One of my clients is thinking about using Consent PRO.
However, there are some concerns about consent data being stored outside the EU.
Where do you store the tracking data?
Is it anonym and DGPR conform?
Hey @uebersaxsamuel!
Here’s what we can confirm from the documentation right now, and where we need to dig a bit deeper with the team.
On the documented side, Consent Pro is built for strict privacy regulations including GDPR and CCPA — it covers opt-in banners, consent logging, and region-specific settings. Consent records are automatically stored in the Consent Pro app (visible in the Logs & Records section), and the solution communicates with api.consentpro.com for its functionality.
There’s also an option to save an additional copy of consent records to your own database via Cloudflare KV, which gives you more direct control over where that data lives. Worth knowing about if your client wants that extra layer of ownership.
That said, the documentation does explicitly note that “full compliance with applicable data protection laws also depends on factors such as server locations and data processing practices, which remain your responsibility.” — and it doesn’t currently specify the geographic location of the servers, data anonymization practices, or whether a Data Processing Agreement (DPA) is available.
So for your specific questions:
- Where exactly is consent data stored (EU vs. outside EU)?
- Is the stored data anonymized?
- Is a DPA available?
…we don’t want to guess on those, especially when your client is relying on accurate answers. We’re looping in the team now to get you a proper response on those points 