This feature uses the Joomla 'raw' document format, if you receive an error when opening this kind of links it's likely your Joomla 'raw' format has been broken by other extensions or a PHP error is generated under the hood. It's recommended to enable the error reporting in the Joomla global configuration, the debug mode under the GDPR component configuration and finally open the URL used for the popup directly in the browser for example: 'https://www.youtsite.com/index.php?option=com_gdpr&task=user.getCookieCategoryDescription&format=raw&lang=en&gdpr_cookie_category=1&fancybox=true' In this way it's possible to display PHP errors if any.
Additionally this error can be the effect of a mixed domains usage along with Joomla! configured with a hardcoded single domain URL. Browser won't allow scripts to work across different domains such as http://mysite.com and http://www.mysite.com, thus for security policy scripts are blocked accordingly.
Normally Joomla uses dynamic base address for the site, having a look at the Joomla configuration.php you can check that the variable named '$live_site' has empty value as by default.
Keep in mind that you should always use only 1 domain for your website to have good SEO, so it's recommended that you redirect from one domain to another using the htaccess.