HubSpot Live Chat with CMP Integration

The Challenge

The client relied heavily on HubSpot’s live chat for pre-sale enquiries. After implementing a compliant cookie banner in 2024 that properly gated third-party scripts, they discovered that HubSpot’s chat widget simply did not load for any visitor who declined marketing or analytics cookies. Overnight, 20% of their visible visitors lost access to live chat.

The problem runs deeper than it appears. HubSpot’s tracking script (hs-script-loader) bundles chat functionality with analytics and tracking. There is no official way to load the chat widget independently of HubSpot’s cookie-setting behaviour. The client’s consent management platform (CMP) correctly categorised the entire HubSpot script under “marketing” cookies, which meant declining marketing consent removed chat entirely.

It was clear they could not simply reclassify HubSpot as “necessary” because the script demonstrably sets tracking cookies. But the business could not afford to lose live chat for the roughly 20% of UK visitors who decline marketing cookies.

Our Approach

We built a two-tier loading strategy. For visitors who accept marketing cookies, HubSpot loads normally through the CMP — full tracking, chat, and analytics as standard. For visitors who decline, we use HubSpot’s Conversations API to load the chat widget in a sandboxed mode.

The sandboxed loader is a custom script that initialises only HubSpot’s chat iframe via the Conversations JavaScript API, deliberately bypassing the main hs-script-loader. Before initialisation, we call HubSpot’s Consent API (_hsp.push(['revokeCookieConsent'])) to instruct the widget not to set any cookies on the visitor’s browser. The chat still functions — visitors can send and receive messages — but HubSpot does not track them or drop cookies.

We hooked this into the CMP’s callback events. When consent state changes (e.g., a visitor initially declines, then later accepts via the banner’s settings), the system tears down the sandboxed chat and reinitialises the full HubSpot suite without requiring a page reload. We managed this through a state machine that tracks the current consent level and the current chat loading mode, ensuring no duplicate widget instances.

The Results

Live chat availability went from 60% of visitors back to 100%. Chat-originated leads showed improvement within two weeks of deployment.

Crucially, the setup passed a compliance review. The sandboxed mode sets zero cookies and transmits no personal data until the visitor actively provides it through the chat conversation.

The client’s DPO considered this a proper resolution rather than a compromise — compliant by default, fully functional where consent is granted, and degraded gracefully rather than broken where it is not.