Consent Management Platform Implementation
Implement a GDPR-compliant Consent Management Platform (CMP): granular consent collection, withdrawal mechanism, consent audit log, and integration with your analytics and marketing tools.
Implement a GDPR-compliant CMP: granular per-purpose consent banners, withdrawal mechanism, consent version history, and integration with your analytics (GA4, Plausible) and marketing tools. Article 7 compliant. Delivered in 20–40 business days. Fixed price €1,800–3,600.
📋Why this service exists
Article 7 requires demonstrable, specific, informed, and unambiguous consent as a legal basis. Article 6 and 9 require appropriate legal basis for each processing purpose. A CMP implements these requirements technically — collecting consent per purpose and maintaining an auditable record.
What you get
- CMP deployed and configured
- Consent banner with granular per-purpose consent
- Withdrawal mechanism (easy as giving consent)
- Consent audit log with version history
- Integration with analytics tools (GA4, Plausible, etc.)
- Integration with marketing automation (Mailchimp, etc.)
- Consent statistics dashboard
- Cookie audit report
How we deliver
- Day 0You request quote → reply in 4 business hours
- Day 1–2Discovery call & scope clarification
- Day 3–5Contract signed, kickoff scheduled
- Day 5–7Implementation begins
- Day NFinal deliverables + walkthrough call
- +30 daysFree post-delivery support
Tools & technologies
Prerequisites
- Website or web app access
- List of all analytics and tracking tools
- Legal basis documentation from legal/DPO
Pricing
✓ Within scope:
- •One website or web application
- •Up to 5 consent purposes
- •Up to 10 third-party tool integrations
⚠ Outside scope (additional quote required):
- •Native mobile app CMP (additional quote)
- •More than 10 integrations
- •Legal review of consent language (lawyers' scope)
📋Final price confirmed in proposal within 4 hours of your request.
Realistic timeline — what to expect
- T+0hSubmit request
- T+4hInitial proposal (business hours)
- T+1–3dDiscovery call
- T+2–3dFinal invoice
- T+3–5dContract signed
- T+4–6dPayment received
- T+5–7dService kickoff
- T+5–7d+NService complete
Frequently asked questions
Custom CMP or off-the-shelf (Cookiebot, Osano)?
Does Google Analytics require consent under GDPR?
Related services
Privacy by Design Architecture Review
Expert review of your system architecture against GDPR Article 25 Privacy by Design principles — with findings report and redesign recommendations.
Data Retention Automation (Article 5(1)(e))
Implement automated data retention policies: automatically delete or archive personal data when the retention period expires, across databases, file storage, and logs.
DPIA Technical Component Development
Develop the technical component of a Data Protection Impact Assessment: system description, data flows, threat model, technical risk assessment, and proposed mitigations.