Skip to main content

Docebo Help

How can we help?

Managing your platform's cookie policy

Last updated
Docebo module
  • Learn
Reading time
User level
  • Administrators

Sandbox release disclaimer: Some content in this article outlines how to use functionalities that will be publicly released to all clients at the end of July 2026. If you see differences between this article and your platform, check back at that time. Learn more about the release cycle.

Introduction

Your learning platform uses cookies, which are text strings created by a server and stored on the hard disk of your computer or on any other device (smartphone, tablet) that you use to access the Internet before being retransmitted to subsequent access to the Internet.

Cookies allow your learning platform to collect information about user navigation, such as remembering language preferences or the currency used for a purchase, then use this information for the user’s next visit to facilitate easier use of the platform.

Cookies may be stored permanently on your device and have a variable duration (called persistent cookies), or may disappear when the browser is closed and have a limited lifespan (called session cookies). Cookies may also be installed by the site you are visiting (called first-party cookies) or may be installed by other websites (called third-party cookies). Your learning platform uses first-party cookies, third-party cookies and other similar cookies.

In order to comply with the applicable regulations affecting cookies, such as the European ePrivacy directive (opens in a new tab), Docebo provides the capability to manage the platform cookies subject to consent by granting to the platform users (data subjects) the right to decide whether to give consent to statistic, non-necessary cookies.

  • Necessary cookies: these cookies help in making the platform more usable by enabling basic functions like page navigation and access to secured areas. The platform cannot work properly without these cookies, and Docebo does not allow users to disable them. These cookies are not subject to user consent.
  • Statistic cookies: these cookies help your platform to understand how users interact with it, by collecting anonymous data. These cookies are not mandatory for the proper functioning of the platform but are vital for the continuous improvement of the user experience.

When requested to provide consent to the cookie policy, users can choose a language different from the one you selected for them, among the platform’s active languages. If the language they select while reading the policies is different from the language selected in their My profile area, once they access the platform, the language will be reset to the language set in their My profile area.

This article outlines how to edit and manage your platform’s cookie policy. Refer to the knowledge base article on the conditions of use for learners to learn more on how users interact with the cookie policy.

Cookie policy compliance

The cookie policy is always enabled and visible to all users. It cannot be hidden from the platform interface or removed using custom CSS.

If you modify or remove the cookie policy text, cookies remain active on the platform. It is your responsibility to clearly communicate this to users.

Docebo provides a default cookie banner, but you can integrate with OneTrust if needed.

If the Extended Enterprise app is enabled, the selected cookie policy applies to all domains managed by the app.

Configuring the cookie policy general settings

To configure the general settings of your platform’s cookie policy, go to the Cookie policy page from the Configuration menu. The page includes the following sections:

The Docebo default cookie policy

The Content section of the Cookie policy page displays the policy title, subtitle, and content. You can edit this content at any time to meet your needs.

  • Click the globe icon to view or edit the cookie policy in another language
  • Click Learner view to preview the policy while you make changes.
  • Click Save changes to update the cookie policy. 

 

Notes on the default cookie policy:

  • We recommend including the [cookie_table] shortcode in the cookie policy content. It is automatically replaced with the list of cookies provided by Docebo and ensures that the list is always up to date.
  • As a Superadmin, you are responsible for listing any additional cookies used in your platform. Since the Docebo cookie list cannot be edited, add any additional cookies directly in the policy content.
  • Docebo provides the cookie policy text in English only. You can manage the English version and translate it into the languages used in your platform, as described in the Translating the default cookie policy chapter. 
  • You can format the Cookie policy content as needed. Please note that:
    • The text editor embedded in the platform is Froala. Refer to the Froala Knowledge base (opens in a new tab) for further information on how to use i
    • The output may differ slightly from the input, depending on the applied CSS rules
       

Translating the default cookie policy

Docebo provides the cookie policy text in English only. Superadmins can manage the English version and translate it into the languages used in the platform.

When editing the default cookie policy, use the multi-language selector to create versions in multiple languages.

For the default language, all fields (title, subtitle, and content) are mandatory. For other languages, fields are not mandatory, but all fields must be completed to display the translation. If any field is missing, the entire policy is shown in the default language.

