Issue with Google Consent Mode v2 — Consent Defaults to "Granted" (Needs to Be Denied by Default)

Dear Support Team,
I am using the Ultimate GDPR Compliance Toolkit for WordPress and appreciate the features it provides. However, I am encountering a compliance issue specifically related to Google Consent Mode v2 implementation.

❗ Issue:

By default, the following consent is automatically granted:
gtag("consent", "default", {
ad_storage: "granted",
analytics_storage: "granted",
functionality_storage: "granted",
personalization_storage: "granted",
security_storage: "granted",
ad_user_data: "granted",
ad_personalization: "granted"
});

This behavior is not GDPR-compliant because all non-essential consent values must be set to "denied" until the user explicitly provides consent.

✅ Expected Behavior:

Per Google Consent Mode v2 and GDPR requirements, the plugin should allow (or automatically implement) a way to:

• Set all non-essential storage types (analytics_storage, ad_storage, etc.) to "denied" by default on first visit.
  
• Trigger "granted" updates only when the user accepts cookies.
  
• Hook into user actions (accept/reject) using JS to update gtag('consent', 'update', {...}) accordingly.
  
  

--------------
IP Address: 103.148.92.13

We are still waiting for your reply. 

--------------
IP Address: 103.148.92.13

Hello, 

Thank you for contacting us.
To get full control of these elements, I would recommend using instead the Google Consent Mode V2. 
Please follow this part of our documentation: https://gdpr-plugin.readthedocs.io/en/latest/tcf/TCF.html#content , where you will find how to set our plugin's settings to meet your requests :) 

If you have any additional questions about this feature in the plugin, please let me know!

Kind Regards
Magda Stepnowska
Senior Support Specialist






SUPPORT HOURS: MO-FR, 10:00AM - 6:00PM UTC+1
Need a developer? Try www.remotedevelopers.eu

Unfortunately, we implemented the things as per the given guidelines, but nothing is working properly. This is our 3rd time meeting with Google Ads support team, and every time they said that your cookies consent is not properly implemented. 

Here are the Google helping guides 
https://developers.google.com/tag-platform/security/guides/consent?consentmode=advanced#implementation_example
https://support.google.com/google-ads/answer/14218557?hl=en&ref_topic=14226291&sjid=1073671243087755039-NC

After doing this step, our GTM stopped working and is not connecting. 
Step 3 - Go to Ultimate GDPR & CCPA > TCF Compliance > Custom HEAD code and paste your tracking code.

To add custom scripts into the <head>, go to Flat Pack Sheds > Theme Options > Custom Code . Also, see the attached image for clarification. Our GTM code is working fine there.

Let's schedule a meeting to fix this ASAP. Thanks

--------------
IP Address: 103.148.92.20

Hello, 

We forwarded this ticket to our devs for further investigation. I will get back to you as soon as they finish checking this problem,  having received the latest information from you. 

Kind Regards
Magda Stepnowska
Senior Support Specialist






SUPPORT HOURS: MO-FR, 10:00AM - 6:00PM UTC+1
Need a developer? Try www.remotedevelopers.eu

Hi Magda,

How much time will it take? We will wait accordingly. Thanks

--------------
IP Address: 103.148.92.20

We are still waiting...

--------------
IP Address: 103.148.92.20

I just want to update here that we tried to figure out the issue, and I think it's working fine now, but you can double check whether it's working as per above shared google requirements or not?

Note: I tried to put the given script in your plugin section as well as our theme option, and in both cases, it's going into the head tag, so now this is in our theme options. Thanks

<script>
    window.dataLayer = window.dataLayer || [];
    function gtag() {
      dataLayer.push(arguments);
    }
    if(localStorage.getItem('consentMode') === null) {
      gtag("consent", "default", {
        ad_personalization: "denied",
        ad_storage: "denied",
        ad_user_data: "denied",
        analytics_storage: "denied",
        functionality_storage: "denied",
        personalization_storage: "denied",
        security_storage: "granted"
      });
    } else {
      gtag('consent', 'default', JSON.parse(localStorage.getItem('consentMode')));
    }
</script>
<!-- Google Tag Manager -->
<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer','GTM-TRV2QWQ');</script>
<!-- End Google Tag Manager -->

--------------
IP Address: 103.148.92.20

Hello Shafiq, 

I have forwarded your comment to our developers, and they will investigate this matter. 
But as I understand, you were already able to solve the problem, and the provided solution fixed the problem on your website? Or do you have any other issues related to our plugin? 

