DatoCMS

DatoCMS

DatoCMS delivers structured content to websites via API as a headless CMS. Preview and live editing scripts may load for authenticated content editors in preview environments, enabling real-time content updates. Public visitor tracking is not part of DatoCMS's standard browser-side behavior on production pages.

Back to Vendor Library

Overview

DatoCMS is a cloud-hosted headless content management system that delivers structured content to websites and applications through GraphQL and REST APIs. Unlike traditional coupled CMS platforms (WordPress, Drupal) that render HTML pages themselves, DatoCMS is a pure content backend — developers build the frontend independently using frameworks like Next.js, Nuxt, Gatsby, or SvelteKit, and pull content from DatoCMS at build time or via server-side rendering.

On production websites served to public visitors, DatoCMS has no browser-side presence whatsoever. Content is fetched via DatoCMS's Content Delivery API (cdn.datocms.com or graphql.datocms.com) from the server or during static site generation — before the HTML ever reaches a visitor's browser. The only client-side scripts appear in authenticated preview environments used by content editors.

What This Script Does

DatoCMS has virtually no production browser-side footprint:

Build-time content delivery: In statically generated sites (Gatsby, Next.js static export, Astro), content from DatoCMS is fetched during the build process. By the time a visitor loads the page, the content is already baked into the HTML. No API calls are made from the visitor's browser to DatoCMS.

Server-side rendering: In SSR frameworks (Next.js App Router, Nuxt SSR), DatoCMS content is fetched on the server during request handling. The visitor's browser receives rendered HTML — it never makes direct requests to DatoCMS APIs.

Live preview scripts (editorial environments only): When content editors use DatoCMS's real-time preview feature, the preview page loads datocms-listen or similar packages that open a WebSocket connection to DatoCMS for live content updates. This script only loads in authenticated preview environments explicitly configured by developers — it is not present on production public-facing pages.

Visual editing overlays (editorial environments only): DatoCMS's visual editing feature (@datocms/react-components or similar) renders clickable edit buttons and field highlights for authenticated editors. These overlays are gated behind authentication and preview mode flags, and are never visible to or loaded for public visitors.

Image optimization CDN: DatoCMS uses Imgix (*.imgix.net) for image transformation and delivery. Image requests from visitor browsers go to Imgix's CDN, not to DatoCMS directly. Imgix is a pure content delivery service that does not set tracking cookies.

Consent & Compliance

DatoCMS's API-first architecture eliminates consent requirements for public website visitors:

  • GDPR: No personal data from public visitors is processed through client-side scripts. All DatoCMS API communication happens server-side or at build time. There is no client-side data collection.
  • ePrivacy Directive: No cookies or client-side scripts are deployed on production pages visited by the public. The ePrivacy Directive's cookie consent requirements do not apply to server-side API calls.
  • CCPA/CPRA: No personal information is collected from website visitors through DatoCMS.
  • Imgix CDN: Image delivery through Imgix does not involve tracking cookies or behavioral data collection. Standard web server access logs (IP, user-agent, referer) may be retained by Imgix for performance monitoring, consistent with CDN industry norms.

Should You Block This Without Consent?

DatoCMS does not load scripts on production websites visited by the public. Content delivery happens through server-side APIs with no client-side tracking, profiling, or cookie-setting. Preview editing scripts only load for authenticated content editors working in explicitly configured preview environments — never for public visitors. There is nothing to block in the context of website consent management.

No.

Visit website

Consent Categories

Functional

Also Known As

datocms consentdatocms cookiesdatocms privacyheadless cms consentdatocms scriptsdatocms preview tracking

Industries

Computers Electronics and Technology

Tracked Domains (1)

datocms.comFunctional

Frequently Asked Questions

Does DatoCMS require consent management on production websites?

No. DatoCMS is a headless CMS that delivers content through server-side APIs or at build time. Public visitors never trigger client-side requests to DatoCMS. No scripts, cookies, or tracking pixels are loaded on production pages, so no consent gate is needed for visitor-facing deployments.

When do DatoCMS scripts appear on a page, and who sees them?

DatoCMS client-side scripts only appear in authenticated editorial preview environments where content editors use real-time preview or visual editing features. These scripts establish a WebSocket for live content updates. They are never loaded for public visitors and require explicit developer configuration to enable.

How does ConsentStack classify DatoCMS?

ConsentStack classifies DatoCMS as a server-side integration with no client-side consent requirement for public visitors. If DatoCMS appears in a script inventory scan, ConsentStack flags it as likely detected in a preview or editorial context rather than the public visitor experience, and excludes it from the consent banner configuration.

Related Vendors

Google Maps
Google Maps
Google Maps is the dominant web mapping service used for embedded maps and location features on websites. Scripts load interactive map tiles, geocoding, and Places API functionality through the Maps JavaScript API. May set cookies to remember map preferences and manage API quota.
Google Search
Google Search
Google Search appears on websites through the Programmable Search Engine, enabling custom site-specific search functionality. Scripts load the search widget from Google's servers to render search bars and display results within the host website. Sends search queries to Google's index and may set cookies for search personalization and query history.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Apple Maps JS
Apple Maps JS
Apple Maps JS is Apple's JavaScript mapping framework for embedding interactive maps on websites. Scripts load map tiles, location pins, and routing data from Apple's MapKit servers to render navigable maps within web pages. Requires a MapKit JS token for authentication but does not set tracking cookies or collect behavioral analytics data.
Apple Business Chat
Apple Business Chat
Apple Business Chat enables direct customer messaging between websites and Apple's Messages app. Scripts load chat buttons and conversation interfaces that connect visitors to business support agents through iMessage. Sets minimal session cookies to maintain conversation context but does not track browsing behavior or collect analytics data.

Manage consent for DatoCMS

ConsentStack automatically detects and manages DatoCMS trackers so your site stays compliant with global privacy regulations.

Get started free