Skip to content
Contact Support
  • There are no suggestions because the search field is empty.

How to set up Cookiebot with the Shopify Customer Privacy API

Shopify's Customer Privacy API is the consent signal that ProfitMetrics and most other Shopify apps use to decide whether tracking is allowed. Cookiebot captures the visitor's consent in its banner, but you need to connect it to the Customer Privacy API so Shopify knows what was chosen. The steps below cover the three ways Cookiebot can be installed on a Shopify store.

What You Need

Requirement Where to find it
Cookiebot account cookiebot.com — free or paid plan
Shopify store Admin access required to install apps or edit theme code
ProfitMetrics Shopify app Installed and configured

Choose an installation method

Method When to use it
Cookiebot CMP App (recommended) You want the simplest setup. The app handles the Customer Privacy API automatically — no bridge code required.
GTM (Cookiebot template) Cookiebot is loaded via Google Tag Manager and you want to keep tracking inside GTM.
Theme installation Cookiebot is loaded directly from your theme code, without GTM or the app.

Option 1: Cookiebot CMP App (recommended)

The Cookiebot CMP app runs through Shopify's App Embed framework, which handles script blocking and writes consent into the Customer Privacy API automatically. No bridge code, snippets, or GTM tags are required — Cookiebot themselves recommend the app over the manual installation for this reason.

  1. Open the Cookiebot CMP app in the Shopify App Store and click Install.
  2. Connect the app to your Cookiebot account by entering your Domain Group ID when prompted.
  3. Customise the banner and confirm the cookie categories (Necessary, Preferences, Statistics, Marketing).
  4. Publish the banner to your storefront.

That's it — skip ahead to Disable Shopify's native cookie banner, then Verification.

Option 2: GTM (Cookiebot template)

If you load Cookiebot through Google Tag Manager, use the official Cookiebot CMP template from the GTM Community Template Gallery, then add the Customer Privacy API bridge as a snippet in your theme.

Step 1: Add the Cookiebot CMP template in GTM

  1. In GTM, go to Templates → Tag Templates → Search Gallery.
  2. Search for Cookiebot CMP and add the official template (publisher: Cookiebot).
  3. Go to Tags → New and select the Cookiebot CMP tag type.
  4. Enter your Domain Group ID (the data-cbid value from your Cookiebot dashboard).
  5. Set the trigger to Consent Initialization - All Pages so Cookiebot loads before any consent-gated tags.
  6. Save and publish the container.

Step 2: Add the Customer Privacy API bridge in your theme

Follow the snippet steps in Option 3 to create the cookie-consent snippet and render it in theme.liquid. Place the  line before your GTM snippet so the consent listeners are registered before Cookiebot fires its events.

Option 3: Theme installation

If Cookiebot is loaded directly from your theme (not GTM, not the app), follow the steps documented in Cookiebot's official Shopify guide.

Step 1: Open the theme code editor

  1. In the Shopify admin, go to the left-hand menu and click Themes.
  2. Click the Customize button on your active theme.
  3. Click the ••• button.
  4. Select Edit code.

Step 2: Create the cookie-consent snippet

  1. Under the Snippets section, click Add a new snippet.
  2. Name the new snippet cookie-consent and click Create snippet.

Open the new cookie-consent.liquid file and add the following content:

<script>
  function feedback() {
    const p = window.Shopify.customerPrivacy;
    console.log(`Tracking ${p.userCanBeTracked() ? "en" : "dis"}abled`);
  }
  window.Shopify.loadFeatures(
    [
      {
        name: "consent-tracking-api",
        version: "0.1",
      },
    ],
    function (error) {
      if (error) throw error;
      if ("Cookiebot" in window) window.Shopify.customerPrivacy.setTrackingConsent({
        "analytics": false,
        "marketing": false,
        "preferences": false,
        "sale_of_data": false,
      }, () => console.log("Awaiting consent"));
    }
  );
  window.addEventListener("CookiebotOnConsentReady", function () {
    const C = Cookiebot.consent,
      existConsentShopify = setInterval(function () {
        if (window.Shopify.customerPrivacy) {
          clearInterval(existConsentShopify);
          window.Shopify.customerPrivacy.setTrackingConsent({
            "analytics": C["statistics"],
            "marketing": C["marketing"],
            "preferences": C["preferences"],
            "sale_of_data": C["marketing"],
          }, () => console.log("Consent captured"))
        }
      }, 100);
  });
</script>

Save the snippet by clicking the Save button.

Step 3: Render the snippet in theme.liquid

Open layout/theme.liquid and add this line inside the <head> tag, before your Cookiebot script (or before your GTM snippet, if using Option 2):

Click Save.

Disable Shopify's native cookie banner

If Shopify's built-in cookie banner is enabled alongside Cookiebot, visitors will see two banners and Shopify will continue to manage consent itself instead of deferring to Cookiebot.

  1. In the Shopify admin, go to Settings → Customer privacy → Cookie banner.
  2. Confirm that Cookiebot CMP appears under Installed privacy apps (if you used Option 1).
  3. Click Remove cookie banner and confirm in the modal.

Verification

Once installed, confirm consent is flowing into the Customer Privacy API:

  1. Open your storefront in a private/incognito window.
  2. When the Cookiebot banner appears, accept all cookies.
  3. Open DevTools and run this in the console:
window.Shopify.customerPrivacy.userCanBeTracked()

It should return true after consent is given. Reload the page, reject the banner, and run the same command — it should now return false.

You can also watch the console for the log messages emitted by the bridge: Awaiting consent on initial page load, then Consent captured after the visitor responds to the banner.

Troubleshooting

Symptom What to check
The Cookiebot banner does not appear on your storefront Open your storefront and right-click anywhere on the page → Inspect → Console tab. Cookiebot prints an error message there explaining why the banner did not load. The two most common causes are:
  • Your storefront domain has not been added to your Cookiebot account. Add it in the Cookiebot dashboard under Settings → Domains.
  • Your Cookiebot payment method has expired. Update your card in the Cookiebot dashboard under Account → Billing.
Two cookie banners appear on the storefront Shopify's native banner is still active. Follow the Disable Shopify's native cookie banner steps above.
The banner appears but Shopify never registers the visitor's choice The bridge between Cookiebot and the Customer Privacy API is not running. For Option 1, open your theme's App embeds and confirm Cookiebot CMP is toggled on. For Options 2 and 3, confirm  is present in theme.liquid and appears before your Cookiebot or GTM script.

If you have run the diagnostics in the console above and consent still is not flowing through correctly, contact support@profitmetrics.io with a screenshot of the console output and we will help you investigate.