iubenda
iubenda is a compliance software used by businesses for their websites and apps.
Websites Using iubenda
What Is iubenda?
iubenda is a privacy and legal-compliance platform that helps website and app owners meet requirements such as cookie consent, privacy policies, terms and conditions, and consent record-keeping. Rather than a single script, iubenda is a hosted service that generates legal documents and supplies embeddable widgets, most visibly a cookie-consent banner, that a site loads to display notices, collect and store user consent, and block or unblock tracking technologies accordingly. It is widely used by small and medium businesses, agencies, and publishers that need a turnkey way to address regulations like the GDPR, ePrivacy, and similar laws around the world.
iubenda is a third-party, client-side integration backed by a hosted back end. It is not a content management system, a server framework, or a browser extension. A site owner configures their policies and consent settings in the iubenda dashboard, then adds iubenda's scripts to their pages. Those scripts render the consent banner, manage the user's choices, and link to the generated privacy and cookie policies, which are themselves hosted on iubenda's domain. Because the integration runs in the browser and loads assets from iubenda's own infrastructure, it leaves clear, recognizable fingerprints in a page's HTML, network requests, and cookies.
The platform's purpose is best understood as outsourcing legal-compliance plumbing. Writing a compliant privacy policy, building a consent banner that records choices in a defensible way, and keeping both current as regulations change is time-consuming and error-prone. iubenda packages those tasks into a subscription product: you answer questions about your business, choose the regulations and languages you need, and the service produces the documents and widgets, updating them as laws evolve. That is why iubenda appears so often on commercial sites, blogs, and ecommerce stores whose owners want defensible compliance without retaining a lawyer or building consent infrastructure themselves.
It helps to be precise about iubenda's role relative to the rest of a site. iubenda does not host the website or process its core data; it provides the legal documents and the consent layer that sit on top of whatever stack the site already runs. The cookie-consent component, in particular, acts as a gatekeeper for other technologies: when configured for prior blocking, it prevents analytics and advertising scripts from running until the user grants consent. Recognizing that gatekeeping role makes iubenda's detection signals easier to interpret, because its fingerprints are about the consent and policy layer, not the underlying site.
How iubenda Works
iubenda's functionality is split between a hosted dashboard and the client-side assets a site embeds. In the dashboard, the owner builds a Privacy and Cookie Policy by selecting the services their site uses, such as analytics providers, advertising networks, and embedded media, and iubenda assembles the appropriate disclosures. It can also generate Terms and Conditions and other documents. Each generated policy lives at a hosted URL on iubenda.com, and the site links to it, often through an embeddable badge that opens the policy in a styled overlay.
The most visible piece is the Cookie Solution, iubenda's consent-management component. The site includes a configuration script that defines the site identifier and consent options, followed by iubenda's autoblocking and banner scripts. On page load, the Cookie Solution displays a consent banner describing the categories of cookies in use and offering accept, reject, and customize options. Until the user makes a choice, iubenda can suppress, or "autoblock", scripts it recognizes as tracking technologies, so that analytics and advertising do not fire without consent. Once the user chooses, iubenda stores their preferences and unblocks the permitted categories.
Consent storage and proof are central. iubenda records the user's choices in a cookie on the site and can log consent to its Consent Database, a hosted record-keeping service that stores a timestamped proof of each user's consent for accountability. This combination, a banner that gates scripts plus a back end that preserves evidence of consent, is what distinguishes a full consent-management platform from a simple cookie notice.
Mechanically, the autoblocking works by scanning the page for known tracking scripts and preventing them from executing until the relevant consent category is granted, then re-enabling them afterward. iubenda maintains a catalog of recognized services so it can categorize and block them automatically, though site owners can also tag scripts manually. The banner, badges, and policy overlays are styled by iubenda's own stylesheets and rendered into the DOM with iubenda-specific identifiers and class names, which is why the integration is straightforward to recognize from the outside.
The lifecycle is worth tracing end to end. On page load, the iubenda configuration script runs first, defining the site's consent settings, then the Cookie Solution script loads from iubenda's CDN. The script checks whether the visitor has already consented; if not, it autoblocks recognized tracking scripts and presents the banner. The visitor accepts, rejects, or customizes their choices, iubenda writes a consent cookie and, where enabled, logs the proof to the Consent Database, and the permitted scripts are unblocked. On return visits, the stored consent is read and the banner is suppressed unless the user reopens their preferences. This configure, block, prompt, store, unblock cycle is consistent across iubenda deployments.
