CJakCiasteczko
Get started
How it works

Four steps.
Eight minutes. Done.

Every step shown live with animations. By the bottom of the page you know exactly what you get and how long deployment takes.

0160 seconds

Sign up

Email, password, done. 30 days free, no credit card. The account immediately gives you the panel where you manage domains and the banner.

cjakciasteczko.pl/signup
Email
you@company.com
Password
••••••••
Start free trial →
0230 seconds

Add a domain

Type your site's hostname (no https, no www). Without it the script stays silent on the customer's site by design — access control starts here.

cjakciasteczko.pl/app/domains/new
Hostname
yourdomain.com
✓ Domain added. Script will start once you paste the snippet.
032 minutes

Paste the snippet

Copy two lines from the panel, paste into your site's <head> before any other tag. The banner appears instantly, Google Consent Mode v2 defaults are set before any tag fires.

index.html
 1<head> 2  <script> 3    window.CookieConsentConfig = { domain: "yourdomain.com" }; 4  </script> 5  <script async src="https://cjakciasteczko.pl/v1/cjakciasteczko.js"></script> 6</head>
045 minutes

Configure the look

Change layout (modal / banner / floating), brand colors, font, animations from the panel. Live preview on every change. Save → propagates to your visitors in 60 seconds, no deploy.

cjakciasteczko.pl/app/domains/...
Primary
#4863F7
Background
#FFFFFF
Text
#161616
Modal
Banner
Floating
✓ Saved. Update visible live on your sites in ~60s.

What happens under the hood

Skipping the UI — during those 8 minutes a fair amount of automation runs on your behalf. Most of it invisible, but worth knowing about.

  1. GCM v2 default = denied

    The first thing our script does — push gtag('consent', 'default', { ...denied, wait_for_update: 500 }). Before any Google tag. That guarantees no _ga or _gcl_ lands on the visitor's device before their decision.

  2. Cookie scanner

    One click in the panel runs a domain scan — Playwright visits your site, captures every cookie set + every external host, classifies (necessary / analytics / marketing), shows the report. Trackers that haven't set cookies yet (because Consent Mode = denied) are detected via network requests too.

  3. Hash-chain audit trail

    Every visitor consent record saves prevHash + thisHash (SHA-256) in the DB. Meaning: if anyone tries to forge consent history the hash chain breaks and it's visible. The regulator gets hard proof during an audit that a specific visitor accepted X at moment Y.

  4. Floating reopen button

    After acceptance a small cookie appears in the corner. Click → preferences. Implements GDPR art. 7(3) — consent withdrawal as easy as its expression. Most CMPs ignore this.

  5. Live config from panel

    The script fetches your banner config from our API (theme, layout, copy, privacy URL). Cached 60 seconds in visitor localStorage. You edit in the panel → it propagates to every page of yours in a minute, zero deploy on your end.

  6. Site-status gate

    Every visitor asks our backend whether the domain has an active subscription / trial. If not — script stays silent (no banner, Consent Mode stays denied). Meaning: don't pay, your script stops working. Honest billing.

Really 8 minutes.

Sign up, add a domain, paste the snippet — your consent banner is in production faster than you finish reading a 30-page OneTrust SLA.

Start nowAudit your site firstLive demo