United Kingdom

Tag and consent monitoring under UK GDPR, ICO guidance, and PECR.

One async script in your <head>. We watch real UK visitors, flag consent drift, and keep a firing log your privacy team can hand to the ICO. EU data residency available, GBP invoicing on annual.

Start 14-day trialsee pricing →
# eu_residency · pecr-aware · ico-grade firing log · consent mode v2 validated
# where_consent_mode_v2_goes_wrong

Four parameters, four ways to break it.

A working deployment turns into a broken one between sprints. We watch the four signals on every page load.

ad_storage
1

Set before the CMP loads, overwritten after, or never written at all.

ad_user_data
2

Default state left unsignalled, so Google never sees the grant.

ad_personalization
3

Updated on consent change but not on page load, breaking repeat visitors.

analytics_storage
4

Ungated on a subset of templates, often after a redesign.

# with_and_without_real_user_monitoring

Finding out on Monday vs. three weeks later.

The difference between a reconstructed audit trail and one your DPO already has.

without
CMP update ships on Thursday, consent mode breaks quietly
Google Ads conversions trail off before anyone checks a graph
ICO asks for a firing log, you reconstruct it from memory
QA only sees one browser, one consent state, one page
Evidence lives in screenshots and Slack threads
with TagDrishti
Alert within minutes when a consent parameter changes shape
Breakage scoped to the URL, browser, and consent path
Continuous firing log kept in EU residency on request
Root cause narrowed to the tag, trigger, or CMP variable
Exports suitable for ICO questions and internal audits
# post_brexit_data_residency

UK GDPR is its own regime now.

Where your tag telemetry sits matters to your DPO. Here is the lay of the land.

UK GDPR
Retained EU law, enforced by the ICO, applies to your UK visitors. Personal data definitions, lawful bases, and DSAR rights all carry over.
PECR
Cookie and pixel consent sits under the Privacy and Electronic Communications Regulations, not just UK GDPR. The ICO enforces both.
EU residency
TagDrishti runs in europe-west1 on request for UK and EU teams. Events, sessions, and firing logs stay in-region.
Sub-processors
Google Cloud, Supabase, and Resend, all documented for Article 30 records. DPA on request, sub-processor list versioned.
# pricing

USD list, GBP invoicing on annual.

14-day free trial on every plan, no credit card. Enterprise terms for higher volume and tighter SLAs.

$49

Site

One property. Real-user tag and consent monitoring, drift alerts, and a firing log kept for your auditors.

$799

Monitor

Multiple properties. Vendor diffing against your privacy policy, PECR consent validation, and EU residency on request.

$3,555

Observe

Higher volume and tighter SLAs. Article 30 style records, 72-hour breach SLA, and PCI DSS 6.4.3 alignment.

eu residency · pecr-aware · ico-grade firing log

Watch your UK traffic the way your auditors will.

Add one async script in your <head>. Fourteen days free, no card, EU residency available. Decide after you have seen real data.

Start free trialSee pricing
14 days, no credit card$49 to startEU region available