This page is available in English. Switch to English

Skip to content
Open Source

Open-Source Cookie Consent for Magento 2 + Hyvä — GDPR-Compliant, Google Consent Mode v2 Ready

3 min read
Cookie-Consent-Banner auf einem Magento-Storefront mit Consent-Mode-Einstellungen

If you run a Magento store in Europe, you need GDPR-compliant cookie consent. The existing options for Hyvä-based stores are not great.

The SaaS solutions like Cookiebot and CookieYes add external scripts, hurt performance, and cost money every month. Generic Magento modules don’t work properly with Hyvä’s Alpine.js architecture. And most cookie banners don’t actually block anything — they show a banner while loading tracking scripts regardless of what the user clicked.

So I built one.

Pixelperfect Hyvä Cookie Consent is a native Magento 2 module built specifically for Hyvä. MIT licensed, free for commercial use.

It actually blocks cookies

This isn’t a cosmetic banner. Until a user gives explicit consent, no analytics or marketing cookies are set. Scripts are wrapped in <template> tags with data-consent-category attributes and only activated after consent is granted. The mechanism is straightforward and auditable.

Google Consent Mode v2 with zero configuration

The module implements Google Consent Mode v2 natively. Before GTM loads, consent defaults are set:

gtag('consent', 'default', {
  'analytics_storage': 'denied',
  'ad_storage': 'denied',
  'ad_user_data': 'denied',
  'ad_personalization': 'denied',
});

When the user grants consent, the module fires a consent update. No changes needed in your GTM container — tags with Consent Mode enabled automatically respect the consent state.

CSP and Full Page Cache

Two things that break most cookie consent solutions:

Content Security Policy: the module doesn’t use inline scripts that would violate CSP. It’s built to work with Magento’s strict CSP mode from the start.

Full Page Cache: consent is handled entirely client-side via Alpine.js, so it works correctly with Varnish or built-in FPC. No hole-punching needed.

What’s included out of the box

Four consent categories: Necessary, Analytics, Marketing, and Preferences. Each maps to Google Consent Mode signals automatically.

Built-in service templates for GTM (with strict and infrastructure loading strategies), Google Analytics 4, Facebook Pixel, Microsoft Clarity, Hotjar, and Matomo.

Adding custom services

If you need to add a tracking service that isn’t included, drop a cookie_consent.xml in your module:

<service code="custom_tracking">
    <title>Custom Tracking</title>
    <category>analytics</category>
    <template>Vendor_Module::services/custom.phtml</template>
    <cookies>
        <cookie name="_custom">
            <description>Custom tracking ID</description>
            <duration>1 year</duration>
        </cookie>
    </cookies>
</service>

No core modifications, no rewrites. Standard Magento DI.

Configuration

Everything lives under Stores → Configuration → Web → Cookie Consent (Hyvä). Modal or bottom bar style, configurable headline and description, cookie lifetime, consent versioning (useful if you need to force re-consent after a policy change), per-service enable/disable, and a floating settings button so users can revisit their choices.

Translations for English, German, French, Spanish, and Italian are included.

Why open source

Cookie consent is a legal requirement, not a feature. Every Hyvä store in Europe needs it. The existing options are either overpriced, underbuilt, or both. Releasing this as open source means the community has a solid foundation to build on rather than paying for something that should just work.

The repository includes a Playwright test suite for automated verification, which was useful to have while building it and should be useful to anyone extending it.

If it saves you time, a star on GitHub is appreciated. If you need help implementing it or want something custom built on top, get in touch.

Cookie Consent GDPR Hyvä Magento Open Source