Skip to content

GDPR & cookies

Embedding YouTube, Vimeo, Facebook, TikTok, Dailymotion or G-Core videos loads code (and often cookies) from those third parties. Under GDPR, that requires explicit customer consent. Mediaverse ships with a cookie-consent overlay that gates third-party iframes until the customer agrees.

By default (Settings → Plugins → Mediaverse → Video → Do not require cookies accept = off):

  1. The customer opens a product page with an embedded video.
  2. Mediaverse renders the thumbnail and a play-icon overlay — but no iframe yet.
  3. When the customer clicks the play overlay, a cookie consent message appears asking them to accept third-party cookies.
  4. On accept, Mediaverse loads the iframe and the video starts playing.
  5. The consent is remembered (typically through Shopware’s standard cookie storage) so the next click loads videos immediately.

For YouTube specifically, you can dodge the consent step by enabling nocookie mode in Settings → Plugins → Mediaverse → Embed → YouTube → YouTube nocookie. The plugin then uses youtube-nocookie.com URLs, which do not set marketing cookies until the customer interacts with the player. In most legal interpretations this means you do not need separate consent for YouTube embeds, but always confirm with your DPO.

If your store is outside the EU, or if you handle consent through a different mechanism, you can bypass the gate entirely:

Settings → Plugins → Mediaverse → Video → Do not require cookies accept → on.

The plugin then loads iframes immediately on page load (or on lazy-load trigger, depending on the per-source settings).

Mediaverse integrates with Shopware’s standard cookie configuration. The plugin registers its own cookie group so the consent overlay matches the rest of the site’s cookie banner.