Geolocation
You can configure Geolocation Settings to determine which consent model, behaviors, and content will be shown to visitors depending on their location.
This ensures your store displays the right banner based on the applicable privacy laws in each region.
How Geolocation Detection Works
Our built-in geolocation detection service identifies the visitor’s general location (approximately at the city level).
- The location is not stored.
- It is used only to determine which geolocation rule applies.
Available Geolocation Options
You can choose from the following options when setting banner visibility:
- Global visibility
Show the banner to all visitors worldwide.
- EU/EEA & UK (GDPR)
Display the banner for visitors from the European Union, European Economic Area, and United Kingdom under the General Data Protection Regulation (GDPR).
- United States (State Laws)
Display the banner for visitors from U.S. states with active privacy laws, including:
- California: CCPA/CPRA
- Virginia: VCDPA
- Colorado: CPA
- Connecticut: CTDPA
- Utah: UCPA
- Montana: MCDPA
- Texas: TDPSA
- Oregon: OCDPA
- Iowa: ICDPA
- Nebraska: NCDPA
- Delaware: DPDPA
- New Hampshire: NHPA
- New Jersey: NJDPA
- Tennessee: TIPA
- Minnesota: MCDPA
- Brazil (LGPD)
Display the banner under the Brazilian General Data Protection Law (Lei Geral de Proteção de Dados).
- Canada
Display the banner for visitors from Canada under:
- Federal Law: PIPEDA
- Quebec: PIPEDA + Law 25
- Rest of Canada: PIPEDA
- Japan (APPI)
Display the banner under the Act on the Protection of Personal Information.
- Thailand (PDPA)
Display the banner under the Personal Data Protection Act.
- Switzerland (FADP)
Display the banner under the Federal Act on Data Protection.
- South Africa (POPIA)
Display the banner under the Protection of Personal Information Act.
- Australia (APA)
Display the banner under the Australian Privacy Act.
- New Zealand (NZPA)
Display the banner under the New Zealand Privacy Act 2020.
Why Geolocation Matters
- Compliance by region: Ensure your store meets the exact privacy law requirements based on where your visitors are located.
- Better user experience: Visitors only see banners when required by their local regulations.
- Flexibility: You can choose to apply strict global rules or customize visibility by region.
Regions and Applicable Privacy Laws
Region / Country | Applicable Law(s) | Consent Requirement |
---|---|---|
Global | N/A | Show to all visitors regardless of region |
EU/EEA & UK | GDPR | Explicit opt-in required for non-essential cookies |
United States (by state) | CCPA/CPRA (CA), VCDPA (VA), CPA (CO), CTDPA (CT), UCPA (UT), MCDPA (MT), TDPSA (TX), OCDPA (OR), ICDPA (IA), NCDPA (NE), DPDPA (DE), NHPA (NH), NJDPA (NJ), TIPA (TN), MCDPA (MN) | Opt-out required (user must be able to reject sale/sharing of data) |
Brazil | LGPD | Explicit consent required for data processing |
Canada (federal) | PIPEDA | Implied or explicit consent depending on sensitivity |
Canada (Quebec) | PIPEDA + Law 25 | Stricter consent rules, explicit consent required |
Japan | APPI | Explicit consent required for cross-border transfers and sensitive data |
Thailand | PDPA | Explicit consent required before processing personal data |
Switzerland | FADP | Explicit consent required for sensitive personal data |
South Africa | POPIA | Consent required for processing personal information |
Australia | APA | Consent required, with emphasis on transparency and opt-out |
New Zealand | NZPA 2020 | Consent required; focus on lawful purpose and minimal collection |
Updated on: 29/09/2025
Thank you!