ConsentCheck

Limitations & Disclaimers

This page explains what ConsentCheck can and cannot verify. Being explicit about limitations is important: it increases trust and helps you interpret scan results correctly.

1. Technical Scope of the Scan

ConsentCheck analyzes what happens in the browser when a new visitor lands on your site. It observes cookies, network requests, Consent Mode configuration, and consent banners. It does not read your Google Ads account, GA4 account, or CMP configuration screens.

  • We report what we observed in the browser, not what dashboards say should happen.
  • We focus on signals that affect Google Ads conversion measurement and consent behavior.
  • We do not attempt to simulate every possible user path or edge case.

2. What ConsentCheck Cannot Verify

Some things are fundamentally outside the reach of an automated browser‑based diagnostic:

  • Legal compliance: we do not provide legal advice, regulatory opinions, or compliance certifications. We do not judge whether your setup complies with GDPR, CCPA, or any other law.
  • Google Ads / GA4 account data: we cannot see your bids, budgets, conversion columns, attribution windows, or modeled conversions inside Google platforms.
  • Business outcomes: we do not estimate ROI, ROAS, or revenue. We highlight technical patterns that are likely to affect measurement, not business performance directly.
  • Full site behavior: we scan one URL and adjacent flows. We do not crawl your entire site or test every page template, checkout step, or logged‑in area.
  • Server‑side pipelines: we do not audit your server‑side GTM containers, APIs, or back‑end conversion logic. We only infer their presence from browser‑visible requests.

3. Why Google Ads UI ≠ Browser Behavior

It is common for the Google Ads or GA4 interface to disagree with what the browser is doing. A few reasons:

  • Delayed and modeled data: the Google Ads UI includes modeled conversions, attribution rules, and lookback windows that can hide short‑term tracking issues.
  • Account‑level overrides: account settings, conversion goals, and filters can cause events to appear or disappear independently of what the browser sends.
  • Sampling and aggregation: dashboards operate on aggregated data, whereas the scan observes individual requests.

ConsentCheck intentionally starts from the browser and asks: "What signals are actually being sent (or blocked)?" It does not try to reconcile that with every nuance of account reporting.

4. Why Server‑Side Setups Require Manual Checks

When we detect server‑side GTM or similar endpoints, we adjust how we interpret missing browser‑side conversions. However, there are limits to what we can know:

  • We can see that a server‑side endpoint is called; we cannot see the full payload.
  • We cannot see how consent state is mapped or enforced inside your server.
  • We cannot tell which conversions Google Ads ultimately counts from those server events.

For complex server‑side setups, you should treat ConsentCheck as a browser‑level probe and complement it with:

  • Server‑side GTM or log inspection.
  • Google Ads / GA4 debug views and test conversions.
  • Internal documentation of how consent is propagated to the server.

5. Single‑Page & Timing Limitations

The scan runs for a limited time on a specific URL. This introduces a few practical constraints:

  • Flows that occur only on deep pages or after log‑in may not be reached.
  • A/B tests, personalization, or bot protection can cause different users to see different behavior than the scanner.
  • Delayed scripts, late‑loading banners, or slow third‑party code can shift the order in which events appear.

6. Legal Disclaimer

ConsentCheck does not provide legal advice. It is a technical diagnostic tool. Nothing in the scan results or documentation should be interpreted as legal guidance or a guarantee of compliance.

You should consult with qualified legal counsel for questions about GDPR, CCPA, or any other regulatory framework. Use the scan as one input into your overall compliance and measurement strategy, not as the sole basis for decisions.

7. How to Use These Results Responsibly

  • Use the report to identify technical issues worth investigating further.
  • Cross‑check with Ads/GA dashboards, server‑side logs, and CMP settings.
  • Discuss findings with your developers, analysts, and legal team.

For details on how the scanner works under the hood, see the Methodology page.