below for exactly what GDPR/CCPA requires.

⚠️ Warning: While cookie consent is manageable, non-compliance CAN result in fines (up to €20 million or 4% of global revenue). However, a proper implementation like Cookie Guard + a simple privacy policy is perfectly sufficient to be compliant.

Don't let fear-mongering companies trick you. You've got this. 💪

• Legal Compliance: Fully GDPR/CCPA compliant workflow (2026 standards).
• Hybrid Modes: Supports both full third-party consent and "no-cookies" informational mode.
• Smart Execution: Auto-activates Analytics/Marketing scripts (handles type="text/plain").
• Zero Dependencies: Pure Vanilla JavaScript; no jQuery or external libraries required.
• Privacy Focus: Optional persistent "Privacy" floating button to re-open settings.
• Legal Terms: Optional acceptance and Legal URL smart handling.
• Global Reach: Support for 22 languages (LTR & RTL) with automatic browser detection.
  • Locales: en, es, ca, eu, gl, et, ar, pt, pl, vi, fr, de, it, ru, zh, ja, id, ko, tr, nl, hi, bn.
• Performance: Ultra-lightweight architecture (~13 kB minified).
• Accessibility: Implements ARIA standards for screen readers.
• Encapsulation: Built within an IIFE to ensure no global namespace pollution.
• UI/UX: Dynamic CSS/HTML injection with a fully responsive, mobile-first design.
• Customization: Flexible configuration for expiration, link colors, and button border-radius.
• Developer API: Public toggle, open, and reset methods for external control.

Add the minified version before the closing </body> tag:

<script 
    src="https://opensource.josebamirena.com/cookie-guard/3.4.0/dist/cookie-guard.min.js" 
    integrity="sha384-dRLgdAlVcDUp1BQffo1IH08fUouMfMdVCOZBZEEGD9uI+Nw6wWtNLLw+7p8U1bYD" 
    crossorigin="anonymous">
</script>

<script>
    document.addEventListener('DOMContentLoaded', () => CookieGuard.init());
</script>

<script>
    const defaults = {
        locale: 'auto', // @string 'auto' or 2-letter ISO code.
        consent: true, // @bool true for 3rd party scripts, false for info-only banner.
        url: null, // @null|string Relative URL to your legal/cookies policy page.
        reopen: true, // @bool Renders the floating privacy button.
        radius: 12, // @int Buttons border-radius in pixels.
        delay: 800, // @int Modal entrance delay in milliseconds.
        link: "#3b82f6", // @string Primary link color.
        hover: "#10b981", // @string Link hover color.
        separator: "•", // @string Modal footer links separator
        expiration: 365, // @int Consent cookie expiration in days.
    };
</script>

<script>
    document.addEventListener('DOMContentLoaded', () => 
        CookieGuard.init({
            locale: 'en', // fixed language
            url: "/legal", // legal relative url
            link: "#ff0000", // red links
            radius: 8, // buttons radius
        })
    );
</script>

<script>
    document.addEventListener('DOMContentLoaded', () => 
        CookieGuard.init({
            locale: 'auto', // auto detect language
            consent: false, // no third party cookies mode
        })
    );
</script>

To let Cookie Guard manage your scripts, add the type attribute text/plain and add the data-cg-category attribute (analytics|marketing):

<script 
    type="text/plain" 
    data-cg-category="analytics">
    console.log('Analytics script executed');
</script>

<script 
    type="text/plain" 
    data-cg-category="analytics" 
    src="https://www.googletagmanager.com/gtag/js?id=UA-XXXXX-Y">
</script>

<script type="text/plain" data-cg-category="marketing">
    console.log("Facebook pixel is legally enabled.");
    fbq('init', '123456789');
    fbq('track', 'PageView');
</script>

<a href="javascript:void(0)" onclick="CookieGuard.toggle()">Privacy</a>

<a href="javascript:void(0)" onclick="CookieGuard.open()">Open Privacy</a>

Debug Shortcut: CTRL + SHIFT + X to reset state instantly.

<a href="javascript:void(0)" onclick="CookieGuard.reset()">Reset Privacy</a>

Cookie Guard is fully compliant with both GDPR (EU) and CCPA/CPRA (California) requirements.

• GDPR: Full opt-in consent for all non-essential cookies
• CCPA/CPRA: Easy opt-out mechanism + no data selling
• Global: Respects user privacy across 22 languages
• Audit Ready: Consent records stored with timestamps

For complete legal compliance, website owners must provide:

1. Privacy Policy - How you collect, use, and protect personal data
2. Contact Information - Clear way for users to exercise their rights

📌 Note: Cookie Guard includes built-in Cookie Policy with category descriptions. Only a separate Privacy Policy page (with contact information) is needed for personal data handling.

Cookie Guard is a free, open-source tool that provides the technical framework for cookie consent management. It does NOT constitute legal advice.

As a website owner using Cookie Guard, you are responsible for:

1. Maintaining your own Privacy Policy that accurately reflects your data handling practices
2. Providing a contact method (email, contact form, or page) for users to exercise their GDPR/CCPA rights
3. Ensuring your legal terms accurately describe your specific data collection and processing activities
4. Complying with all applicable laws in your jurisdiction

Cookie Guard helps you implement consent management, but you must:

• ✅ Inform users about YOUR specific data practices
• ✅ Provide YOUR contact information for privacy requests
• ✅ Maintain YOUR own privacy policy and legal terms

This tool is provided "as is" without warranty of any kind. Consult a legal professional for advice on your specific compliance requirements.

Cookie Guard gives you the technical foundation. Add your privacy policy and contact information, and you're fully compliant!

• Minified size 13 kB.

• Added wording localStorage cache (eliminates redundant network requests)

• Wording files optimized
• Code weight optimization
• Updated main buttons accessibility
• Updated default consent to false
• Updated main documentation

• Added aria-label to legal acceptance checkbox for better screen reader support

• Fixed missing aria-labelledby attribute in minified version (modal dialog now properly labeled)
• Fixed "uncrawlable link" for policy link

• ✅ 2026 GDPR/CCPA compliance workflow.
• ✅ Added support for sites not using 3rd party cookies.
• ✅ i18n 22 languages, LTR & RTL, with dynamic JSON loading.
• ✅ Optimization: Minified size reduced from 38.8 kB to 12.8 kB.
• ✅ Added reset Cookies public method and Shortcut (CTRL+SHIFT+X).
• ✅ UX: Improved modal animations and RTL support.
• ✅ Performance improvements.
• ✅ Security improvements.
• ✅ Proprietary to MIT license.
• ⚠️ Version 2.0.0 deprecated.

Try Cookie Guard live on my website:
👉 Cookie Guard Demo

See how it handles consent, 22 languages, and third-party script blocking in action.