Convert + DataGrail Consent
Convert is the most privacy-forward A/B testing tool on the market: it has native DNT (Do Not Track) and GPC (Global Privacy Control) support that automatically suppresses the entire tool when privacy signals are present. This guide shows you how to integrate Convert with DataGrail's consent banner.
Why Convert Is Different
Convert's privacy-by-design approach means it requires less consent integration work than other A/B testing tools:
- Only 2 cookies (most tools use 5-10+)
- Native DNT and GPC support — tool completely suppresses when privacy signals detected
- No IP address storage — anonymized at collection
- EU data residency — German servers, data never leaves EEA
- No cross-border transfers outside Europe
- ISO 27001, SOC 2 Type 2, HIPAA, GDPR, CCPA certified
Because Convert natively respects privacy signals, you may only need to configure cookie patterns in DataGrail — no complex JavaScript integration required.
Cookie Patterns
Convert uses the smallest cookie footprint of any major A/B testing tool. Add these as cookie rules in your DataGrail Consent dashboard under Cookie Management. For each pattern, select Add Rule, enter the match criteria, set the Category to Performance, and configure the retention:
| Match Criteria | Category | Retention | Purpose |
|---|---|---|---|
_conv_v | Performance | 180 days | Visitor ID, visit frequency, browsing behavior |
_conv_s | Performance | Session | Session: randomly selected experiment variations |
That's it — only 2 cookies total. No localStorage, no sessionStorage, no tracking pixels.
DNT and GPC Support
Convert provides the strongest privacy signal support in the A/B testing space:
Do Not Track (DNT)
When DNT is enabled in a visitor's browser, Convert does not load scripts or experiments at all — not just stops tracking, the entire tool is suppressed.
Configure in Convert dashboard:
- Go to Settings > Privacy
- Enable Do Not Track (DNT) Compliance
- Select geographic scope: EU only, EEA only, Worldwide, or OFF
- Save settings
Global Privacy Control (GPC)
GPC is the successor to DNT with legal backing. Convert natively supports GPC with the same suppression behavior and geographic scope options.
Why this matters: If your visitors have DNT or GPC enabled, Convert automatically respects their privacy preferences without requiring DataGrail intervention.
Recommended Approach
Given Convert's native privacy features, use a belt-and-suspenders approach:
- Enable DNT/GPC in Convert for automatic privacy signal respect
- Configure cookie blocking in DataGrail to gate Convert cookies behind Performance consent
- Let both systems work together — DNT/GPC handles privacy signals, DataGrail handles explicit consent
This ensures maximum privacy coverage regardless of how users express their preferences.
DataGrail Cookie Rule Configuration
Even with DNT/GPC enabled, you should still configure cookie rules in DataGrail to block Convert cookies until consent. Add the _conv_v and _conv_s rules as described in the Cookie Patterns section above. DataGrail will block and delete these cookies when a visitor denies Performance consent.
Consent Delay Configuration
Convert supports delaying cookie writing and data collection until consent is provided. This feature works alongside DataGrail:
In Convert dashboard:
- Navigate to Settings > Privacy & Compliance
- Enable Delay consent collection
- Configure consent cookie name (your DataGrail consent cookie)
- Save settings
Convert will monitor for your consent cookie and begin operations only after it detects consent has been granted.
