Suno's page code sets advertising and analytics tracking to 'off' by default for users in EU, EEA, UK, Switzerland, Norway, Iceland, and Liechtenstein, but sets all tracking to 'on' by default for everyone else, including US users.
This analysis describes what Suno's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This configuration determines whether advertising identifiers and behavioral analytics are collected from your device before you interact with any consent prompt, and the default-granted posture for non-EU users means tracking begins without an explicit opt-in.
Users outside the listed European jurisdictions have ad tracking, analytics, and personalization storage enabled by default upon visiting suno.com, while EU/EEA/UK users receive a denied-by-default configuration consistent with GDPR requirements.
Cross-platform context
See how other platforms handle Differential Consent Defaults by Region and similar clauses.
Compare across platforms →Monitoring
Suno has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"gtag('consent', 'default', {'ad_storage': 'denied', 'ad_user_data': 'denied', 'ad_personalization': 'denied', 'analytics_storage': 'denied', 'functionality_storage': 'denied', 'personalization_storage': 'denied', 'wait_for_update': 500, 'region': ["AT","BE","BG","HR","CY","CZ","DK","EE","FI","FR","DE","GR","HU","IE","IT","LV","LT","LU","MT","NL","PL","PT","RO","SK","SI","ES","SE","IS","LI","NO","GB","CH"]}); gtag('consent', 'default', {'ad_storage': 'granted', 'ad_user_data': 'granted', 'ad_personalization': 'granted', 'analytics_storage': 'granted', 'functionality_storage': 'granted', 'personalization_storage': 'granted'});— Excerpt from Suno's Suno Acceptable Use Policy
(1) REGULATORY LANDSCAPE: The denied-by-default configuration for EU/EEA and UK users engages GDPR (Regulation 2016/679) Article 6 lawful basis requirements and the ePrivacy Directive cookie consent rules as implemented by member states; the UK GDPR and PECR apply for UK users. The granted-by-default configuration for all other users may engage FTC Act Section 5 scrutiny regarding disclosure of data collection practices, and CCPA/CPRA for California residents regarding the collection of personal information via advertising pixels without explicit notice at collection. (2) GOVERNANCE EXPOSURE: Medium. The two-tier consent configuration creates regulatory exposure for US-based and other non-European users who have advertising and analytics tracking activated without a documented opt-in mechanism visible in the submitted HTML. Meta Pixel, TikTok Pixel, Microsoft Clarity, Bing Ads, and Twitter UWT are all active under the granted-by-default configuration, each involving data transmission to third-party processors. (3) JURISDICTION FLAGS: EU and EEA member states and the UK have heightened protection given the denied-by-default consent configuration already implemented. California residents face potential CCPA/CPRA exposure given default-granted analytics and advertising storage. Illinois BIPA is not directly implicated by the visible tracking configuration. Switzerland and Norway are included in the denied-by-default region list. (4) CONTRACT AND VENDOR IMPLICATIONS: Procurement and compliance teams integrating Suno into commercial workflows should assess whether data processing agreements (DPAs) with Meta, TikTok, Microsoft, Google, and Twitter are in place, as each embedded pixel involves third-party data transmission. The absence of a visible consent management platform (CMP) for non-EU users may be a gap in vendor data governance documentation. (5) COMPLIANCE CONSIDERATIONS: Legal teams should audit whether a CMP or equivalent opt-in mechanism exists for US users, review CCPA-compliant disclosure language for the advertising pixels in use, and confirm that data processing agreements with all third-party pixel vendors are current. The full privacy policy and cookie policy should be reviewed alongside this consent configuration.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This configuration determines whether advertising identifiers and behavioral analytics are collected from your device before you interact with any consent prompt, and the default-granted posture for non-EU users means tracking begins without an explicit opt-in.
Users outside the listed European jurisdictions have ad tracking, analytics, and personalization storage enabled by default upon visiting suno.com, while EU/EEA/UK users receive a denied-by-default configuration consistent with GDPR requirements.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Suno.