Consent Settings for server GTM tags

Safeguarding website visitor information and maintaining compliance with privacy laws is crucial. As the use of cookies and other tracking technologies becomes increasingly scrutinized, consent management has emerged as the essential method for obtaining user agreement to collect data. This practice is not only a cornerstone of ethical web behavior but also a legal requirement in many jurisdictions.

Rise of server-side tagging sets new challenges and questions. Specifically, the integration of consent management within server-side environments is critical, yet server GTM does not offer a built-in system for managing user consent. This gap necessitates additional work to ensure that server-side tags adhere to the required consent protocols, particularly for those tags that manage advertisements and store data.

Here, we’ll describe the mechanics of server-side consent management, explore the necessity of integrating consent mode, discuss which Stape tags support consent mode, and demonstrate the ease and efficacy of implementing these solutions. 

Consent mode overviewCopy link to this section

Consent mode is a setting that makes sure user consent preferences are followed when collecting and processing data. It acts as a gatekeeper, determining what type of data can be captured based on the permissions granted by the user. This is especially critical for server-side Google Tag Manager, where user data handling occurs on the server side, away from the user’s browser.

It helps in:

- building trust with users and improving the quality of data collected, as it is done transparently and with user approval. 

- complying with various data protection regulations such as the General Data Protection Regulation (GDPR) in the European Union, which mandates strict guidelines on how personal data must be handled.

Legally, managing user consent is pivotal. Non-compliance with data privacy laws can result in significant penalties and fines, as seen in several high-profile cases. These regulations require that consent must be informed, specific, freely given, and reversible. Consent mode helps organizations comply with these legal requirements by providing mechanisms to capture, store, and honor user consents throughout the data lifecycle.

Ethically, proper consent management is a cornerstone of user privacy and autonomy. It respects the user's right to control their personal information and sets a foundation for transparent and honest interactions between users and services. Trust in data practices directly influences user engagement and loyalty, as users are more likely to interact with and provide data to platforms they believe are safeguarding their privacy.

How does Google Consent Mode work in web GTM?Copy link to this section

Web Google Tag Manager has a built-in consent mode. When it’s enabled, tags can modify their behavior based on the consent status that the user granted. This feature adds additional settings to web GTM tags, which allows you to specify what type of consent is required for this tag to fire. 

Using a Consent Management Platform (CMP) is recommended to enable users to choose their consent preferences. This platform operates by displaying a consent banner to users, which allows them to indicate their desired consent status. Once the user has made their selection, the CMP will update the consent status by pushing data layer events to web GTM. 

Native Google tags do not require additional consent checks, while for other tags like Facebook, TikTok, etc., you would need to specify when these tags are allowed to fire manually. 

We already have several blog posts with guides on how to set up Consent mode:

• Consent mode in server Google Tag Manager
• Google Consent Mode V2
• Server-side consent management with sGTM and Cookiebot 

Challenges of implementing consent mode in sGTMCopy link to this section

The first thing we need to discuss is that checking the consent status for server tags is obligatory, the same as for web tags.

There are two challenges that you need to solve when setting up consent in sGTM:

1. How to deliver consent state to server Google Tag Manager Copy link to this section

1.1 When configuring the advanced implementation of Google Analytics 4, you can use the anonymized pings that GA4 sends. To enable advanced consent configuration in GA4, simply access the web GTM and update the Consent Settings to “No additional consent required.” No configuration is necessary for sGTM.

1.2 The second option is to use the Stape Data Tag. It allows you to pass the consent state from the web to the server GTM. To retrieve the Data Tag’s requests in the server GTM, you should use Data Client. Once the “Add consent state” is enabled in the Data Tag, it adds consent_state object to the request, including the following properties:

• ad_storage
• analytics_storage
• functionality_storage
• personalization_storage
• security_storage 

2. How to modify server GTM tags behavior based on consent status?Copy link to this section

2.1 Stape recently modified its tags to automatically change tags’ behavior based on the consent state that was passed from web GTM either by GA4 or Data tag. These are the Stape sGTM tags that support consent mode in server GTM:

• Facebook Conversion API
• TikTok Events API
• Snapchat Conversion API
• Pinterest Conversion API

All you need to do is expand ​​Consent Settings and enable the checkbox Send data if marketing consent is given. Once done, tags will trigger only when GA4 GSC=G110 or GSC=G111 or when the Data Tag sends status ad_storage.

2.2 Manually create triggers that will check GSC, Data Tag, or any other tag parameters that carry information about the consent state and modify each tag’s behavior manually. 

ConclusionCopy link to this section

Our tags that support consent mode are a particularly effective solution. It’s the best and most convenient way for you to stay ahead in the consent management. Ensure you meet the current and future demands of both data privacy regulations and consumer privacy expectations, maintaining trust and integrity. 

And if you need the help with the setup up - don’t hesitate to contact us! Our team of experts will do the configuration just right for you.