How to Configure Geo-Targeting for Compliance

Overview

This guide explains how to set up geo-targeting so the correct compliance template is automatically shown to users based on their location.

Why Geo-Targeting?

1. EU Visitors → See GDPR-compliant banner
2. California Visitors → See CCPA template
3. Brazil Visitors → See LGPD template
4. Other Regions → See simple template or your choice
5. Automatic → No manual configuration per visitor

Prerequisites


6. Consent Management module enabled
7. Banner already configured
8. Admin access

How Geo-Detection Works


Server-Side Detection (Primary)


9. Visitor IP address detected
10. Geo_Service looks up IP location
11. Returns country/region
12. GeoRuleMatcher finds matching rule
13. Correct template determined

Frontend Fallback (Secondary)


14. If server-side fails, uses API
15. /wp-json/slos/v1/geo/region endpoint
16. Browser sends visitor IP
17. Returns detected region
18. JavaScript selects template

Multi-Layer Fallback


19. Server detection
20. API detection
21. Region mapping
22. Default template

Step 1: Enable Geo-Targeting


23. Go to SLOS → Consent Management
24. Click Settings tab
25. Scroll to Geo-Targeting
26. Check “Enable Geo-Targeting”
27. Click Save Changes

Step 2: Set Up Geo Rules


EU (GDPR) Rule


Location: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden

28. Go to Consent Management → Geo Rules
29. Click Add Rule
30. Rule Name: “GDPR – EU”
31. Countries: Select all EU countries (or bulk select “EU”)
32. Template: Select “GDPR Template”
33. Set Effective: Immediately
34. Set Priority: High (executed first)
35. Click Save Rule

California (CCPA) Rule


Location: United States – California

36. Click Add Rule
37. Rule Name: “CCPA – California”
38. Countries: United States
39. States/Provinces: California
40. Template: Select “CCPA Template”
41. Priority: High
42. Click Save Rule

Brazil (LGPD) Rule


Location: Brazil

43. Click Add Rule
44. Rule Name: “LGPD – Brazil”
45. Countries: Brazil
46. Template: Select “LGPD Template” (or Advanced)
47. Priority: High
48. Click Save Rule

Default Rule


For all other locations:

49. Click Add Rule
50. Rule Name: “Default Template”
51. Countries: All others
52. Template: Select “Simple Template”
53. Priority: Low (lowest priority)
54. Click Save Rule

Step 3: Verify Detection Accuracy


Test Detection


55. From VPN in EU:

– Connect to EU VPN
– Clear cookies
– Visit site
– GDPR banner should show

56. From California IP:

– Connect to California VPN
– Clear cookies
– Visit site
– CCPA banner should show

57. Browser Dev Tools:

– Open Console
– Look for logs like: “Geo region: EU”
– Verify template selection

Check Console Logs


Enable debug logging:

58. Go to SLOS → Settings → Advanced
59. Check “Debug Logging”
60. Console will show:

– Detected region
– Matched rule
– Selected template
– Fallback steps

Manually Test API


In browser console:
`javascript
fetch(‘/wp-json/slos/v1/geo/region’)
.then(r => r.json())
.then(d => console.log(‘Region:’, d));
`

Returns: {"region": "EU"} or similar

Step 4: Test All Templates


Visual Verification


Test each scenario:

61. EU Detection:

– GDPR-specific text
– “More options” button
– Cookie category explanations

62. CCPA Detection:

– “Do Not Sell” language
– California-specific rights
– CCPA terminology

63. Default Detection:

– Simple accept/reject
– Basic information
– Minimal text

Verify Consent Recording


After interacting with each template:

64. Go to Consent Management → Consents
65. Look for recent entries
66. Check georuleid field
67. Verify rule ID matches expected rule

Step 5: Handle Special Cases


IP Geolocation Limitations


Some IPs are hard to detect:

68. VPN users
69. Proxy users
70. Corporate networks
71. ISP non-standard routing

Solution:

72. Add fallback detection
73. Allow manual region selection
74. Use secondary detection methods

Adding Manual Region Override


Allow users to override detected region:

75. Edit banner text to add:

“Not from [Region]? [Change Region]”

76. Link changes browser selection
77. User selects correct region
78. Browser stores preference

Whitelist/Blacklist Countries


Create country lists:

79. Go to Geo Rules → Settings
80. Whitelist: Countries that MUST use specific template
81. Blacklist: Countries excluded from rules
82. High priority enforced
83. Save settings

Step 6: Monitor Geo Detection


Dashboard Metrics


In Consent Management → Dashboard:

84. Regional distribution of consents
85. Template impressions by region
86. Acceptance rate by template
87. Geo-detection accuracy

Create Report


Export geo data:

88. Go to Reports → Geo Analysis
89. Select date range
90. View by region, country, template
91. Download CSV report
92. Share with compliance team

Common Metrics


93. Consents per region
94. Template impressions by region
95. Acceptance rates by template
96. A/B variant distribution by region
97. Time-to-decision by region

Step 7: Troubleshooting Geo Rules


Banner Still Shows Wrong Template


Check:

98. Verify rule is enabled
99. Check rule priority
100. Verify template exists
101. Clear browser cookies
102. Check console logs for errors

Solution:

103. Increase rule priority
104. Disable conflicting rules
105. Update template settings

Geo Detection Not Working


Check:

106. Verify geolocation service enabled
107. Test API endpoint manually
108. Check server logs
109. Verify user IP visible to server

Solution:

110. Enable debug logging
111. Check WordPress logs
112. Verify server permissions
113. Test with different IPs

Wrong Region Detected


Likely Causes:

114. User on VPN
115. Proxy server
116. ISP location mismatch
117. Geolocation database outdated

Solutions:

118. Allow manual override
119. Use multiple detection methods
120. Update geolocation database
121. Document as known issue

Step 8: Compliance Verification


GDPR Compliance


For EU rule:

122. ✓ Template has GDPR language
123. ✓ Consent is explicit
124. ✓ Rejection easy as acceptance
125. ✓ Granular control available
126. ✓ Consent recorded with geo data

CCPA Compliance


For California rule:

127. ✓ Template shows CCPA language
128. ✓ “Do Not Sell” clearly displayed
129. ✓ Rights explained
130. ✓ Opt-out possible
131. ✓ Consent tracked

LGPD Compliance


For Brazil rule:

132. ✓ Portuguese language preferred
133. ✓ LGPD rights displayed
134. ✓ Consent explicit
135. ✓ Data storage explained
136. ✓ International transfer notice

Best Practices


137. Test Thoroughly – Use VPNs to test all regions
138. Keep Rules Simple – Don’t over-complicate
139. Prioritize Correctly – Specific rules first
140. Monitor Accuracy – Check for misdetections
141. Document Rules – Keep notes on setup
142. Review Regularly – Update rules quarterly
143. Get Legal Review – Ensure compliance
144. Have Fallback – Default rule for unknowns

Advanced: Custom Geo Rules


Create custom rules beyond pre-built:

145. Go to Geo Rules → Advanced
146. Custom Rule Name – Describe the rule
147. Conditions:

– Country codes
– Region/state codes
– IP ranges
– Custom parameters

148. Action: Select template
149. Priority: Set priority
150. Save Rule

Example: Japan-specific rule
`
Condition: Country = JP
Template: Detailed template (heavy tracking)
Priority: High
`

Next Steps


151. Enable geo-targeting
152. Create rules for your regions
153. Test with VPNs
154. Monitor detection accuracy
155. Adjust rules as needed
156. Review compliance quarterly

Related Articles


157. Setup Cookie Banner
158. A/B Testing Guide
159. Analytics Integration