Kind Regards
Magda Stepnowska
Senior Support Specialist






SUPPORT HOURS: MO-FR, 10:00AM - 6:00PM UTC+1
Need a developer? Try www.remotedevelopers.eu

Hello Magda,
We’re currently using the Ultimate GDPR Compliance plugin with TCF 2.2 and Google Consent Mode v2 enabled. The consent popup is displaying correctly on first visit, which is great.
However, we are experiencing an issue where Google Tag Manager tags are not firing consistently, even after the user accepts consent.
While debugging through GTM Preview Mode, we can see that GTM shows as "Connected", but sometimes:

• The tags never fire even after granting consent
  
• Sometimes they fire as expected
  
• No console errors appear, but GTM behaves inconsistently
  

We’ve verified that:

• Consent is being accepted (consent state saved in localStorage)
  
• GTM is properly embedded and initialized through the plugin
  
• No manual scripts are overriding gtag() or dataLayer values
  

This appears to be a timing or consent synchronization issue between the plugin and GTM.
Can you please advise:

1. Is there a recommended way to ensure GTM listens to consent changes consistently?
   
2. Are there any known conflicts with certain GTM configurations (e.g., tag sequencing)?
   
3. Should we use a custom event or delay for better sync between plugin and GTM?

--------------
IP Address: 103.148.92.20

Hi, 

1. The recommended way to ensure GTM listens to consent changes consistently is https://tagassistant.google.com/ which is the best tool to helps users verify and troubleshoot their Google Tag Manager (GTM) and Google Analytics implementations.
 
2. While I don't have any information on conflicts with GTM configurations like tag sequencing, it's generally a good practice to ensure that your tags are set up correctly to work with the Ultimate GDPR Compliance plugin. For optimal performance, make sure that your Google Consent Mode v2 settings are properly configured in the plugin, and that your GTM tags are sequenced in a way that respects user consent. You might want to refer to the GTM Configuration overview for guidance on setting this up.

3. Using a custom event or a delay can be beneficial for better synchronization between the Ultimate GDPR Compliance plugin and GTM, especially when dealing with user consent.
Implementing a custom event can help ensure that GTM tags fire only after the user's consent choices are made. This way, you can control the timing of when your tags are activated based on the consent status.
Alternatively, using a delay can also help, but it may not be as precise as a custom event. If you choose to go this route, make sure the delay is long enough to allow the consent popup to be displayed and the user to make a choice.
For the best results, consider using a custom event that listens for the consent status update. This approach typically provides a more reliable synchronization between the plugin and GTM.

Kind Regards
Magda Stepnowska
Senior Support Specialist








SUPPORT HOURS: MO-FR, 10:00AM - 6:00PM UTC+1
Need a developer? Try www.remotedevelopers.eu

Hi Magda,
Thank you for your previous guidance.
We’ve followed your documentation on enabling Google Consent Mode v2 with TCF support, and the consent popup appears correctly. However, we’re still facing a core issue:

🔴 Issue:

• GTM (GTM-TRV2QWQ) often does not trigger, even after consent is accepted.
  
• Tag Assistant shows: Google Tag: GTM-TRV2QWQ not found.
  
• Ultimate_GDPR is frequently undefined on page load, so our listener on Ultimate_GDPR_Accept fails.
  
• When we try to inject GTM after detecting consent, the timing is inconsistent, and the tag fails to load reliably.
  

🧪 What We've Tried:

• Using window.addEventListener("Ultimate_GDPR_Accept", ...)
  
• Manually dispatching the event if Ultimate_GDPR.hasConsented() is true
  
• Delaying GTM injection until consent, but it still fails intermittently
  

✅ Our Goal:

We want GTM to fire only after consent is accepted, with Consent Mode v2 defaults set to "denied".

🙋 Questions:

1. Is Ultimate_GDPR guaranteed to be globally available in TCF mode?
   
2. Is it recommended to inject GTM manually after consent, or should the plugin handle this?
   
3. What’s the most reliable way to sync GTM with your plugin’s consent state?
   

Thanks for your continued support.

--------------
IP Address: 103.148.92.20

Hi Magda,
I’ve decided to stop using the Ultimate_GDPR plugin. After around 15 days of testing and multiple replies, we were still unable to get GTM working consistently with Consent Mode v2 — even with all recommended configurations applied.
The plugin wasn’t exposing the necessary JS objects reliably, and GTM never triggered after consent. I switched to Complianz GDPR, and everything started working within 10 minutes — without needing any support at all.
Thank you for your replies, but unfortunately, this plugin was not a fit for our use case.

--------------
IP Address: 103.148.92.20