How to Tell if a Website Uses iubenda
iubenda leaves several dependable fingerprints. Because StackOptic analyzes a URL from the server side, it inspects the same raw HTML, asset references, and cookies you can examine by hand with browser tools or curl. The most reliable approach is to combine several of the signals below.
Script and CDN domains. The clearest tell is a request to iubenda's asset domains, most notably cdn.iubenda.com. You will commonly see scripts such as cdn.iubenda.com/cs/iubenda_cs.js (the Cookie Solution) and a configuration block referencing _iub. Seeing assets loaded from iubenda.com is close to definitive.
The _iub configuration object. iubenda's banner is configured through a global JavaScript object named _iub, typically set in an inline script that also contains a numeric siteId and other consent options. Finding _iub and siteId in the page source is a strong, specific signal.
Policy links and badges. Sites using iubenda almost always link to a hosted policy at a URL like https://www.iubenda.com/privacy-policy/<id>. The privacy-policy and cookie-policy links, often rendered as iubenda "badges," point at iubenda.com with a numeric policy identifier.
Consent cookies. iubenda stores the user's consent in cookies. Inspecting the Application/Storage cookies panel after interacting with the banner reveals iubenda consent cookies, commonly with names beginning _iub_cs (the cookie-solution consent record). These are a recognizable tell.
Banner DOM and classes. When the banner renders, iubenda injects a container with recognizable identifiers and class names (for example an #iubenda-cs-banner element and iubenda-cs-* classes). Inspecting the DOM shows these immediately.
| Method | What to do | What iubenda reveals |
|---|---|---|
| View Source | "View Page Source" on any page | cdn.iubenda.com script URLs, the _iub object with siteId, policy links |
| Browser DevTools | Inspect the Network tab and the cookies panel | Requests to iubenda.com, the consent banner DOM, _iub_cs* cookies |
| DevTools Console | Type _iub | A defined configuration object confirms iubenda is present |
| curl -I / curl -s | `curl -s https://example.com | grep -i iubenda` |
| Wappalyzer | Run the extension on the live page | Identifies "iubenda" under cookie compliance/consent |
A fast terminal check is curl -s https://example.com | grep -i "iubenda". If that returns script references or a policy link, the site is using iubenda. Because the consent banner gates other tracking, identifying iubenda is often the first step in mapping a site's analytics and advertising stack, so it pairs naturally with our guides on how to read a website's HTTP headers and how to find out what analytics a website uses.
A few caveats make detection more robust. Because the consent layer is meant to be visible, iubenda rarely hides itself; the cdn.iubenda.com requests and the _iub object are present on virtually every deployment. The main subtlety is that some sites self-host or proxy a portion of the assets, or wrap the configuration inside a tag manager, which can move where the _iub block appears. Even then, the hosted policy link on iubenda.com and the _iub_cs* consent cookie are difficult to disguise because the documents and consent records genuinely live on iubenda's infrastructure. Combining the CDN request, the configuration object, the policy link, and the consent cookie yields a confident verdict, and pulling the raw server response makes those signals easy to read without browser interference.
Key Features
- Cookie consent banner. A configurable, multilingual consent banner with accept, reject, and granular customize options.
- Prior blocking / autoblocking. Automatic suppression of recognized tracking scripts until the user grants the relevant consent.
- Generated legal documents. Privacy policies, cookie policies, and terms and conditions assembled from the services a site declares.
- Consent record-keeping. A hosted Consent Database that stores timestamped proof of each user's consent for accountability.
- Multi-regulation support. Configurations aimed at GDPR, ePrivacy, and other regional privacy laws, with region-aware behavior.
- Hosted policy pages and badges. Documents hosted on iubenda's domain, embeddable as styled badges and overlays.
- Integrations. Works alongside CMS platforms, tag managers, and common analytics and advertising tools.
Pros and Cons
Pros
- Turnkey compliance: documents and consent infrastructure without writing them from scratch.
- Autoblocking helps prevent tracking scripts from firing before consent, supporting a defensible setup.
- Maintained as regulations change, reducing the burden of keeping policies current.
- Multilingual and multi-regulation support suits sites with international audiences.
Cons
- A subscription cost that scales with features, which adds an ongoing expense.
- Generated documents are templates, not bespoke legal advice tailored to unusual situations.
- The consent scripts add third-party requests and some page weight, with privacy and performance implications.
