Hey!
So I am looking for some simple solutions to assure I don’t save any cookies without user consent. Perhaps some simple JS that wait with loading asynchronously all the google analytics and other 3rd party JS until user give consent (which could be triggered by closing cookie notification window).
Does anyone implement something like that?
And are you going to display this consent-dialog on each page-fetch? Or maybe you are going to remember user choice using… cookies? 
In my opinion forcing users to see and close those annoying boxes is far too much in case of most simple sites using Google Analytics. A footnote with info and link to GA opt-out is enough, according to GDPR (reasonable bussiness effort). But it’s just my opinion and a subject for another topic.
On websites that use Google Analytics only (and no ads, no Adwords, etc.) I have put this:
This website uses cookies via Google Analytics service to obtain statistical information about website visitors, traffic and usage. No data allowing to identify individual users is stored. More on this and how to opt-out: here.
I’ve read this and decided that generating a Privacy Policy or Cookies Policy for a simple website using GA only is too much. Any comments?
By a happy coincidence, I just came across a simple Javascript library called yett which sounds like it might be exactly what you want. I haven’t tried it yet, but it looks promising.
With regard to GDPR compliance, it seems to me that you can go quite a long way by turning on anonymize IP in Google Analytics and making sure that you don’t use any specific user-tracking features. That might be sufficient for a personal site, although if you’re building business sites you may want a fuller solution. Note that to be really compliant, I believe you may need not only to obtain consent, but to record it as well (i.e. have a log file somewhere that says “On blah blah of June 2018 at 10:13:12, the user identified by tracking id xyz1234 clicked the consent button at …”). I don’t think that yett offers you any help there, although the mere fact of deploying something to your site that blocks tracker scripts unless the user consents might convince a GDPR administrator that you’d done your best.
“Loud the iron yett does clank/The cry of howlets mak’s me eerie”
If you don’t want to anonymize IP with gtag.js you can do it with just adding single command to your existing script:
ga(‘set’, ‘anonymizeIp’, true); for all hits
or
ga(‘send’, ‘pageview’, {
‘anonymizeIp’: true
});
for a single hit.
You can find more information here: https://developers.google.com/analytics/devguides/collection/analyticsjs/ip-anonymization