HomeLogin

Freshpaint Consent Manager

Freshpaint Consent Manager

Freshpaint Consent Manager provides built-in consent management directly within your Freshpaint implementation, allowing you to give users control over their data collection preferences while maintaining compliance with privacy regulations like HIPAA.

Unlike third-party consent managers, Freshpaint Consent Manager is natively integrated with your Freshpaint setup, requiring no additional tools or external dependencies. This guide walks through how to:

  • Configure consent modes (opt-in vs. opt-out)

  • Categorize integrations for granular consent control

  • Customize the consent interface for your users

  • Monitor and audit consent decisions

1. Understanding Consent Modes

Freshpaint Consent Manager operates using two core concepts: consent mode and consent decision.

1.1 Consent Mode: Setting the Default Behavior

Your consent mode determines how data is handled before a user makes an explicit choice:

Opt-in Mode (Recommended)

  • No data is sent to destinations until the user grants consent

  • Events are queued in the browser while awaiting consent decisions

  • Most conservative approach for privacy and HIPAA compliance

  • Queued events are sent retroactively if consent is granted

Opt-out Mode

  • Data collection begins immediately upon page load

  • User must actively opt out to stop data collection

  • All integrations receive data by default until consent is denied

  • Less restrictive but may not meet all compliance requirements

1.2 Consent Decisions: User Choices

After you set the consent mode, users make explicit decisions about their data:

  • Accept All: Grant consent for all integrations and categories

  • Reject All: Deny consent for all non-essential integrations

  • Custom Selection: Choose specific categories to allow or block

💡 Important: Users can update their consent decisions at any time. New decisions only apply to events collected after the change—previously sent events are not retroactively affected.

1.3 How Consent Appears in Events

Every event captured by Freshpaint includes a consent object that specifies which integrations have been granted consent. The consent object structure looks like this:

The All key is always set to false, while individual integration keys reflect the user's consent decisions. For opt-in mode, all integrations default to false until consent is granted. For opt-out mode, all integrations default to true until consent is denied.

2. Enabling Freshpaint Consent Manager

2.1 Enable the Entitlement

Before configuring Freshpaint Consent Manager, ensure it's enabled for your account. Contact our team at [email protected] to request access to Freshpaint Consent Manager. Our team will enable the entitlement for your account.

⚠️ Note: The entitlement is granted at the account level, but configurations are set per environment. You'll need to configure consent settings separately for each environment (production, staging, etc.).

2.2 Initial Configuration

When you first access Freshpaint Consent Manager:

  1. Go to Consent Management in your Freshpaint navigation

  2. Click Freshpaint Consent Manager

  3. On your first time setting up, you will be displayed a window referring you to the Freshpaint documentation before clicking Confirm

  4. After clicking Confirm, click the Details button to access the configuration page

After initial setup, you'll see a status toggle that shows whether Freshpaint Consent Manager is active for your environment and allows you to enable or disable it.

3. Configuring Freshpaint Consent Manager

3.1 Understanding Categories

Consent Manager organizes your integrations into categories that users can accept or reject as groups. Standard categories include:

  • Essential: Required for site functionality; cannot be disabled by users

  • Analytics: Website analytics and performance tracking

  • Personalization: Customized content and user experience

  • Marketing: Advertising and promotional communications

3.2 Choose Your Consent Model

The first configuration step is selecting your consent model, which determines how data is handled before users make explicit choices:

  1. Go to Integrations > Consent Management > Freshpaint Consent Manager

  2. Click the Details menu to access configuration settings

  3. Select your consent model:

    • Opt-in Mode: No data sent until user grants consent (recommended for HIPAA compliance)

    • Opt-out Mode: Data collected until user opts out

💡 Important: This decision significantly impacts your privacy posture. Most healthcare organizations should use opt-in mode to ensure compliance with privacy regulations like HIPAA.

3.3 Categorize Your Integrations

After selecting your consent model, you must assign each integration to a category:

  1. In the Categorize Advertising and Analytics integrations section, review the list of integrations in your environment

  2. For each integration, select the appropriate category from the dropdown menu

  3. Click Save to apply your categorization

⚠️ Critical: Any integration without an assigned category will be blocked from receiving data. If you add new integrations after setting up Consent Manager, you'll receive a warning in the Integrations page prompting you to categorize them before data can flow.

Example Use Case:

A healthcare provider wants to track website performance (Google Analytics) while targeting patients with appointment reminders (Google Ads). They would categorize:

  • Google Analytics → Analytics

  • Google Ads → Marketing

This allows patients to opt out of marketing while still enabling essential analytics for site improvement.

3.4 Special Handling for Audience Integrations

Audience integrations (Meta Audiences, Google Ads Audiences, etc.) are categorized collectively rather than individually. Assign all audience-related integrations to the same category, as they function as a unified group for consent purposes.

4. Customizing the Consent Interface

4.1 Adjust Visual Styling

Personalize the appearance of your consent interface:

  1. In the Details menu, locate the Colors & Theme section

  2. Choose colors for:

    • Background

    • Text

    • Buttons

    • Borders

  3. Preview your changes on the right side of the screen to ensure readability and brand alignment

4.2 Modify Display Text

Customize the language shown to your users:

  1. In the Details menu, locate the Copy & Translation Settings section

  2. Edit the consent banner text, category descriptions, and button labels

  3. You cannot change category names (Essential, Analytics, etc.) in the backend, but you can modify how they appear to users

⚠️ Critical: Never include PHI or health-related terms (e.g., "diabetes", "patients", "treatment") in consent interface text, as this content may be visible to third-party systems.

