Consent Auditing — Logging, Storage, and the Consent ID

Every time a visitor interacts with your consent banner, MineOS captures a structured record of that interaction. These records form your consent audit trail — the evidence you can produce if a regulator, auditor, or visitor asks "did this user consent, and to what?"

This article explains:

What happens when consent is given (or changed, or withdrawn)
What gets stored on the visitor's browser
What gets logged centrally in MineOS
How to use the Consent ID to find a specific record in the consent audit log

What happens when a visitor consents

When a visitor clicks Allow All, Reject All, or saves their custom preferences, MineOS does three things in parallel:

Generates a unique Consent ID for this consent action — a UUID like 710c5680-ad39-4c10-bd49-5bae20a9b2a6.
Stores the consent record locally in the visitor's browser so the same banner doesn't reappear on the next page.
Sends an analytics event to MineOS so the action is recorded in your centralized consent audit log.

Each consent action generates a new Consent ID. If a visitor accepts all cookies, then later opens the banner again and changes their preferences, you'll see two distinct Consent IDs in the audit log — one for each action.

What's stored on the visitor's browser

MineOS CMP stores the visitor's most recent consent decision in their browser's localStorage. This is what allows the banner to know whether to appear on the next page load.

The stored record contains:

Field	What it is
Consent ID	The unique UUID for this consent action
User ID	A persistent identifier for this visitor (UUID, stored in localStorage, survives across sessions)
Session ID	A per-session identifier (UUID, generated each time the visitor opens your site)
Categories	Which cookie categories the visitor consented to (e.g. `{ Essential: true, Analytics: false, Marketing: true }`)
Banner ID	Which banner was shown when the visitor consented
Timestamp	When the visitor made their choice (ISO 8601, UTC)
Expiry	When this consent expires and the banner will reappear
Configuration version	The version of your published MineOS configuration at the time of consent
Geographic location	The visitor's region at the time of consent (e.g. `US`, `DE`)
Page URL	The page they were on when they consented

📘
Why we store this in the browser
Storing the consent record locally lets the CMP make immediate decisions on the next page load — without a network round-trip — about whether to show the banner and which cookies are allowed. This means no flash of blocked content and no banner re-appearing on every page.

When does the stored record change?

The local record is replaced (and a new Consent ID generated) whenever:

The visitor clicks any banner button (Allow All, Reject All, Save Preferences, Opt out of sales)
The visitor changes their preferences via the "Manage Your Cookies" link in your footer
The previous consent has expired (based on the consent duration you configured on the banner — typically 12 months)
Your published configuration version has changed since the last consent (so the visitor is re-prompted to acknowledge the change)

When is it cleared?

The local record stays in the visitor's browser until one of the following happens:

It expires (per the consent duration on the banner)
The visitor clears their browser storage (e.g. cookies/site data cleanup)
The visitor visits from a different browser or device

What's logged centrally in MineOS

In addition to storing the record on the visitor's browser, MineOS CMP sends an analytics event to the MineOS platform each time a meaningful consent action happens. These events power the consent audit log available in the portal.

Event types

Event	When it fires
Banner displayed	The consent banner is shown to the visitor (first or second layer)
Banner dismissed	The visitor closes the banner — by clicking a button or by closing the modal without choosing
Consent change	The visitor updates an existing consent (e.g. opens the footer link and changes their categories)

For your audit trail, Banner dismissed and Consent change events are the records that prove a specific consent decision happened. Banner displayed events are useful for measuring banner performance (impressions, time-to-decision) but don't carry a consent decision on their own.

What each event contains

Every consent event sent to MineOS includes:

Consent ID — the unique UUID for that consent action
Timestamp — when the action occurred
Page URL — where the visitor was when they consented
User ID and Session ID — for distinguishing visitors and sessions
Banner ID — which banner was active
Configuration version — which version of your published configuration was live
Categories — the consent state after the action (which categories are on/off)
Previous categories (consent change only) — the consent state before the action
Changed categories (consent change only) — which categories flipped between before and after
Dismissal action (banner dismissed only) — whether the visitor clicked Accept All, Decline All, customized their choice, or closed the banner without choosing
User Agent — the visitor's browser and OS
Geographic location — the visitor's region

Viewing the consent audit log

The consent audit log is available in the MineOS portal under Consent Management → Overview → Audit.

