FAQ

No. The consent ingestion endpoint resolves a coarse country from edge geo headers and stores only a per-website-peppered hash. The raw IP never lands in our database.

In a Supabase project of your choice; you pick the region when you create it. Document it in your customer's DPA along with Vercel (dashboard hosting) and Stripe (billing) if relevant.

The loader reads their decision from first-party storage (localStorage + cookie), callsgtag('consent', 'update', …) with the saved state, and skips the banner. They can change it any time via window.AdsvantageConsent.openPreferences().

We fall back to a first-party cookie. Both are written so a single decision survives private windows, partial blocks and browser quirks.