Cookie consent (GDPR)
Gate the AOV.ai Free Gift storefront scripts behind your store's cookie consent banner, so EU shoppers who decline tracking never load the app's scripts or cookies.
Cookie consent is an admin-controlled toggle. It lives in the Dev Zone of the AOV.ai Free Gift app, which is not visible to all merchants. If you do not see it, contact support and ask to enable Respect cookie consent (GDPR) for your store.
What gets gated
When the setting is on, the theme app embed (avada-free-gift.js) defers loading of the following until consent is granted:
avada-free-gift-main.min.js, the core script-tag that powers gift selection, pop-ups, floating buttons, congrats bars, badges, and the cart drawer integration.aov-util.min.js, the shared utilities script.
With the setting off (default for stores that have not opted in), both scripts load immediately on every page.
How consent is detected
The embed reads Shopify's Customer Privacy API:
window.Shopify.customerPrivacy.currentVisitorConsent()- The
visitorConsentCollecteddocument event
A visitor is treated as having accepted if any of preferences, analytics, or marketing returns yes. A visitor is rejected only when all three explicitly return no. Anything else (no decision yet) is pending.
| Decision | What the embed does |
|---|---|
accepted | Loads the AOV.ai Free Gift scripts immediately. |
pending | Holds off and listens for the visitorConsentCollected event. Loads scripts as soon as the visitor accepts. |
rejected | Holds off. Listens for visitorConsentCollected in case the visitor later changes their mind. Otherwise, scripts never load. |
| no consent banner detected | Retries every 1 second up to 5 times, then falls back to loading the scripts. This prevents the app from breaking on stores that have not configured a consent banner. |
How to enable
Step 1: Open Dev Zone
Navigate to the Dev Zone page in the AOV.ai Free Gift app (admin URL, not exposed in the standard sidebar).
Step 2: Toggle Respect cookie consent (GDPR)
Find the Respect cookie consent (GDPR) switch in the script-loading section. The helper text reads: "Wait for visitor consent via Shopify Customer Privacy API before loading scripts (for EU stores using Usercentrics, Cookiebot, etc)".
Switch it on. The change takes effect on the next storefront page load.
What merchants need to do
For the gate to actually wait on consent, your store needs a consent banner that integrates with Shopify's Customer Privacy API. This includes:
- Shopify's built-in cookie banner, configured in Online Store > Preferences > Customer privacy.
- Third-party CMPs such as Usercentrics, Cookiebot, OneTrust, or any banner that calls
Shopify.customerPrivacy.setTrackingConsent.
If your banner does not surface decisions through the API, the embed will see no_cmp, retry briefly, then load scripts to keep the campaigns functional. To prevent that fallback, choose a CMP that explicitly supports Shopify Customer Privacy.
What happens for visitors who decline
When a visitor declines tracking:
- No AOV.ai Free Gift scripts are injected into the page.
- No app-specific cookies are written.
- No pop-ups, floating buttons, badges, congrats bars, or progress widgets render.
- Active campaign discount codes are not auto-applied (any code already in the visitor's cart remains, but the app does not add new ones).
- The visitor still sees the storefront normally; they simply do not see AOV.ai Free Gift surfaces.
If a visitor changes their mind later and accepts (via the banner's "edit preferences" flow), the embed catches the visitorConsentCollected event and loads the scripts on the next interaction.
Verification
To confirm the gate is wired correctly:
- Open your storefront in a fresh incognito window.
- In DevTools > Network, filter on
avada-free-gift-main. - Before accepting the cookie banner, no
avada-free-gift-main.min.jsrequest should appear. - Accept cookies. The script should load within a second.
- Repeat with Decline: the script should never load.