The table shows one row per logged consent event, with columns including:

Column	What it shows
Consent Date	When the consent event was recorded
Page URL	The page where the visitor consented
User ID	The visitor's persistent identifier
User Agent	The visitor's browser and OS string
Domain Group Name	Which of your websites the consent applies to
Config Version	Which version of your configuration was active at the time
Changed Categories	The categories the visitor consented to (or changed)

You can sort the table by any column, and filter the logs to find specific events.

Using the Consent ID to find a specific consent

The Consent ID is the single best way to look up a specific consent decision. Here's where it appears and how to use it.

Where visitors see their Consent ID

When a visitor opens the second layer of your banner (by clicking Customize or the "Manage Your Cookies" link), MineOS shows them a footer with details of their last consent. The format is:

Last consent captured on May 26, 2026 on page: https://mineos.ai/
Consent ID: 710c5680-ad39-4c10-bd49-5bae20a9b2a6

This serves two purposes:

Transparency — the visitor can see exactly when and where they last consented.
Support reference — if the visitor contacts you (e.g. to dispute a consent record or exercise a privacy right), they can give you this Consent ID and you can look up the exact record in seconds.

How to find a Consent ID in the audit log

Go to Consent Management → Overview in the portal.
Switch to the Audit tab.
In the filter bar at the top, open the Consent ID filter (change it from "is any value" to a search).
Paste the Consent ID the visitor gave you.
The table now shows only the row(s) matching that Consent ID.

From there you can see every detail captured at the time of consent — what categories were allowed, what version of your configuration was live, what page the visitor was on, and so on.

Typical use cases

Scenario	How to use the Consent ID
A visitor contacts you and asks "what consent did I give?"	Ask them to open the banner's second layer, copy their Consent ID, and send it to you. Look it up in the audit log to see exactly what they consented to.
A visitor exercises their right to withdraw or revisit consent	The Consent ID identifies the exact record being challenged. After they change their preferences, a new Consent ID will be generated.
Regulator asks for evidence of consent for a specific visitor	Filter the audit log by Consent ID (or by User ID if you need to see the history) to produce the exact event record.
Debugging a consent-related issue on your site	If a visitor reports a tracker firing when it shouldn't, ask for their Consent ID — you can confirm which categories they actually consented to versus what they expected.

Other ways to filter the audit log

Besides Consent ID, the audit log can be filtered by:

User ID — to see every consent action by a specific visitor over time
Date range — for compliance reports covering a specific period
Domain group — if you manage multiple websites in MineOS
Configuration version — to find all consent events that occurred under a specific version of your configuration (useful when investigating the impact of a configuration change)
Changed categories — to filter to actions where, e.g., the visitor consented to Marketing

Frequently asked questions

Does each visit generate a new Consent ID? No. The Consent ID is generated each time the visitor makes a decision (clicks a banner button or changes preferences). Repeated visits without a decision don't create new IDs.

What if the visitor accepts and later changes their mind? The original consent stays in the audit log, and a new event (with a new Consent ID) is logged for the change. The audit trail shows the full history.

What if the visitor clears their browser storage? The local record is removed, but the events logged on the MineOS side remain. The next time they visit, the banner will reappear and a new consent record will be created.

Can a visitor have multiple active Consent IDs at the same time? Only one current consent applies at a time per banner. But the audit log contains every historical Consent ID for that visitor, so you can trace their full history.

Is the Consent ID linked to any personally identifying information? The Consent ID itself is a random UUID. It's stored alongside the User ID (also a random UUID), the page URL, IP-derived geographic region, and User Agent string — but not the visitor's name, email, or account information. If you need to link a Consent ID to a known user, you'd do that on your side using your own identifiers.

How long are consent events retained? Consent events are retained per your MineOS retention configuration. Contact your MineOS account team if you need to confirm or change the retention period for your account.