- Autoblocking depends on iubenda recognizing a script, so unusual or custom trackers may need manual tagging.
iubenda vs Alternatives
iubenda competes with other consent-management platforms and legal-document generators. The table clarifies its niche.
| Platform | Focus | Document generation | Typical users |
|---|---|---|---|
| iubenda | Consent plus legal documents | Yes, built in | SMBs, agencies, publishers wanting all-in-one compliance |
| Cookiebot | Consent management and scanning | Limited | Sites needing deep cookie scanning and consent logging |
| OneTrust | Enterprise privacy management | Yes, enterprise-grade | Large organizations with broad privacy programs |
| Termly | Consent plus policy generation | Yes, built in | Small businesses seeking a low-cost all-in-one |
| Custom banner + lawyer-written policy | Bespoke | No (manual) | Sites with specific needs and in-house legal support |
If a site turns out to use a different consent tool, the same network-and-cookie inspection identifies it. Because a consent banner so often sits alongside older front-end code, you may also find a utility like jQuery loaded on the same page, which together with the consent layer helps characterize the site's overall stack.
Use Cases
iubenda is the natural choice for site owners who need defensible privacy compliance without building it themselves. Small and medium businesses use it to add a consent banner and generated privacy and cookie policies quickly. Agencies deploy it across many client sites to standardize compliance and avoid hand-writing documents for each project.
It also fits bloggers and publishers running ads and analytics who must gate those scripts behind consent, ecommerce stores handling customer data and payment processors, and SaaS marketing sites serving international visitors subject to varying regulations. For technology and market research, detecting iubenda signals a privacy-conscious operation, frequently a commercial site that monetizes through analytics or advertising and therefore needs robust consent. That, in turn, hints at the kinds of tracking technologies the consent layer is gating.
Consider a few concrete adopters. A regional ecommerce store might use iubenda to present a GDPR-compliant banner, block its analytics and remarketing pixels until consent, and link to a generated privacy policy. A content publisher running display advertising might rely on iubenda's autoblocking to ensure ad scripts only load after consent, with the Consent Database storing proof. A digital agency might bundle iubenda into every site it builds so each client launches with compliant documents and a working banner. The common thread is a need to satisfy privacy law efficiently across one or many sites.
From a competitive-intelligence standpoint, spotting iubenda on a domain is a useful data point. It indicates the organization takes consent seriously and almost certainly runs analytics or advertising that the banner is gating, which is valuable when profiling a site's measurement and monetization stack or when assessing how a prospect handles privacy. The broader practice of mapping these layers connects to how to find out what technology a website uses, and surfacing the consent platform automatically across many domains is exactly the kind of insight a detection tool provides.
Frequently Asked Questions
Is iubenda free?
iubenda offers a limited free tier for basic needs, but its full feature set, including advanced consent management, the Consent Database, and richer document generation, is part of paid subscriptions. Pricing scales with the features and number of sites. Many small sites start free and upgrade as they add analytics, advertising, or international audiences that demand more robust consent handling.
How do I know if a site uses iubenda?
Check the page source for scripts loaded from cdn.iubenda.com, an inline _iub configuration object that includes a numeric siteId, and links to a hosted policy at iubenda.com/privacy-policy/<id>. In DevTools, look for the consent banner DOM (such as an #iubenda-cs-banner element) and _iub_cs* consent cookies. A quick curl -s URL | grep -i iubenda confirms it from any terminal.
Does iubenda actually block tracking cookies?
iubenda's prior-blocking (autoblocking) feature is designed to suppress recognized tracking scripts until the user grants the relevant consent, then unblock the permitted categories. It works by identifying known services and preventing them from executing before consent. Its effectiveness depends on iubenda recognizing each script; unusual or custom trackers may need to be tagged manually so they are blocked correctly.
Is the privacy policy from iubenda legally sufficient?
iubenda generates policies from the services and regulations you declare, and they are designed to address common requirements like the GDPR and ePrivacy. They are templates assembled from a maintained legal framework rather than bespoke advice for unusual circumstances. For straightforward sites this is often adequate, but organizations with complex or unusual data practices may still want a lawyer to review the result.
Why does the consent banner load before analytics?
When configured for prior blocking, iubenda's configuration and Cookie Solution scripts are meant to run before analytics and advertising so the banner can gate them. The consent layer acts as a gatekeeper: it autoblocks recognized trackers until the user consents, then unblocks the permitted ones. That ordering, the _iub config first, the banner next, and tracking scripts only after consent, is a deliberate part of how iubenda enforces consent.
Want to detect iubenda and the full stack behind any site in seconds? Try StackOptic at https://stackoptic.com.
Alternatives to iubenda
Compare iubenda
Analyze a Website
Check if any website uses iubenda and discover its full technology stack.
Analyze Now