Publishing & Media

GCM v2 + TCF v2.3 infrastructure for programmatic advertising.

IAB TCF v2.3 SDK, Google Consent Mode v2 (5 signals), category-based script blocking and soft paywall integration for news sites, magazines and blogs. Manage your ad revenue in line with the consent process.

IAB TCF v2.3 SDK alpha active: the __tcfapi global, TC String generation and cross-frame postMessage handler are available. The official IAB Europe CMP certification (CMP ID + full GVL v3 synchronization) is targeted for Q4 2026. For your questions get in touch.

Try Free for 14 Days Publisher Demo

5

GCM v2 signals automatic

217+

Known cookie definitions

50+

3rd-party vendor support

Q4 2026

TCF official certification target

The real problem for publishers

Not an ordinary site. Far more complex.

News sites and magazine platforms work with an average of 50-150 3rd-party vendors. Each one has different consent requirements that need to be passed to the programmatic advertising ecosystem.

High vendor count

AdSense, DFP, Header Bidding SSPs, social pixels, analytics tools... None should run without consent. cerez.io controls them all from a single point with data-cb-category.

Ad revenue risk

Because ad revenue drops when consent is rejected, publishers pay attention to banner design. With Google Consent Mode v2, even for rejected consents, measurement is not entirely lost thanks to modeled conversions.

IAB TCF v2.3 requirement

The programmatic advertising ecosystem (SSP/DSP) generally expects an IAB TCF v2.3 compliant TC String. cerez.io's TCF SDK alpha provides __tcfapi and TC String generation; official CMP certification is targeted for Q4 2026.

Page speed is critical

On news sites, every 100ms of delay increases bounce. The Shadow DOM architecture isolates the banner CSS; the SDK loads async, and the sessionStorage cache prevents a server call on repeat visits.

Soft paywall compatibility

On sites offering premium content + ad revenue together, the consent status has to be coordinated with the paywall logic. The CerezBanner.getConsent() API works integrated with your own paywall system.

Multilingual publishing

With an international or multilingual readership, the consent banner must display correctly in every language. TR/EN/DE support; per-domain banner_language selection (automatic or fixed language).

Technical infrastructure

IAB TCF v2.3 + Google Consent Mode v2: two different protocols, one integration.

While the programmatic advertising ecosystem expects a TC String, Google Analytics and AdSense expect GCM v2 signals. cerez.io produces both from the same consent flow.

Your vendors can query the consent status.

The __tcfapi global function is active. SSP/DSP integration is provided via TC String generation, event broadcast (tcloaded / cmpuishown / useractioncomplete) and a cross-frame postMessage handler.

Vendor consent querying with TC String + __tcfapiLocator iframe support
GVL (Global Vendor List) synchronization, weekly automatic update
Official IAB Europe CMP ID + full certification: Q4 2026 target

While awaiting official certification, consider certified CMPs such as OneTrust or Sourcepoint for large programmatic advertising components. For your questions talk to us.

habersitesi.com.tr

// vendor SSP integration
__tcfapi('addEventListener', 2, cb)
// callback return
tcData.eventStatus
'useractioncomplete'
tcData.tcString
'CPzHq4APzHq4A...'

                            tcloaded
                            cmpuishown
                            useractioncomplete
                        

5 signals, automatically updated based on consent status.

When consent is given or rejected, Google tags are notified instantly. It starts in the default denied state and moves to granted based on the user's choice; for rejected consents, modeled conversions kick in.

ad_storage · ad_user_data · ad_personalization
analytics_storage · functionality_storage
Fully compatible with AdSense, GA4, Google Ads, GTM

Cookie product details

habersitesi.com.tr

GCM v2 / consent updated

ad_storage granted

ad_user_data granted

ad_personalization granted

analytics_storage granted

functionality_storage denied

default: denied → update post-consent

3rd-party control

No vendor script runs until consent is given.

Categorize any script tag with the data-cb-category attribute. cerez.io enables or blocks that category based on the user's choice.

index.html

<!-- AdSense -->
<script
  src="ads.js"
  data-cb-category="advertising"
  type="text/plain"
></script>

<!-- GA4 -->
<script
  src="gtag.js"
  data-cb-category="analytics"
  type="text/plain"
></script>

<!-- Meta Pixel -->
<script
  src="fbpixel.js"
  data-cb-category="marketing"
  type="text/plain"
></script>

Advertising

AdSense, DFP, Header Bidding

data-cb-category="advertising"

Analytics

GA4, Mixpanel, Hotjar

data-cb-category="analytics"

Marketing

Meta Pixel, TikTok Pixel

data-cb-category="marketing"

Personalization

Recommendations, A/B test

data-cb-category="personalization"

Scripts kept as type="text/plain" before consent is given are not executed by the browser. After consent cerez.io it switches them to type="text/javascript".

