Helps getting your Rails app GDPR compliant


Add this line to your application's Gemfile:

gem 'gdpr'

And then execute:

$ bundle

Or install it yourself as:

$ gem install gdpr

Add this to layout:

  <%= render 'gdpr/cookie_consent' %>

Add this to javascripts:

//= require gdpr/cookie_consent

Add this to stylesheets:

@import 'gdpr/cookie_consent'

Set the privacy policy url in the locales.


This will display a cookie banner with both Validate & Reject buttons. You can force the re-display of the banner with a button/link including a .js-gdpr__cookie_consent__display_again class.

If you have a GTAG marker you should use it like this

    window.dataLayer = window.dataLayer || [];
    function gtag(){dataLayer.push(arguments);}
    if (Cookies.get('gdpr.cookie_consent.ok') !== 'true') {
      // Default ad_storage to 'denied'.
      gtag('consent', 'default', {
        'ad_storage': 'denied',
        'analytics_storage': 'denied'
    gtag('js', new Date());
    gtag('config', 'G-XXXXXXXX');


  • [x] Cookie consent
  • [ ] Privacy policy
  • [ ] There must be an optin
  • [ ] Optin must be unchecked by default
  • [ ] Account must be deletable
  • [ ] Users must have access to their data
  • [ ] Users must be able to modify their data


Inspired by cookies_eu (, thank you :)


Feel free to pull request!


The gem is available as open source under the terms of the MIT License.