Does Iubenda actually block trackers before consent?
When it's installed and configured correctly — yes, that's its job. The problem is that plenty of real-world setups leak anyway, for reasons that have nothing to do with Iubenda itself. Here's where the leaks come from, and how to verify yours in 30 seconds.
Iubenda generates privacy policies, cookie policies, and terms, and pairs them with a consent banner and cookie solution whose prior-blocking mechanism holds tagged scripts until the visitor consents — widely used by SMBs and agencies, especially in Europe.
RegSentry is not a consent platform and doesn't replace Iubenda — it's the independent check that your Iubenda setup is actually holding trackers back until visitors consent. The two are complementary: one manages consent, the other verifies enforcement.
Verify your Iubenda setup — free real-browser scan, 30 seconds.
Real browser scan, no signup to run it. You see a summary of the findings; the full report with every tracker unlocks with your email.
What Iubenda does well
Lawyer-maintained policy generators that stay current as laws change
A consent banner with per-category choices and consent records
Prior blocking that genuinely holds correctly-tagged scripts until consent
Agency-friendly: one platform for policies + consent across many client sites
The 5 ways a correctly-installed Iubenda banner still leaks
None of these are bugs in Iubenda. They're the coverage and configuration gaps that show up on real sites — the reasons a banner that looks right can still fire trackers before consent:
1. Scripts that never got the prior-blocking markup Iubenda's prior blocking works on scripts that are tagged for it (or matched by its auto-detection). A new tag added without the markup — by a developer who didn't know the convention — executes immediately.
2. Tags added outside Iubenda Pixels pasted into the theme or injected by plugins bypass the cookie solution entirely.
3. Tag-manager triggers that ignore consent state If GTM fires tags on page-load instead of on consent, the prior-blocking never gets a chance to apply.
4. Banner running notice-only A banner that displays and logs choices without blocking configured holds nothing back.
5. A tracker classified as “necessary” Anything in the always-allowed category loads pre-consent by design — one wrong classification is a standing leak.
Why independent verification matters
In our 2026 scan of 1,478 small-business websites, 58% fired at least one tracker before the visitor consented — and nearly every affected site already had some consent setup in place. That's not an argument against using Iubenda; it's the argument for verifying that any consent setup, from any vendor, is actually enforcing. A banner that displays and a banner that blocks look identical to the naked eye. The network tells the truth.
How RegSentry independently verifies enforcement
A real headless browser, not a checklist RegSentry loads your public pages the way a first-time visitor's browser would — with no stored cookies and no prior consent.
It never touches the banner The scan deliberately makes no consent interaction. Whatever contacts a third-party server in that window did so before consent — which is exactly what wiretapping and privacy claims turn on.
Every tracker's first contact, timestamped The scan records the precise moment each session-replay, analytics, chat, and ad-pixel script first calls home, so you get evidence — script, page, and timing — not a guess.
Independent by design RegSentry has no stake in your Iubenda configuration. It doesn't know or care which scripts are supposed to be gated — it just reports what actually fired. That independence is the point of a verification layer.
Then it keeps watching Monitoring re-scans on a schedule and emails you when a NEW tracker shows up firing before consent — so the tag someone adds next month doesn't quietly undo today's clean result.
How to verify your Iubenda setup in 30 seconds
Enter your domain below. No signup, no code to install, nothing changes on your site.
RegSentry loads your site in a real browser and never touches the Iubenda banner — it just watches the network, the way a plaintiff firm's scanner would.
Anything that fired before consent shows up in the report — which script, which page, when — plus the specific fix for each tool (gate it through Iubenda, correct its category, or wire the tag-manager trigger to consent).
Prefer to eyeball it first? Open your site in a fresh incognito window with DevTools → Network open, reload, and don't click the banner — requests to tracking domains before you consent are the leak. The scan just does that check thoroughly, on every page that matters, with evidence.
See whether your Iubenda banner is actually blocking — free, no signup.
Real browser scan, no signup to run it. You see a summary of the findings; the full report with every tracker unlocks with your email.