Revenue strategy

Ad revenue and subscription: both together.

On news sites offering premium content, running the consent process in coordination with your subscription offer both improves the user experience and protects two revenue channels.

RECOMMENDED

Soft Paywall

The consent banner + subscription offer are presented at the same time. The user chooses one of two paths; ad revenue and subscription revenue together.

Consent + free reading: ad revenue is preserved
Subscription: ad-free experience, subscription revenue is preserved
Applicable within the legal framework in force in EU countries
Custom integration with CerezBanner.getConsent()

Hard Cookie Wall

Content is completely hidden without giving consent or taking a subscription. cerez.io does not support this; it needs to be evaluated carefully.

Limited by German and Dutch regulators
Forcing consent alone is prohibited; a subscription option is mandatory
High abandonment rate risk

Solution map

When the publisher's need maps to a product feature.

Every publisher deals with a different problem. Below you can see which features solve common scenarios.

I work with AdSense, I show ads to EU users

GCM v2 integration + advertising category script blocking

Cookie Pro

I use a header bidding / programmatic SSP/DSP ecosystem

IAB TCF v2.3 SDK alpha (official certification Q4 2026)

Business / Publisher

I manage a combination of premium + free content

Soft paywall + CerezBanner.getConsent() API integration

Cookie Pro

My editor wants to test the banner appearance on the published page

Preview mode with the ?cb_preview=true parameter (no consent is written, no log is kept)

All plans

I have a TR + EN + DE readership, the banner should display correctly in every language

Multilingual banner (TR/EN/DE) + per-domain banner_language selection (automatic / fixed)

Starter+

I have millions of pageviews per month, the banner is slowing down the page

Shadow DOM isolation + async SDK loading + sessionStorage cache

All plans

FAQ

Questions on publishers' minds

What does cerez.io offer publishers?

Google Consent Mode v2 (5 signals automatic), 3rd-party script blocking (data-cb-category attribute), consent log retention, 6 banner positions, multilingual banner (TR/EN/DE) and soft paywall APIs. IAB TCF v2.3 SDK alpha is active; official IAB Europe CMP certification (CMP ID + full GVL v3 synchronization) is targeted for Q4 2026. For full programmatic advertising ecosystem integration, large publishers should also consider certified CMPs such as OneTrust or Sourcepoint until the certification date.

Does it work with Google AdSense?

Yes. You can wrap the AdSense script with the data-cb-category="advertising" attribute and control it on a category basis. GCM v2 signals (ad_storage, ad_user_data, ad_personalization) are updated automatically based on consent status. Large publishers wanting full AdSense compliance for EU/UK traffic should await cerez.io's official TCF v2.3 certification (Q4 2026) or use a certified CMP in parallel.

Is there IAB TCF v2.3 support?

TCF v2.3 SDK alpha is active. The __tcfapi global, TC String generation, event broadcast (tcloaded / cmpuishown / useractioncomplete) and cross-frame postMessage handler are available; vendors can query the consent status. The official certification including the official IAB Europe CMP ID + full GVL v3 synchronization is targeted for Q4 2026.

How are paywall + consent combined?

A soft paywall is recommended: the consent banner + subscription offer are presented in parallel. cerez.io reads the consent status via the API (CerezBanner.getConsent()) and is run together with your own paywall logic. A hard cookie wall (closing content to those who do not give consent) is permitted only to a limited extent in EU countries; cerez.io does not offer a native hard wall, so your own implementation is required.

Does the banner slow down page speed?

Thanks to the Shadow DOM architecture, the banner CSS runs completely isolated from the page styles. The SDK loads async; the single-line JS embed code is added directly to the <head>. With the sessionStorage cache, no server call is made on repeat visits and the banner is drawn instantly. Minimal impact on Core Web Vitals is the aim.

Is consent skipped for editor preview?

Yes. With the URL parameter ?cb_preview=true, the existing consent is skipped in preview mode; the banner is always shown, no cookie is written, nothing is recorded to the consent log, and no heartbeat is sent. Editors and administrators can run a full test before publishing.

Which is the right plan for publishing?

Çok dilli içerik ve yüksek pageview için Cookie İş / Yayıncı planı önerilir. 5M+ pageview/ay'lık büyük yayıncılar için Enterprise (özel teklif): yüksek pageview kotası, çoklu domain, bireysel SLA ve kurumsal e-posta desteği dahil. Get in touch, and we prepare an offer tailored to your needs.