The recent changes in privacy requirements made it strictly necessary for websites to receive user consent for using cookies and tracking scripts related to advertising or analytics. To help website owners comply with these requirements, Google has introduced Consent Mode. Using Consent Mode in web GTM, you can adapt tags behavior based on user consent.
In this guide, we want to talk about consent mode, why it’s crucial to implement it, and how to use consent mode in the server Google Tag Manager container.
Cookies can be differentiated by the purpose:
There is also a list of requirements on how cookie banners should look and what information contain. Below is the list of crucial GDPR requirements for cookie banners, but some countries have their own requirement as well:
Google introduced a Consent Mode in the web Google Tag Manager container. Consent mode is a new setting in the web GTM tags that allows managing statistics and marketing cookies. This setting helps respect user decisions and customize tags behavior based on the consent status.
When implementing consent mode in Google Tag Manager, you might want to trigger consent settings only in countries or regions where consent is required. This will help track a higher percentage of users who visit your site.
There are some tags with built-in consent checks. These are primarily Google’s Tags like Google Ads, Google Analytics, Floodlight, Conversion Linker. Setting up consent settings is more straightforward for these tags, while tags without consent require additional configuration.
Web GTM only is not enough to set up consent mode. You will also need a Consent Management Platform. The primary purpose of CMP is to show a cookie banner on your site. Most Consent Management Platforms can integrate with Consent Mode in the Google Tag Manager. Google has a list of CMPs that can combine with the consent mode. Some CMPs created tags for the web GTM, making integration way easier. Each CMP has its documentation on integrating GTM consent mode. I highly recommend configuring consent mode based on their instructions.
Server GTM doesn't yet have a Consent Mode similar to web GTM. If you want to implement consent mode for the server Google Tag Manager, it’s necessary to implement consent mode in web GTM first. This guide will use a cookiebot CMP as an example since we use it for stape.
1. The first step is to enable a consent overview in the web GTM container settings.
2. Add your Consent Management Platform tag to the web GTM container. This tag should trigger Consent initialization - All pages. You may want to modify the Default Consent State for each type of cookie.
3. In most cases, there is no need to configure any additional changes for tags like Google Ads, Analytics, Floodlight, and Conversion Linker because they have built-in consent checks. But I highly recommend checking your CMP documentation on setting up consent mode for Google Products since it may vary.
On the other side, you need to configure additional settings for the tags that do not have a built-in consent check. I will use the Facebook pixel as an example.
4. When a user allows cookies, our CMPs send a custom event cookie_consent_update. I will remove the existing "all pageviews" trigger and replace it with the custom event cookie_consent_update to trigger the Facebook pageview tag.
5. Update trigger for all your tags. To see the consent setting for all of them, you might want to open Consent Overview in the web GTM.
6. Once you’ve set up consent mode for GA and FB tags in web GTM, you need to ensure that server GTM tags trigger only when consent is granted. There are two ways how to use consent mode in sGTM:
7. First, let me show how to set up consent mode in sGTM using a custom event. Create a new UA or GA4 tag that sends an event consent granted to the sGTM. It should trigger on a custom event cookie_consent_update (in my case).
8. In server GTM, modify the trigger for the Facebook pageview tag. In my case, it’s a custom event cookie_cosent_update claimed by the GA4 client.
9. This section shows how to set up consent mode in sGTM using the GA4 consent state parameter GCS. The value of the GCS parameter depends on user consent:
Create a new event data variable in the sGTM container that captures the GSC parameter.
10. Create a trigger for the page_view Facebook Conversion API tag in the sGTM container. I will trigger the FB CAPI pageview tag when the client name equals GA4, the event name is page_view, and GSC equals G111.
From my experience, this method is less reliable than using the custom events in the web GTM. When a user lands on the page the first time, GA sees that consent is not granted, and FB pageview is not triggered. If a user stays on the same page and allows cookies, GA won't send updated GSC value. Thus, GA and FB tags in sGTM won’t fire, and you will miss some page view events.
11. The last step would be to test the sGTM consent mode in the preview mode and publish the container if everything is correct.
While consent mode in web GTM is a good step by Google, it’s only the start of what needs to be done to have a good privacy and consent framework on your website. There are several ways to use consent mode in the server Google Tag Manager, but unfortunately, sGTM does not have a built-in consent mode yet, making this process more time-consuming.
Contact us if you want help getting started or need assistance setting-up server-side tracking for your business. We’re experts in online advertising and can help you stay ahead of the curve in 2022 and beyond.
By the end of 2024, Chrome and Chrome-based browsers will be done with third-party cookies. Safari and Firefox already implemented Intelligent Tracking Algorithms that can block trackers. That leads to the next point: digital advertising methods that rely on third-party cookies to target consumers might become ineffective or even stop working altogether. This change in how advertisers track users will hurt many publishers and ad networks that rely on these third-party companies to display ads and collect data from site visitors to understand their audience. In this blog post, I will explain what a third-party cookie is, why it matters, and how server-side tracking can help businesses transit to the world without third-party cookies.Oct 8, 2021
What cost can you expect for server Google Tag Manager hosted on Google Cloud? Is it a good idea to use a test environment on the productions site. Why stape’s hosting for server GTM is cheaper and how we secure our user’s data.Dec 14, 2021
How you can use server-side tracking to comply with GDPR. Plus, some tips on using consent mode in the server Google Tag Manager and protecting users' data.