For example, if your default language is English, all fields must be completed in English. If you add a French version but leave one field empty, users with French selected will see the policy in English.

Each time you click Save changes, a new version is created for all languages

Using the OneTrust cookie policy

As an option to the default cookie banner, you can integrate with the OneTrust Cookie Consent solution (opens in a new tab), if you have an active OneTrust account and remain in agreement with the terms and conditions in your contract.


When selecting this option, the Docebo default cookie policy does not apply and is completely replaced by the OneTrust cookie policy.
 

Please note: Docebo’s integration with OneTrust supports the ability to manage cookies required by Google Analytics 4 (GA4), provided the following requirements are met:

  • GA4 cookies must be placed under groupID C0002, which corresponds to Performance Cookies
    --> This is the default configuration, and the OneTrust administrator should not move them to a different category.

  • On the end-user side, GA4 cookies are activated only if the user accepts the “Performance Cookies” category in the banner

To activate it, access the Navigation menu > Configuration (spanner icon) > Platform setup and tools > Cookie policy. In the Properties tab, select the OneTrust option in the Source section.

If you are using a docebosaas.com domain for your platform (for example, my-domain.docebosaas.com), move to the Content section, paste the JavaScript code provided to you by OneTrust, and press Save changes to save it. This is the suggested JavaScript code to use, depending on your scenario.

Custom domain

If you are using a custom domain (for example, www.my-domain.com), paste the following JavaScript code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44 		<script>
// CONFIGURATION START
const domainsSettings = [
    {
      domain: 'my-domain.docebosaas.com',
      script: `
<!-- OneTrust Cookies Consent Notice start for my-domain.docebosaas.com -->
<onetrust_script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" data-document-language="true" 
type="text/javascript" charset="UTF-8" data-domain-script="89eb36ee-e757-40bd-984f-7fc8351d9577" ></onetrust_script>
<onetrust_script type="text/javascript">
function OptanonWrapper() { }
</onetrust_script>
<!-- OneTrust Cookies Consent Notice end for my-domain.docebosaas.com -->
      `
    },
    {
      domain: 'www.my-domain.com',
      script: `
<!-- OneTrust Cookies Consent Notice start for www.my-domain.com -->
<onetrust_script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" data-document-language="true" 
type="text/javascript" charset="UTF-8" data-domain-script="e0acd1d7-e123-4e47-aad0-0f6fbd55d455" ></onetrust_script>
<onetrust_script type="text/javascript">
function OptanonWrapper() { }
</onetrust_script>
<!-- OneTrust Cookies Consent Notice end for www.my-domain.com -->  
      `
    }
  ];
  // CONFIGURATION END

  const currentDomain = window.location.hostname.toLowerCase();
  const head = document.querySelector('head');
  let script = '';
  domainsSettings.forEach(setting => {
    if (setting.domain === currentDomain) {
      script = setting.script;
    }
  });
  if (script.length) {
    const decriptedScript = script.replace(/onetrust_script/g,'script');;
    const domFragment = document.createRange().createContextualFragment(decriptedScript);  
    head.appendChild(domFragment);
  }
</script>

Before saving your changes, edit the code as follows:

  • Row 5: replace my-domain.docebosaas.com with the URL of your docebosaas.com domain
  • Row 17: replace www.my-domain.com with the URL of your custom domain
  • Row 9 and row 21: replace data-domain-script with the UUID available in your OneTrust account.

Extended Enterprise

If you are using the Extended Enterprise app in conjunction with a custom domain, paste the JavaScript code available in the Custom domain chapter of this article, and, before saving your changes:

  • Replicate the code from line 16 to line 27 for every domain of your Extended Enterprise having a custom domain. You do not need to replicate the code for the docebosaas.com domains.
  • In every block of code you have replicated, replace www.my-domain.com with the URL of the Extended Enterprise custom domain.
Notes on the OneTrust cookie policy JavaScript code:
  • When using the JavaScript code , remember to follow the JavaScript Coding Conventions (opens in a new tab) and use commas to separate the blocks of the array.
  • The preview of the OneTrust cookie policy is not available in the Preview tab. Visit the OneTrust website to see it.