diff --git a/app/controllers/confirmations_controller.rb b/app/controllers/confirmations_controller.rb
index 6725e19df254a12c7274c8bd300029ffad1f77ac..dd30d688fa819bba0cc291acd4e66bd937ebbd6e 100644
--- a/app/controllers/confirmations_controller.rb
+++ b/app/controllers/confirmations_controller.rb
@@ -3,6 +3,7 @@
 class ConfirmationsController < Devise::ConfirmationsController
   include AcceptsPendingInvitations
   include GitlabRecaptcha
+  include OneTrustCSP
 
   prepend_before_action :check_recaptcha, only: :create
   before_action :load_recaptcha, only: :new
diff --git a/app/views/devise/confirmations/almost_there.haml b/app/views/devise/confirmations/almost_there.haml
index 9fb0fb734f9aaf2a97b8969a07fe295bf56ea2ac..892ef730884cbb4bef0f1d0d91ae03bbeab57d26 100644
--- a/app/views/devise/confirmations/almost_there.haml
+++ b/app/views/devise/confirmations/almost_there.haml
@@ -1,6 +1,8 @@
 - user_email = "(#{params[:email]})" if params[:email].present?
 - request_link_start = '<a href="%{new_user_confirmation_path}">'.html_safe % { new_user_confirmation_path: new_user_confirmation_path }
 - request_link_end = '</a>'.html_safe
+- content_for :page_specific_javascripts do
+  = render "layouts/one_trust"
 
 .well-confirmation.gl-text-center.gl-mb-6
   %h1.gl-mt-0
diff --git a/ee/app/controllers/ee/registrations/welcome_controller.rb b/ee/app/controllers/ee/registrations/welcome_controller.rb
index 3b5751d797a8b3b4aa37601d1599d344ab9ef5c0..5fbad6842e8bcc510a5865a78fa2f1fca4c1b534 100644
--- a/ee/app/controllers/ee/registrations/welcome_controller.rb
+++ b/ee/app/controllers/ee/registrations/welcome_controller.rb
@@ -10,6 +10,8 @@ module WelcomeController
       TRIAL_ONBOARDING_BOARD_NAME = 'GitLab onboarding'
 
       prepended do
+        include OneTrustCSP
+
         before_action :authorized_for_trial_onboarding!,
                       only: [
                         :trial_getting_started,
diff --git a/ee/app/controllers/registrations/groups_controller.rb b/ee/app/controllers/registrations/groups_controller.rb
index b6bab1732405c80cb24d594bb4f905429bed5b34..7ba32bba570a6dd4b7ec9eab9b9bd140d845673c 100644
--- a/ee/app/controllers/registrations/groups_controller.rb
+++ b/ee/app/controllers/registrations/groups_controller.rb
@@ -4,6 +4,7 @@ module Registrations
   class GroupsController < ApplicationController
     include Registrations::CreateGroup
     include ::Gitlab::Utils::StrongMemoize
+    include OneTrustCSP
 
     layout 'minimal'
 
diff --git a/ee/app/controllers/registrations/groups_projects_controller.rb b/ee/app/controllers/registrations/groups_projects_controller.rb
index f0f656505ff7f8bf0017d3871e05fddb4e117762..3989f44aedcb9e8eaa0a79e066fe2825166a7a99 100644
--- a/ee/app/controllers/registrations/groups_projects_controller.rb
+++ b/ee/app/controllers/registrations/groups_projects_controller.rb
@@ -4,6 +4,7 @@ module Registrations
   class GroupsProjectsController < ApplicationController
     include Registrations::CreateProject
     include Registrations::CreateGroup
+    include OneTrustCSP
 
     layout 'minimal'
 
diff --git a/ee/app/controllers/registrations/projects_controller.rb b/ee/app/controllers/registrations/projects_controller.rb
index 880ae39261221989fe11f03d7e4e815037d45056..09935c3585b72d7b1297de286cccb7fa7656fc49 100644
--- a/ee/app/controllers/registrations/projects_controller.rb
+++ b/ee/app/controllers/registrations/projects_controller.rb
@@ -3,6 +3,8 @@
 module Registrations
   class ProjectsController < ApplicationController
     include Registrations::CreateProject
+    include OneTrustCSP
+
     layout 'minimal'
 
     before_action :check_if_gl_com_or_dev
diff --git a/ee/app/views/registrations/groups/new.html.haml b/ee/app/views/registrations/groups/new.html.haml
index 41030ea8bd7d952ad1f3392736eec15d284db04b..f960070eea5c47a7a77da0c93d47c40dd514cef4 100644
--- a/ee/app/views/registrations/groups/new.html.haml
+++ b/ee/app/views/registrations/groups/new.html.haml
@@ -1,6 +1,8 @@
 - @html_class = "subscriptions-layout-html"
 - page_title _('Your GitLab group')
 - form_params = { trial_onboarding_flow: params[:trial_onboarding_flow], glm_source: params[:glm_source], glm_content: params[:glm_content] }
+- content_for :page_specific_javascripts do
+  = render "layouts/one_trust"
 
