Cookie Consent & Compliance.
Configure the GDPR cookie consent banner and privacy compliance settings.
Privacy compliance is essential. Reward Loyalty includes a built-in cookie consent banner to help you meet GDPR and other privacy regulations.
Accessing Compliance Settings
- Navigate to Settings in the admin sidebar
- Click the Compliance tab
You can also configure these settings via environment variables in your .env file.
Enable Cookie Consent Banner
Controls whether visitors see a cookie consent banner before any tracking cookies are set.
Default: Disabled (false)
Via Admin Dashboard
- Navigate to Settings > Compliance tab
- Toggle Enable Cookie Consent Banner on or off
- Click Save Changes
GDPR & Privacy Compliance
When enabled, visitors will see a cookie consent banner before any tracking cookies are set. This helps ensure compliance with GDPR and similar privacy regulations.
Via Environment File
# Show cookie consent banner
APP_COOKIE_CONSENT=true
# Hide cookie consent banner (default)
APP_COOKIE_CONSENT=false
How It Works
When enabled, visitors see a banner asking them to accept or decline cookies.
When a user makes a choice, their preference is saved in a cookie_consent cookie:
- Accept: The system allows tracking scripts to run
- Decline: Tracking scripts are blocked
The user's preference persists across sessions until they clear their cookies.
Developer Integration
Checking Consent in PHP
If you're developing custom features, you can check for consent in your PHP code:
use App\Http\Controllers\Cookie\CookieController;
if (CookieController::userConsentsToCookies()) {
// Safe to run tracking code or store non-essential cookies
}
Checking Consent in Blade Templates
Conditionally load scripts (like Google Analytics) based on consent:
@if (\App\Http\Controllers\Cookie\CookieController::userConsentsToCookies())
<!-- Load Analytics Script -->
<script>...</script>
@else
<!-- Load Anonymized Script or Nothing -->
@endif
Default Behavior
If APP_COOKIE_CONSENT is set to false (disabled), the system assumes consent is granted by default, and userConsentsToCookies() returns true.
Privacy Policy
The consent banner links to your Privacy Policy. Ensure this policy accurately reflects your data usage.
To edit the Privacy Policy:
- Navigate to
lang/<locale>/md/ - Open
privacy.md - Update the content to match your legal requirements
Available languages:
lang/en_US/md/privacy.md— Englishlang/de_DE/md/privacy.md— Germanlang/es_ES/md/privacy.md— Spanishlang/fr_FR/md/privacy.md— Frenchlang/id_ID/md/privacy.md— Indonesianlang/it_IT/md/privacy.md— Italianlang/ja_JP/md/privacy.md— Japaneselang/pt_BR/md/privacy.md— Portugueselang/pl_PL/md/privacy.md— Polishlang/tr_TR/md/privacy.md— Turkishlang/ar_SA/md/privacy.md— Arabic
Testing the Banner
After enabling cookie consent:
- Open your application in a private/incognito browser window
- Verify the banner appears on page load
- Test both Accept and Decline options
- Confirm the banner doesn't reappear after making a choice
Tip: Use your browser's developer tools to delete the
cookie_consentcookie if you want to test the banner again.
Privacy Regulations & Compliance
Cookie consent helps you comply with privacy regulations worldwide. While requirements vary by jurisdiction, the general principle is similar: obtain user consent before setting non-essential cookies.
Major Privacy Frameworks
| Region | Regulation | Cookie Consent Required? |
|---|---|---|
| 🇪🇺 EU | GDPR | ✅ Yes — Prior consent for non-essential cookies |
| 🇺🇸 California | CCPA/CPRA | ⚠️ Opt-out required (not prior consent) |
| 🇬🇧 UK | UK GDPR / PECR | ✅ Yes — Prior consent required |
| 🇧🇷 Brazil | LGPD | ✅ Yes — Consent for personal data collection |
| 🇨🇦 Canada | PIPEDA | ✅ Yes — Implied or express consent |
| 🇦🇺 Australia | Privacy Act | ⚠️ Recommended best practice |
| 🇸🇬 Singapore | PDPA | ⚠️ Consent required for personal data |
| 🇯🇵 Japan | APPI | ✅ Yes — Consent for cookies that track users |
| 🇨🇳 China | PIPL | ✅ Yes — Separate consent for each purpose |
Tip: When in doubt, enable cookie consent. It's better to ask for consent and not need it than to violate privacy regulations.
Beyond Cookie Consent
Enabling the cookie consent banner is an important step, but privacy compliance requires more:
You should also:
- ✅ Maintain an up-to-date Privacy Policy
- ✅ Provide a way for users to request their data (data portability)
- ✅ Allow users to delete their accounts (right to erasure)
- ✅ Document what data you collect and why
- ✅ Implement proper data retention policies
- ✅ Keep activity logs for audit purposes (see Activity Logs)
Note: The platform provides technical tools for compliance, but you're responsible for ensuring your overall practices meet legal requirements. Consult with a legal professional if you're unsure about your obligations.
Troubleshooting
Banner Not Appearing
Possible causes:
- Setting wasn't saved
- Browser cached the old page
- User already made a choice (cookie exists)
Solutions:
- Verify the setting is enabled and saved
- Hard refresh:
Ctrl+Shift+R(Windows/Linux) orCmd+Shift+R(Mac) - Delete the
cookie_consentcookie in browser developer tools - Try in a private/incognito window
Banner Appears Every Time
Cause: The cookie_consent cookie isn't being saved.
Solutions:
- Check your browser allows cookies
- Verify your
SESSION_DOMAINin.envmatches your actual domain - Ensure you're not running on
localhostwith a domain mismatch
Important Notes
- Settings configured in the Admin Dashboard override environment file values
- Changes take effect immediately for new visitors
- Existing visitors retain their previous consent choice
- The banner is not shown if consent cookie already exists
Related Topics
- System Settings — Overview of all admin configuration
- Branding — Customize your platform appearance
- Languages & Translations — Edit Privacy Policy content