Antonio Candela

Hello @jamieburchell ,

Thank you for reaching out!

To answer your first question: no, custom services should not be wiped out when a new scan is performed. I tested this on a fresh environment and could not reproduce the issue. To rule out any naming conflicts, I even named my custom service “Facebook” just like you did, and it remained intact after multiple scans and cookie syncs.

The issue you are experiencing might be related to your site’s REST API. Our plugin uses the REST API to save custom services to the cookie policy. It is possible that the service appears to be created on the frontend interface, but fails to actually save in the backend database. I recommend checking your Site for any REST API errors, or checking your browser’s console for errors when you try to save the service.

Regarding your question about GTM and blocking: You are correct that Complianz won’t automatically block it in your current setup, but a quick clarification is needed since there are two ways to insert the Meta Pixel:

• Via GTM (Your setup): Because GTM injects the script asynchronously, Complianz cannot block it directly. To make it compliant, you must configure GTM triggers based on Complianz consent states – ignore this if you want Facebook loaded prior consent. (Please consult our GTM documentation guide for exactly how to set this up)
• Via normal HTML embed: If the script were placed directly into the website’s source code, enabling the Facebook service in Complianz would block it automatically prior to consent.

So, you could technically select the Facebook service in Complianz and it won’t break your GTM setup, but to actually block the Pixel before consent is given, those GTM triggers must be configured.

I hope this gives you a clearer view of how Complianz handles blocking.

Best regards,
Antonio

Hello @christel235 ,

Thank you for reaching out.

The reason Complianz’s cookie scanner doesn’t detect _GRECAPTCHA is that Google reCAPTCHA v2 Invisible only sets the cookie after user interaction not simply on page load. This means the automated scanner will rarely be able to intercept it.
Also, the cookies rc::a, rc::b and rc::c that appear in your generated cookie policy are sessionStorage cookies used by reCAPTCHA, which don’t always show up in standard scans.

The good news is that pre-consent blocking is working correctly, so technically you’re fine.

For the cookie list issue, you can add _GRECAPTCHA manually by following our guides:

• https://complianz.io/how-to-identify-cookies-installed-by-your-website/
• https://complianz.io/how-to-update-and-troubleshoot-services-cookies-in-complianz-a-quick-guide/

This should solve your issue. I hope it helps.

Best regards,
Antonio

Hello @chengjianping,

Thank you for reaching out.

Looking at your screenshot, it seems you just needed to go through the final settings to finish the setup and enable the banner. For future reference, whenever the “Consent Banner” section is grayed out in the dashboard, it means that the final step of the wizard still needs to be completed and submitted.

I just checked your website, and I can confirm that our plugin is now displaying the banner correctly!

Please let us know if you need any further assistance.

Hi @jehnlemole ,

Thank you for reaching out, and I apologize for the frustration this has caused.

To help us investigate why the “Clear Data on Uninstall” option isn’t working as expected in your specific setup, could you please share the exact option names or database tables you are seeing reappear? Once we have those details, I can forward them to the Team.

Regarding your other concern, I want to reassure you that while Complianz is now part of the iubenda group, we continue to operate as a standalone product with our own independent identity, dedicated development team, and roadmap.

Finally, while we fully understand your frustration regarding the database issue, we kindly ask that we keep the conversation constructive and respectful, in accordance with the WordPress forum guidelines. We are here to help you get this sorted out.

Please let me know which specific values are stuck in your database, and I will look into it for you.ù

Best regards,
Antonio

Hello @effiem ,

Thank you for reaching out and for choosing our plugin.

Regarding the issue, 403 Forbidden errors are not always caused solely by the server firewall or .htaccess rules. They often stem from other plugins or security configurations that impose limits on internal networking or restrict access to the WordPress REST API.

Since the Complianz relies heavily on the REST API to load its settings, I recommend checking if you have any security plugins (e.g., Wordfence, iThemes, All In One Security) active on Production that might be configured more strictly than on Staging. Please specifically look for settings that might be blocking REST API calls or JSON requests.

I hope this helps you narrow down the cause. Let us know what you find, so we can help you.

Best,
Antonio

Hello @marzamele ,

Thank you for reaching out.

I checked your website, but I was unable to locate the YouTube video you mentioned. Could you please send us the exact link or specify where it is located so we can analyze the behavior?

Additionally, could you please clarify how the video is embedded?

• Standard Iframe: If it is a standard <iframe> code provided by YouTube, and the YouTube service is enabled under Integrations > Services, it should be blocked automatically.
• Plugin/Theme (Background Video): If the video is inserted via a plugin (e.g., a slider or page builder) or as a CSS background, it might be loading via a JavaScript API rather than a direct iframe. In this case, it can sometimes bypass the standard blocker and requires a different configuration.

Looking forward to your feedback.

Best,
Antonio

Hello @jamieburchell ,

Thank you for reaching out and for your detailed questions.

To confirm your understanding: Yes, currently, our integration works by hiding the HubSpot banner and managing the consent signal by categorizing the HubSpot service under Marketing.

This integration method was established a few years ago. Because the HubSpot service is categorized as “Marketing” within Complianz, the mechanism is straightforward:

• Opt-in: When a user accepts “Marketing” in Complianz, we release the HubSpot scripts.
• Opt-out / Change of mind: If the user revokes consent via the Complianz Manage Consent, we block the execution of the HubSpot scripts again. Therefore, the state of the hidden HubSpot banner becomes irrelevant on subsequent page loads because the script itself is not allowed to execute.

For the standard implementation details, please refer to our official guide: https://complianz.io/hubspot-integration/

Regarding the HubSpot Cookie Consent API: You make a valid point. Now that HubSpot has released a stable API (as referenced in your link), we are indeed evaluating an evolution of our integration to utilize this direct API method in a future release. This would allow for a cleaner synchronization of state without relying on DOM manipulation.

Best,
Antonio