CMP Integrations
Convert supports these CMPs out-of-the-box:
- CookieConsent.io
- Cookiebot
- Civic Cookie Control
- DataGrail (via cookie detection or custom configuration)
For DataGrail integration, use either:
- Cookie detection — Configure Convert to monitor DataGrail's consent cookie
- Custom JavaScript — Use DataGrail's
preference_callbackto signal Convert
JavaScript Integration (Optional)
If you need more control, integrate via DataGrail's callback system:
<script>
window.dgEvent = window.dgEvent || [];
function handleConvertConsent(preferences) {
if (window.DG_BANNER_API.categoryEnabled('performance')) {
console.log('Performance consent granted - Convert tracking enabled');
} else {
console.log('Performance consent denied - Convert remains inactive');
}
}
window.dgEvent.push({
event: "initial_preference_callback",
params: handleConvertConsent
});
window.dgEvent.push({
event: "preference_callback",
params: handleConvertConsent
});
</script>
Safety Features
Convert proactively warns you in the dashboard when configurations risk privacy violations:
- Small segment warning: Experiments targeting fewer than 100 visitors (could identify individuals)
- Personal data in audiences: Using cookies, JavaScript conditions, city, or customer ID
- Cross-domain tracking: Disabled by default (explicit opt-in required)
- Segmentation risks: Alerts when combining attributes could identify individuals
These warnings help you stay compliant even before consent enters the picture.
Data Anonymization
Convert offers a Data Anonymization feature that cleanses both incoming and historical data:
- Removes personally identifiable information
- Truncates IP addresses
- Strips URLs with PII in query parameters
- Can be applied retroactively to existing experiment data
Enable in Settings > Privacy > Data Anonymization.
Privacy-First Architecture
Convert's architecture differs from other A/B tools:
| Feature | Convert | Typical A/B Tool |
|---|---|---|
| Cookie count | 2 | 5-10+ |
| IP storage | Never stored | Stored by default |
| Data location | Germany (EU) | Often US-based |
| Cross-border transfers | None (EEA only) | Common |
| DNT/GPC support | Native suppression | Usually ignored |
| Third-party sharing | None | Common for analytics |
| DPA requirement | Free for all | Often paid/enterprise |
This makes Convert the easiest A/B tool to make compliant with GDPR and ePrivacy.
No-Consent Scenarios
In some scenarios, Convert's architecture may qualify for "strictly necessary" classification:
- Progressive rollouts of bugfixes or security patches
- A/B tests of accessibility improvements
- Infrastructure changes that don't involve behavioral tracking
Consult your legal team before classifying Convert as strictly necessary, but its minimal footprint and privacy design make it a stronger candidate than most tools.
Troubleshooting
Convert experiments still run even though consent was denied
Check:
- DNT/GPC is enabled in Convert dashboard with appropriate geographic scope
- Your DataGrail cookie blocking patterns include
_conv_* - The browser you're testing with actually has DNT or GPC enabled
- Convert's consent delay is configured to look for the correct consent cookie
Convert tracking stops even with consent granted
This usually means:
- DNT or GPC is enabled in the test browser
- Convert's DNT compliance is set to "Worldwide" (includes all visitors)
- An ad blocker is interfering with Convert's scripts
- Convert account is paused or experiments are stopped
Experiments display but no data is being collected
Possible causes:
- Consent delay is blocking data collection
- DNT/GPC is enabled for the test browser
- DataGrail cookie blocking is active but consent wasn't granted
- Check Convert dashboard for experiment status and visitor qualification
How do I verify DNT/GPC is working?
Test DNT/GPC support:
- Enable DNT in your browser (Privacy settings)
- Clear cookies and visit your site
- Open browser DevTools > Network tab
- Look for Convert script requests — they should NOT fire
- Check for
_conv_*cookies — they should NOT exist
Integration Comparison
| Approach | Setup Effort | Privacy Coverage | Recommended For |
|---|---|---|---|
| DNT/GPC only | Minimal (dashboard toggle) | Privacy signals only | Sites with privacy-conscious audiences |
| Cookie blocking only | Low (DataGrail patterns) | Explicit consent | Sites in strict GDPR markets |
| Both (belt-and-suspenders) | Low | Privacy signals + consent | Maximum compliance (recommended) |
| Custom JavaScript | Medium | Full control | Complex multi-CMP setups |
Related Resources
- Convert Privacy Documentation
- DataGrail Consent Banner Documentation
- For questions, contact support@datagrail.io
Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.