Quick Start

5 minute read · Updated March 2026

Pactorio adds a GDPR-compliant consent banner to your site with two script tags. This guide takes you from zero to a working banner.

Step 1 — Install the snippet

Copy the two script tags below and paste them at the very top of your <head> element, before any other scripts. Replace YOUR_CUSTOMER_ID with your actual Customer ID.

<!-- 1. Pactorio: paste at the very top of <head>, before any other scripts -->
<script>/* paste the inline snippet from your Admin → Install tab here */</script>

<!-- 2. Pactorio bundle: paste immediately after the snippet -->
<script
  src="https://cookie-banners-config.onrender.com/sdk/v1/bundle.js"
  data-cc-id="YOUR_CUSTOMER_ID"
  async
></script>

The easiest way to get the exact snippet pre-filled with your Customer ID is the Install tab in the Admin UI — it shows a ready-to-copy block with your ID already substituted.

What the two tags do

Using a tag manager?

If you use Google Tag Manager, Segment, or a similar tool, the inline snippet must still be pasted directly in your HTML — not loaded through the tag manager. The snippet must run synchronously before anything else, which tag managers cannot guarantee.

You can still load your analytics and marketing tags through the tag manager — just make sure the Pactorio snippet loads before the tag manager's own script.

Blocking declarative scripts

Scripts added directly in your HTML (not via document.createElement) need a small change to be blocked:

<!-- Before: loads immediately -->
<script src="https://www.googletagmanager.com/gtm.js"></script>

<!-- After: blocked until analytics consent -->
<script
  type="text/plain"
  data-cc-category="analytics"
  src="https://www.googletagmanager.com/gtm.js"
></script>

Set type="text/plain" so the browser ignores the script, and data-cc-category to the slug of the consent category that should gate it (e.g. analytics, marketing).

Step 2 — Register your domain

The domain allowlist prevents other sites from copying your Customer ID and using it on their own pages. Once you register at least one domain, the SDK will silently do nothing on any unregistered site.

1. 1

   Open the Admin UI

   Go to cookie-banners-admin.onrender.com, sign in, then click Load.

2. 2

   Go to the Domains tab

   Click the Domains tab in the editor.

3. 3

   Add your domain

   Type your site's hostname (e.g. example.com or www.example.com) and click Add Domain. Enter the bare hostname — no https://, no trailing slash.

4. 4

   Add any other domains

   Add staging, preview, or subdomain variants separately (e.g. staging.example.com). localhost is always exempt — you don't need to register it.

Step 3 — Verify it works

1. 1

   Open a private/incognito window

   This ensures no stored consent state from a previous session is present.

2. 2

   Visit your site

   The consent banner should appear within a second of the page loading.

3. 3

   Check the browser console

   Open DevTools → Console. You should see [cc]-prefixed log lines showing config loaded, geo resolved, and scripts queued.

4. 4

   Check your config URL

   Visit https://cookie-banners-config.onrender.com/config/v1/YOUR_CUSTOMER_ID.json directly to confirm your config is being served.

Next steps

• Configure your banner — customise text, colours, and cookie categories
• Run the script scanner — discover third-party scripts on your site
• Set geo rules — require opt-in for EU visitors, opt-out for others
• GDPR compliance guide — understand your obligations