When building SecureSpells, I made a very intentional early decision: I didn t want to store any readable personal data.

No names. No plain emails. No passwords. Etc...

I've been auditing different websites lately, and I'm finding that most of "compliant" banners still fire scripts before the user clicks Accept.

We get the legal requirements ("Prior Consent"), but the implementation seems impossible to maintain without breaking the UX.