Join the waitlist and get Sublim Business free for 3 months  Claim offer

Product
Multichannel web analyticsAI recommendationsSEO audit & site healthBehavioral analyticsTask managementOKR trackingCampaign managementDashboards & Reports
Solutions
Marketing Manager / CMOTraffic Manager / GrowthDigital Project ManagerConsultant / Freelance
StartupsFreelancersMarketing agenciesSMEsMid-market & Enterprise
Resources
Product overviewIntegrationsBlogKnowledge base
Comparison
Sublim vs Google AnalyticsSublim vs PlausibleSublim vs MatomoSublim vs Simple AnalyticsSublim vs Fathom
PricingRequest a demo
Data & Technology

CMP: definition, how it works, and GDPR obligations

Guillaume Sallé
Guillaume Sallé
Analytics Content & Glossary Lead

Updated on February 22, 2026

Quick definition

A CMP (Consent Management Platform) is a technical solution that allows publishers to collect, manage, and store user consent for the use of cookies and trackers, in compliance with GDPR requirements. The CMP is both the visible cookie banner and the invisible infrastructure that transmits consent choices to the marketing and analytics tools deployed on the site.

How it works

A CMP fulfills several essential functions:

  • Choice interface (cookie banner) subject to strict requirements: a refusal option as accessible as the acceptance option, no dark patterns, a complete list of partners
  • Consent storage with timestamp and version of the applicable privacy policy
  • Real-time communication of choices to deployed tools, blocking or activating the corresponding scripts
  • Consent updates via a "Manage my preferences" link accessible at any time

Major market CMPs include Axeptio, Didomi, Cookiebot, OneTrust, and Usercentrics. Some rely on the TCF (Transparency and Consent Framework) from IAB Europe to pass consent throughout the programmatic chain.

The acceptance rate of a well-configured CMP falls between 50% and 75%, meaning that 25 to 50% of visitors refuse cookies — making their analytics data invisible if the tool depends on them.

Why it matters

A CMP is a legal obligation for any site using cookies or trackers that are not strictly necessary. Beyond compliance, its impact on analytics data is considerable:

  • With a refusal rate of 40%, you lose 40% of your traffic and conversion data
  • This bias severely distorts your understanding of acquisition and user experience
  • This is why some companies choose consent-exempt analytics tools

How to improve or use it

  1. 1Choose a neutral design that presents options in a balanced way without nudging toward the green button.
  2. 2Write clear, non-technical text to explain data usage.
  3. 3Segment cookie categories (analytics, advertising, personalization) to allow granular consent.
  4. 4Test different wordings and designs to find those that maximize acceptance rate while remaining compliant.
  5. 5Consider a cookieless analytics solution to eliminate dependence on consent.

With Sublim

Sublim is designed to work without cookies, which means it requires no CMP to collect GDPR-compliant analytics data. By eliminating consent dependence, Sublim guarantees 100% data collection — including the 30 to 50% of visitors who refuse cookies on classic consent banners. It is a decisive advantage for making decisions based on complete data.

Frequently asked questions

Is a CMP mandatory for all websites?

A CMP is only required if your site uses cookies or trackers that are not strictly necessary for its operation. If you use only essential functional cookies and cookieless analytics solutions (like Sublim), you do not need a CMP. The CNIL specifies the list of consent-exempt cookies.

What is the impact of a CMP on bounce rate?

An intrusive or poorly designed consent banner can increase bounce rate by 5 to 15%, as some users leave the site rather than interact with the banner. It is crucial to design a CMP whose user experience is smooth and non-aggressive to minimize this negative impact.

Is the IAB TCF v2.2 sufficient for GDPR compliance?

TCF (Transparency and Consent Framework) is an industry standard that facilitates consent management in programmatic advertising, but it has been the subject of unfavorable rulings by some European authorities (including the Belgian regulator). It should be considered one tool among others, not an automatic guarantee of GDPR compliance.

Related terms

GDPR

The GDPR (General Data Protection Regulation) is the European regulati

Third-party cookie

A third-party cookie is a text file placed on a user's browser by a do

First-party data

First-party data is all the data collected directly by an organisation

Server-side tracking

Server-side tracking is a method of collecting analytics data in which

Back to glossary
CMP: definition, how it works, and GDPR obligations, Sublim | Sublim Analytics