Framer and Cookies: What Designers Need to Know
Framer has carved out a strong position among designers who want to publish production websites without writing traditional code. Its built-in analytics run without cookies, using a daily-rotating hash of IP address and user agent to calculate unique visitors. That privacy-first approach means a plain Framer site with no third-party integrations does not set non-essential cookies.
The picture changes as soon as you add external scripts. Google Analytics drops _ga and _ga_* cookies. The Meta Pixel sets _fbp. Hotjar stores session data in _hjSessionUser. Each of these qualifies as a non-essential cookie under Article 5(3) of the ePrivacy Directive, which requires prior consent before any information is stored on a visitor's device.
If your Framer site targets visitors in the EU, UK, or Brazil, you need a mechanism to collect that consent before those cookies fire.
Why Framer's Built-in Cookie Banner Falls Short
Framer does offer a native cookie banner component tied to Google Tag Manager and Google Consent Mode. It handles basic accept/reject flows and can separate EU from non-EU behaviour. For sites that only use Google services, this component may be sufficient.
Most design-focused Framer sites go further. You might embed a YouTube video, load a live chat widget, add LinkedIn tracking, or integrate a Calendly embed. The built-in component does not manage consent signals for these services. It also lacks automatic cookie scanning to detect what your site actually sets, and it does not provide granular category-based consent where visitors choose between analytics, marketing, and functional cookies separately.
Regulatory guidance from the CNIL and the EDPB makes clear that consent must be granular by purpose. A single accept/reject toggle does not meet this standard when your site sets cookies across multiple categories.
Common Cookies Found on Framer Sites
Before adding a consent banner, it helps to know what cookies your Framer site actually sets. Running a free cookie scan will give you a complete picture, but here are the most common culprits on Framer-built websites.
| Cookie | Source | Category | Duration |
|---|---|---|---|
_ga | Google Analytics 4 | Analytics | 2 years |
_ga_* | Google Analytics 4 | Analytics | 2 years |
_fbp | Meta Pixel | Marketing | 3 months |
_gcl_au | Google Ads | Marketing | 3 months |
_hjSessionUser_* | Hotjar | Analytics | 1 year |
li_sugr | LinkedIn Insight Tag | Marketing | 3 months |
PHPSESSID | Third-party embeds | Functional | Session |
Any cookie outside the strictly necessary category requires consent before it is set. Framer's own analytics, by contrast, are cookieless and do not appear in this list.
Where to Inject a Cookie Banner Script in Framer
Framer provides four custom code injection points within Project Settings. Open your project, navigate to Settings, select Custom Code, and click Show Advanced to reveal all four slots.
The four injection points are:
Head Start - loads before anything else in the document head
Head End - loads just before the closing head tag
Body Start - executes when the body begins rendering
Body End - runs after the full page has loaded
For a cookie consent script, Head End is the correct placement. The banner script must load before any tracking scripts fire, and placing it at the end of the head ensures it initialises early enough to intercept non-essential cookies. Your tracking scripts (GA4, Meta Pixel, and others) should then be loaded conditionally, only after consent is granted.
Custom code injection is available only on Framer's paid plans. If you are on a free plan, you will need to upgrade before adding any external scripts.
Setting Up Cookie Consent on Your Framer Site
The process follows three steps: scan, configure, and install. Each step takes only a few minutes.
Step 1: Scan Your Site for Cookies
Run an automated scan to identify every cookie your Framer site sets. This includes cookies from embedded iframes, third-party scripts, and any analytics tools you have added. Kukie.io's scanner detects and categorises cookies automatically, so you do not need to maintain a manual inventory.
Step 2: Configure Your Banner
Set up your consent banner to match your Framer site's design. Choose colours, fonts, and button styles that fit your brand. Configure region-based rules so that EU visitors see an opt-in banner while visitors from regions without strict cookie laws see a simpler notice. This geo-detection approach avoids showing unnecessary consent prompts to visitors who do not require them.
Step 3: Install the Script
Copy your banner script tag and paste it into the Head End section of Framer's custom code settings. The full installation walkthrough is covered in the Framer installation guide in the Help Centre. After publishing your site, verify the banner appears and that non-essential cookies are blocked until consent is given.
Blocking Scripts Until Consent Is Granted
Installing a cookie banner is only half the job. The banner must actually prevent non-essential cookies from firing before a visitor makes a choice. If your GA4 tag loads on page render and drops _ga before the visitor clicks "Accept", the banner is cosmetic and your site is not compliant.
