Prejsť na obsah

Security & IT — Web & Apps

Web & app compliance for cookies, CMPs & tracking

Fix your cookies, SDKs and tags. We scan, categorise, configure CMPs and adjust consent mode so tracking respects choices — with an evidence pack you can show to regulators and customers.

  • Cookie / CMP setup
  • SDK & pixel review
  • Consent mode & tags
  • Evidence for EU & UK
Customer & regulator-ready evidence packs • Vendor-agnostic • Tested flows to reduce regressions
Browser window with cookie banner, consent options and a tag manager panel
1–3 wks
Typical audit window
Web + apps
Scope coverage
Trusted by SaaS, fintech, and product-led teamsAligned with EU GDPR & UK DPACustomer & regulator-ready evidence packs

Summary

At a glance

Typical audit window
~ 1–3 weeks
Scope
Web · Mobile apps · SDKs
Regimes
EU GDPR · UK GDPR
Output
CMP config + evidence pack

Timelines depend on number of sites/apps, vendors and prior work.

Outcomes

Compliance outcomes you can run with

Accurate cookie & SDK inventory

Scanned and reviewed by purpose, vendor and legal basis across web and app.

CMP configured correctly

Banner text, categories, vendors and geo rules aligned to GDPR/UK expectations.

Consent before tracking

Tagging, consent mode and triggers adjusted so tracking respects user choices.

Evidence for audits

Screenshots, config exports and decision notes you can share with regulators or customers.

Clear responsibilities

Who owns banners, tags, SDK updates and regression checks after product changes.

Playbook for changes

Steps product, marketing and engineering can follow when adding new tools.

Better signal, less risk

We aim for clean consent behavior that still supports measurement: predictable event firing, fewer “mystery vendors”, and clear ownership so changes don’t regress.

Evidence you can reuse

Config exports, screenshots and decision notes packaged for regulators, customers and internal audit—easy to refresh after releases.

Method

How we typically work

Step 1
Discovery

Understand your sites/apps, markets, tools (analytics, ads, UX) and risk profile.

Step 2
Scan & analyse

Run scanners, inspect tags/SDKs and group cookies/tracking by purpose and vendor.

Step 3
Design & configure

Propose categories, banner copy, geo rules and consent mode/tagging changes.

Step 4
Test & document

Test flows, reduce regressions and ship screenshots, configs and decision records.

Scope

Common engagement patterns

We tailor scope and cadence to your footprint. These models are starting points that we adjust to your stack, markets and internal resources.

One-off web cookie fix
Single main marketing site or small group of sites.
  • Cookie and tracker inventory for key domains
  • CMP/banner configuration or review
  • Consent mode / tag trigger adjustments
  • Evidence pack: screenshots + config exports
Web + app tracking review
Web + iOS/Android apps with SDKs and product analytics.
  • Combined web + app tracking inventory
  • SDK review and purpose/category mapping
  • Cross-channel consent approach (web ↔ app)
  • Guidance for product & marketing teams
Ongoing changes & audits
Teams regularly adding vendors or facing questionnaires.
  • Change review for new tags/SDKs
  • Periodic scans and regression checks
  • Support for customer DDQs and RFPs
  • Updated evidence pack on agreed cadence

Tooling

Platforms we often work with

CMPs: OneTrust, Cookiebot, Usercentrics, custom banners
Analytics: Google Analytics 4, Matomo, Amplitude, Mixpanel
Tags: Google Tag Manager, Tealium, Segment, server-side tagging
Ads: Google Ads, Meta, LinkedIn, TikTok, programmatic pixels
Apps: iOS/Android SDKs (analytics, crash reporting, marketing)
Consent signals: IAB TCF, GA4 consent mode, custom signals

We're vendor-agnostic and can work with your existing tools or recommend pragmatic options.

Proof

Reporting & evidence

  • Cookie & tracker inventory (per domain/app)
  • Purpose categories, legal bases and vendors
  • Banner/CMP configuration and screenshots
  • Consent mode / tag trigger mapping
  • Decisions log with rationale and owners
Dashboard of cookie scan results, consent rates and tracking inventory

Example: scan results, consent rates and tracking grouped by purpose and vendor.

Next step

Request help with web & app cookies / tracking

Share your sites/apps, key tools and jurisdictions. We'll respond with a pragmatic plan for auditing and fixing cookies, CMPs and tracking — no automated sign-ups.

Typical focus areas include cookie and SDK inventory, CMP/banner design, consent mode & tag triggers, and evidence for audits or DDQs.

What do you need help with?
Current CMP / tooling

Questions

FAQ

Do you only work with specific CMPs?
No. We’re vendor-agnostic and can work with your existing CMP, a new vendor, or a lightweight custom banner where appropriate.
Can you help us with Google consent mode and GA4?
Yes. We can design the consent states, update your GTM or tagging, and test that GA4 and ads platforms respect user choices.
What about mobile apps and SDKs?
We review your SDKs, map them to purposes/bases and help align in-app consent with what you do on web and in your privacy notices.
Will this break our marketing?
We work with marketing and product to minimise disruption—testing flows, suggesting fallback reporting and phasing changes where needed.