ConsentLabConsentLab
Get started free
FeaturesPricingFAQDocumentationBlogLog in

Terms of Use

Derniere mise a jour : April 14, 2026

1. Purpose

These Terms of Use (hereinafter the "Terms") govern the conditions of use of the ConsentLab platform (hereinafter the "Platform"), accessible at consentlab.eu, published by Bob le Développeur (registered with the French Trade Register under SIRET 891 488 512 00015 — bob-le-developpeur.com), hereinafter referred to as the "Provider".

The Platform is a software-as-a-service (SaaS) cookie consent management platform allowing professionals to comply with the obligations of the General Data Protection Regulation (GDPR), the ePrivacy Directive and the guidelines of the CNIL (France's data protection authority) regarding cookies and trackers.

Any registration or use of the Platform implies unreserved acceptance of these Terms. If you do not accept these conditions, you must not use the Platform.

2. Definitions

  • "Customer": any natural or legal person registered on the Platform in a professional capacity.
  • "Visitor": any person browsing a Customer's website and interacting with the ConsentLab widget.
  • "Widget": the cookie consent banner integrated by the Customer on their website via a JavaScript snippet provided by the Platform.
  • "Consent Data": the records of choices (acceptance, refusal, customisation) made by Visitors via the Widget.
  • "Session": each unique interaction of a Visitor with the Widget, identified anonymously.
  • "API Key": unique identification key associated with each Customer project, allowing authentication of the Widget.

3. Account creation

3.1 Eligibility

The Platform is intended for professional (B2B) use. The Customer declares acting in the context of their professional activity at the time of registration.

3.2 Account creation

Registration requires providing the following information: email address, password, first name, last name, and optionally company name. The Customer undertakes to provide accurate, complete and up-to-date information.

Passwords are encrypted using the bcrypt algorithm (12 salting rounds). The Provider never stores passwords in plain text and cannot under any circumstances communicate them to the Customer.

3.3 Account security

The Customer is solely responsible for the confidentiality of their login credentials. Any use of the Platform from their account is deemed to have been carried out by the Customer. In case of suspected unauthorised use, the Customer must inform the Provider without delay at support@consentlab.eu.

4. Service description

4.1 Main features

The Platform offers the following features:

  • Generation and customisation of a cookie consent banner (colours, text, position, languages)
  • Collection and archiving of Visitor consent records
  • Native support for Google Consent Mode v2
  • Automatic blocking of third-party scripts before consent is obtained
  • Consent statistics (acceptance rate, geographic breakdown, device types)
  • CSV export of consent records
  • Multi-domain and multi-project management
  • Shopify integration

4.2 Widget

The Widget is a lightweight JavaScript script (~15 KB gzipped) provided by the Provider. The Customer integrates it on their website via a snippet placed in the <head> tag. The Widget is publicly inspectable for transparency purposes.

4.3 Anonymisation of Visitor data

Visitor data is anonymised before storage. The Visitor's IP address is combined with their user-agent and a rotating daily salt, then hashed irreversibly (SHA-256). No IP address is stored in plain text. This method does not allow re-identification of the Visitor.

5. Obligations of the Customer

The Customer undertakes to:

  • Use the Platform in accordance with its purpose and applicable laws, in particular the GDPR and CNIL guidelines
  • Correctly configure the Widget according to the needs of their site (cookie categories, information texts, languages)
  • Inform their Visitors of the existence and purpose of cookies in accordance with Article 82 of the French Data Protection Act
  • Not use the Platform for unlawful, fraudulent purposes or in a way that infringes third-party rights
  • Not attempt to circumvent the technical limitations of their subscription plan
  • Not reproduce, duplicate or resell the service without express authorisation

6. Liability of the Provider

6.1 Best-effort obligation

The Provider undertakes to provide the Platform with diligence and in accordance with industry standards. The Platform is provided "as is". The Provider does not guarantee that the Platform will be free from any error or interruption.

6.2 Compliance tool, not legal advice

ConsentLab is a technical tool that helps with compliance with applicable cookie and consent regulations. ConsentLab does not constitute legal advice and does not guarantee the Customer's overall legal compliance.

The Customer's compliance depends on multiple factors, including the configuration of the tool by the Customer, their own data collection practices, all of their data processing activities, and the evolution of regulations and case law. The Customer remains solely responsible for their overall GDPR compliance as data controller within the meaning of Article 4 of the GDPR.

6.3 Limitation of liability

The Provider's liability is limited to direct, foreseeable and personal damage suffered by the Customer, in accordance with Article 1231-3 of the French Civil Code. In any event, the Provider's total liability is capped at the total amount paid by the Customer during the twelve (12) months preceding the event giving rise to the damage.

Indirect damage is expressly excluded, including, without limitation: loss of revenue, loss of data, loss of reputation, loss of profit, loss of opportunity, commercial damage.

The Provider is not liable for administrative penalties imposed against the Customer by the CNIL or any other supervisory authority due to the Customer's non-compliance with their own obligations as data controller. However, the Provider assumes liability for damage caused by processing for which it has not complied with the GDPR obligations specifically applicable to processors (Article 82-2 of the GDPR).

6.4 Continuity of the consent service

The Provider undertakes never to disable a Customer's Widget due to exceeding the session quota. The consent banner will continue to operate even if the quota is exceeded, in line with the Customer's legal obligations regarding the collection of consent (Article 82 of the French Data Protection Act).

7. Intellectual property

The Platform, its source code, interfaces, documentation and all of its content are protected by the French Intellectual Property Code (Articles L.111-1 and L.122-1 of the IPC).

The Customer is granted a non-exclusive, non-assignable and non-transferable right to use the Platform and the Widget for the duration of their subscription. This right is strictly limited to the use of the service within the framework of the Customer's professional activity.

8. Availability

The Provider strives to keep the Platform accessible 24 hours a day, 7 days a week. However, access may be temporarily interrupted for maintenance, updates or in cases of force majeure (Article 1218 of the French Civil Code).

The Provider undertakes to inform the Customer within a reasonable time of any scheduled maintenance likely to affect the availability of the service. Emergency maintenance (security, stability) may be performed without notice.

9. Personal data

The processing of personal data carried out within the framework of the Platform is described in our Privacy Policy.

In the context of collecting Visitor consent data, the Provider acts as a processor within the meaning of Article 28 of the GDPR. The processing conditions are detailed in our Data Processing Agreement (DPA).

10. Changes to the Terms

The Provider reserves the right to modify these Terms at any time. Changes take effect thirty (30) days after their publication on the Platform. The Customer will be informed by email of any substantial change. Continued use of the Platform after the changes take effect constitutes acceptance of the new Terms.

11. Termination

The Customer may terminate their account at any time from the Platform dashboard or by contacting support@consentlab.eu. Termination takes effect at the end of the current subscription period.

The Provider may suspend or terminate a Customer's account in case of breach of these Terms, after a formal notice that has remained without effect for fifteen (15) days.

In case of termination, the Customer may request the export of their configuration data and consent records in a standard format (CSV) before the final deletion of their account.

12. Applicable law and disputes

These Terms are governed by French law. In case of dispute relating to their interpretation or performance, the parties undertake to seek an amicable solution. Failing an amicable agreement within thirty (30) days, the dispute will be submitted to the competent courts within the jurisdiction of the Provider's registered office (Paris).

13. Contact

For any question relating to these Terms, the Customer may contact the Provider at: contact@consentlab.eu.