There are two reliable approaches for Framer sites. The first is Google Consent Mode v2, which communicates consent status to Google services so that tags adjust their behaviour based on the visitor's choice. The second is conditional script loading, where tracking scripts are injected into the page only after consent for the relevant category has been recorded.
Both methods work with Framer's custom code injection. If you use Google Tag Manager to manage your tags, configure it to respect consent signals rather than firing all tags on page load. The GTM integration guide covers this setup.
GDPR and ePrivacy Requirements for Framer Sites
The legal obligations are the same regardless of which website builder you use. Under the GDPR, consent must be freely given, specific, informed, and unambiguous. Pre-ticked checkboxes do not count. The CNIL fined one major retailer over EUR 150 million in part for non-compliant cookie practices, and the UK ICO has run systematic reviews of the top 1,000 websites to check banner compliance.
For Framer site owners, the practical requirements are:
Block all non-essential cookies until the visitor actively opts in
Offer granular choices by cookie category (analytics, marketing, functional)
Provide a one-click reject option that is equally prominent as the accept button
Store proof of consent as a compliance record
Allow visitors to change or withdraw consent at any time
Dark patterns in cookie banners - such as hiding the reject button or using confusing colour contrasts - are now a specific enforcement target across EU data protection authorities.
Matching Your Banner to Framer's Design Standards
Framer users tend to care about visual design more than the average website owner. A cookie banner that clashes with your carefully crafted layout will frustrate you and your visitors.
Look for a consent solution that offers full banner customisation: custom colours, typography, border radius, and positioning. The banner should feel like part of the site, not an afterthought bolted on top. Kukie.io supports custom CSS for situations where the visual editor does not offer enough control.
Performance matters too. Framer sites are often single-page or near-single-page designs where load speed is a selling point. A heavy consent script that blocks rendering or shifts layout will hurt your Core Web Vitals scores. Choose a lightweight script that loads asynchronously and does not delay first contentful paint.
Framer vs Other Website Builders: Cookie Consent Compared
Framer is not the only platform where designers face this question. If you work across multiple builders, it helps to understand how the cookie consent process differs.
| Platform | Native Cookie Banner | Custom Code Access | Third-Party CMP Support |
|---|---|---|---|
| Framer | Basic (GTM-tied) | Head and body injection (paid plans) | Yes |
| Webflow | No | Head and body injection | Yes |
| Squarespace | Basic | Code injection | Yes |
| WordPress | Via plugins | Full theme access | Yes |
| Wix | Basic | Limited | Partial |
Framer's approach sits in the middle: more flexible than Wix or Squarespace, but less open than WordPress or a custom-coded site. The custom code injection slots give you enough access to install any third-party consent management platform.
Frequently Asked Questions
Does a Framer site need a cookie banner if I only use Framer Analytics?
No. Framer's built-in analytics are cookieless and do not store any persistent identifiers on the visitor's device. A cookie banner is only required when you add third-party scripts that set non-essential cookies.
Where do I paste the cookie banner script in Framer?
Go to Project Settings, select Custom Code, click Show Advanced, and paste the script into the Head End section. This ensures the consent script loads before any tracking tags fire.
Can I use a cookie banner on Framer's free plan?
No. Custom code injection is only available on Framer's paid plans. You need at least a Mini or Basic plan to add external scripts to your site.
How do I block Google Analytics cookies before consent on Framer?
Use Google Consent Mode v2 to communicate consent status to GA4, or load the GA4 script conditionally so it only fires after the visitor grants analytics consent. Both methods work through Framer's custom code injection.
Is Framer's built-in cookie banner component GDPR-compliant?
It provides basic accept/reject functionality tied to Google Tag Manager. It may be sufficient for sites that only use Google services, but it lacks granular category-based consent, automatic cookie scanning, and support for non-Google third-party scripts.
Do embedded YouTube videos on Framer need cookie consent?
Yes. Standard YouTube embeds set tracking cookies such as VISITOR_INFO1_LIVE and YSC. These require consent before loading. Use privacy-enhanced mode (youtube-nocookie.com) or block the embed until the visitor consents.
Take Control of Your Cookie Compliance
If you are not sure which cookies your Framer site sets, start with a free scan. Kukie.io detects, categorises, and helps you manage every cookie - so your visitors get a clear choice, and you stay on the right side of the law.