4.3 Configure Display Settings

Control how and when the consent interface appears to your users:

  1. In the Details menu, locate the Display Settings section

  2. Show consent modal by default: Toggle this option to control whether the consent modal automatically displays when users first visit your site

  3. Cookie selections icon: Enable this to add an overlay icon to your website that allows users to reopen the consent menu at any time

  4. If you enable the Cookie selections icon, select the icon color

Best Practice: Always enable the cookie selection icon to maintain transparency and give users control over their data preferences.

5. How Consent Decisions Work

5.1 Event Queuing in Opt-in Mode

When using opt-in consent mode:

  1. Before Consent: Events are triggered and queued in the browser's local storage. The consent object shows all integrations as false (except Essential).

  2. After Consent Granted: Queued events are sent to Freshpaint with the updated consent object, allowing them to flow to permitted destinations.

  3. After Consent Denied: The event queue is flushed, and no data is sent to Freshpaint or destinations.

5.2 Event Flow in Opt-out Mode

When using opt-out consent mode:

  1. Before Consent: Events are immediately sent to Freshpaint and all enabled destinations. The consent object shows all integrations as true.

  2. After Consent Denied: Future events are blocked from denied destinations based on the updated consent object.

5.3 Consent Election Events

Freshpaint automatically captures a consent_election event whenever a user makes or updates their consent decision. This special event can be seen in LiveView and includes:

  • The complete consent object

  • Timestamp of the decision

  • The specific categories accepted or rejected

These events enable consent auditing and reporting without needing to parse consent objects from standard events.

6. Monitoring Consent in Event Verification

6.1 Viewing Consent Objects

To verify consent is working correctly:

  1. Go to Event Verification in Freshpaint

  2. Select any event to view its details

  3. Locate the consent object in the event properties

  4. Confirm that integration keys reflect the user's consent decisions

6.2 Understanding Consent Status

In Event Verification, you'll see one of two statuses for each destination:

  • Okay: Consent was granted; event was delivered to the destination

  • Consent Not Granted: Consent was denied; event was blocked from the destination

⚠️ Critical: Essential integrations will always show Okay regardless of user consent decisions.

7. Environment Configuration

7.1 Per-Environment Settings

Consent Manager configurations are set at the environment level, not the account level. This means:

  • Settings configured in your production environment do not automatically apply to staging or development environments

  • You must configure categories, styling, and consent modes separately for each environment

  • Different environments can use different consent modes (e.g., opt-out in staging, opt-in in production)

💡 Future Enhancement: Freshpaint plans to add a feature to copy consent configurations across environments to streamline this process.

7.2 Configuration Propagation

After making changes to your consent configuration:

  • Changes typically propagate to your live website within seconds to a few minutes

  • If changes don't appear immediately, wait 2-3 minutes before troubleshooting

  • Clear your browser cache if you're testing changes and they're not appearing

Best Practices & Reminders

Choose opt-in mode for maximum compliance Opt-in consent mode provides the most conservative approach to privacy and is recommended for healthcare organizations subject to HIPAA. This ensures no data is collected without explicit user permission.

Categorize integrations thoughtfully Place integrations in categories that accurately reflect their purpose. Avoid categorizing marketing tools as "Essential" unless they're truly required for site functionality, as this undermines user trust and may violate compliance requirements.

Never include Essential integrations for marketing purposes The Essential category should be reserved for integrations genuinely required for your website to function (e.g., basic analytics for site performance). Marketing and advertising integrations should always be categorizable by users.

Monitor consent decisions with the consent_election event Use the automatically-generated consent_election event to build consent audit reports without parsing consent objects from every event. This simplifies compliance reporting and investigation.

Enable the cookie selection icon Always provide users with an easy way to update their consent preferences. The cookie selection icon ensures transparency and demonstrates respect for user privacy.

Test consent in each environment Since consent settings are configured per environment, verify that consent is working correctly in staging before deploying to production. Check that integrations are properly categorized and that events flow (or don't flow) as expected.

Plan for adding new integrations Remember that new integrations added after Consent Manager setup will be blocked until categorized. Develop a process to categorize new integrations immediately upon configuration.

What's Next?

Now that you understand how Freshpaint Consent Manager works, you're ready to implement consent management for your Freshpaint account.

Here's what you can do next:

  • Enable the entitlement → Reach out to [email protected] to request access to Freshpaint Consent Manager

  • Review integration categories → Audit your existing integrations and determine appropriate categories for each

  • Test in a staging environment → Configure consent in a non-production environment first to ensure it works as expected

  • Monitor consent patterns → Use the consent_election event to understand how users interact with your consent interface

💡 Need help? If you're unsure about consent mode selection, integration categorization, or compliance implications, reach out to our team at [email protected].

PreviousConsent ManagementNextGlobal Privacy Control (GPC)

Last updated

Was this helpful?