So, application insights can track a users’ session, and if they are a returning user – and it does this with cookies…

Well, you’re probably storing some sort of cookie saying “permission has been granted”, and server-side you could filter upon that that if you’re excluding that user entirely from your analytics. (Which I don’t think you have to – I could be wrong – as App Insights doesn’t store PII by default (that’s why the IP address field on some telemetry records is 0.0.0.0) – but I think you should if the user is being clear that they don’t want to send telemetry).
Client-side, though, you have to tell the JavaScript snippet that you want to disable cookies. There are a few ways of doing that (see disableCookiesUsage and cookieCfg.enabled). Here’s what I chose…

Just render an enabled : true (or not) depending upon if you’ve been allowed to use cookies. And much as I love App Insights, I don’t think it’s a ‘necessary’ cookie; the site will operate without them, so don’t turn them on unless you’ve been granted permissions to use it.