 .row.gl-flex-grow-1
   .gl-display-flex.gl-flex-direction-column.gl-align-items-center.gl-w-full.gl-px-5.gl-pb-5
diff --git a/ee/app/views/registrations/groups_projects/new.html.haml b/ee/app/views/registrations/groups_projects/new.html.haml
index 05f643f9bc0563d1c6cce4a6682c8f334b55602e..7070ff2789ba7b102bd4df4138186efc75237ef3 100644
--- a/ee/app/views/registrations/groups_projects/new.html.haml
+++ b/ee/app/views/registrations/groups_projects/new.html.haml
@@ -1,6 +1,8 @@
 - @html_class = "subscriptions-layout-html"
 - page_title _('Your GitLab group')
 - form_params = { trial_onboarding_flow: params[:trial_onboarding_flow], glm_source: params[:glm_source], glm_content: params[:glm_content] }
+- content_for :page_specific_javascripts do
+  = render "layouts/one_trust"
 
 - if in_trial_onboarding_flow?
   .row
diff --git a/ee/app/views/registrations/projects/new.html.haml b/ee/app/views/registrations/projects/new.html.haml
index 85e2ceb3bf5de045ecc2761a25cb95075cca34c0..53b34269d2e7768f008a5164a9593635d62847db 100644
--- a/ee/app/views/registrations/projects/new.html.haml
+++ b/ee/app/views/registrations/projects/new.html.haml
@@ -1,6 +1,8 @@
 - @html_class = "subscriptions-layout-html"
 - page_title _('Your first project')
 - visibility_level = selected_visibility_level(@project, params.dig(:project, :visibility_level))
+- content_for :page_specific_javascripts do
+  = render "layouts/one_trust"
 
 - if in_trial_during_signup_flow? || in_trial_onboarding_flow?
   = render 'registrations/trial_is_activated_banner'
diff --git a/ee/app/views/registrations/welcome/trial_getting_started.html.haml b/ee/app/views/registrations/welcome/trial_getting_started.html.haml
index d4db138889a438215ae8dfcf11d61faf7ec49709..7904fab25ac386844189609a9e3bb8426f6e2c2d 100644
--- a/ee/app/views/registrations/welcome/trial_getting_started.html.haml
+++ b/ee/app/views/registrations/welcome/trial_getting_started.html.haml
@@ -1,5 +1,7 @@
 - return unless learn_gitlab_project
 - page_title _('Get started with GitLab')
+- content_for :page_specific_javascripts do
+  = render "layouts/one_trust"
 
 .row.gl-flex-grow-1
   .gl-display-flex.gl-flex-direction-column.gl-align-items-center.gl-w-full
diff --git a/ee/spec/features/registrations/one_trust_spec.rb b/ee/spec/features/registrations/one_trust_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..9f1fef2f2c67402804cc544fd5ee1e4027bcdc3b
--- /dev/null
+++ b/ee/spec/features/registrations/one_trust_spec.rb
@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'OneTrust in the sign up flow' do
+  let_it_be(:onetrust_url) { 'https://*.onetrust.com' }
+  let_it_be(:one_trust_id) { SecureRandom.uuid }
+  let_it_be(:user) { create(:user) }
+  let_it_be(:group) { create(:group) }
+
+  before do
+    stub_config(extra: { one_trust_id: one_trust_id })
+    stub_feature_flags(ecomm_instrumentation: true)
+    allow(::Gitlab).to receive(:dev_env_or_com?).and_return(true)
+    sign_in(user)
+  end
+
+  shared_examples_for 'one trust settings' do
+    it 'has the OneTrust CSP settings', :aggregate_failures do
+      expect(response_headers['Content-Security-Policy']).to include("#{onetrust_url}")
+      expect(page.html).to include("https://cdn.cookielaw.org/consent/#{one_trust_id}/OtAutoBlock.js")
+    end
+  end
+
+  context 'when user visits /users/sign_up/groups/new' do
+    before do
+      visit new_users_sign_up_group_path
+    end
+
+    it_behaves_like 'one trust settings'
+  end
+
+  context 'when user visits /users/sign_up/projects/new' do
+    before do
+      group.add_owner(user)
+      visit new_users_sign_up_project_path(namespace_id: group.id)
+    end
+
+    it_behaves_like 'one trust settings'
+  end
+
+  context 'when user visits /users/sign_up/groups_projects/new' do
+    before do
+      visit new_users_sign_up_groups_project_path
+    end
+
+    it_behaves_like 'one trust settings'
+  end
+
+  context 'when user visits /users/sign_up/welcome/trial_getting_started' do
+    let_it_be(:project) { create(:project, group: group) }
+
+    before do
+      project.group.add_owner(user)
+      visit trial_getting_started_users_sign_up_welcome_path(learn_gitlab_project_id: project.id)
+    end
+
+    it_behaves_like 'one trust settings'
+  end
+end
diff --git a/spec/features/one_trust_spec.rb b/spec/features/one_trust_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..0ed08e8b99b7f6ab52ab7caf8d23ffb60a9e5e5b
--- /dev/null
+++ b/spec/features/one_trust_spec.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'OneTrust' do
+  context 'almost there page' do
+    context 'when OneTrust is enabled' do
+      let_it_be(:onetrust_url) { 'https://*.onetrust.com' }
+      let_it_be(:one_trust_id) { SecureRandom.uuid }
+
+      before do
+        stub_config(extra: { one_trust_id: one_trust_id })
+        stub_feature_flags(ecomm_instrumentation: true)
+        visit users_almost_there_path
+      end
+
+      it 'has the OneTrust CSP settings', :aggregate_failures do
+        expect(response_headers['Content-Security-Policy']).to include("#{onetrust_url}")
+        expect(page.html).to include("https://cdn.cookielaw.org/consent/#{one_trust_id}/OtAutoBlock.js")
+      end
+    end
+  end
+end