The changes in privacy requirements made it strictly necessary for websites to receive user consent for using cookies and tracking scripts related to advertising or analytics. To help website owners comply with these requirements, Google has introduced Consent Mode. Using Consent Mode in web GTM, you can adapt tags behavior based on user consent.
In this guide, we want to talk about consent mode, why it’s crucial to implement it, and how to use consent mode in the server Google Tag Manager container.
Privacy regulations, mainly European Union's GDPR and California Consumer Privacy Act, restrict websites from collecting data about website visitors without their consent. Users can choose whether or not sites can gather information and use cookies using cookie banners.
Cookies can be differentiated by the purpose:
There is also a list of requirements on how cookie banners should look and what information contain. Below is the list of crucial GDPR requirements for cookie banners, but some countries have their own requirement as well:
| Find out more about compliant cookie banners in our guide. |
Google introduced a Consent Mode in the web Google Tag Manager container. Consent mode is a new setting in the web GTM tags that allows managing statistics and marketing cookies. This setting helps respect user decisions and customize tags behavior based on the consent status.
When implementing consent mode in Google Tag Manager, you might want to trigger consent settings only in countries or regions where consent is required. This will help track a higher percentage of users who visit your site.
There are some tags with built-in consent checks. These are primarily Google’s Tags like Google Ads, Google Analytics, Floodlight, Conversion Linker. Setting up consent settings is more straightforward for these tags, while tags without consent require additional configuration.
Web GTM only is not enough to set up consent mode. You will also need a Consent Management Platform. The primary purpose of CMP is to show a cookie banner on your site. Most Consent Management Platforms can integrate with Consent Mode in the Google Tag Manager. Google has a list of CMPs that can combine with the consent mode. Some CMPs created tags for the web GTM, making integration way easier. Each CMP has its documentation on integrating GTM consent mode. We highly recommend configuring consent mode based on their instructions.
Server GTM doesn't yet have a Consent Mode similar to web GTM. If you want to implement consent mode for the server Google Tag Manager, it’s necessary to implement consent mode in web GTM first. This guide will use a cookiebot CMP as an example since we use it for Stape.
1. The first step is to enable a consent overview in the web GTM container settings.
2. Add your Consent Management Platform tag to the web GTM container. This tag should trigger Consent initialization - All pages. You may want to modify the Default Consent State for each type of cookie.
3. In most cases, there is no need to configure any additional changes for tags like Google Ads, Analytics, Floodlight, and Conversion Linker because they have built-in consent checks. But we highly recommend checking your CMP documentation on setting up consent mode for Google Products since it may vary.
On the other side, you need to configure additional settings for the tags that do not have a built-in consent check. I will use the Facebook pixel as an example.
4. When a user allows cookies, our CMPs send a custom event cookie_consent_update. I will remove the existing "all pageviews" trigger and replace it with the custom event cookie_consent_update to trigger the Facebook pageview tag.
5. Update trigger for all your tags. To see the consent setting for all of them, you might want to open Consent Overview in the web GTM.
6. Once you’ve set up consent mode for GA and FB tags in web GTM, you need to ensure that server GTM tags trigger only when consent is granted. There are two ways how to use consent mode in sGTM:
7. First, let me show how to set up consent mode in sGTM using a custom event. Create a new UA or GA4 tag that sends an event consent granted to the sGTM. It should trigger on a custom event cookie_consent_update (in my case).
8. In server GTM, modify the trigger for the Facebook pageview tag. In my case, it’s a custom event cookie_cosent_update claimed by the GA4 client.
9. This section shows how to set up consent mode in sGTM using the GA4 consent state parameter GCS. The value of the GCS parameter depends on user consent:
Create a new event data variable in the sGTM container that captures the GSC parameter.
10. Create a trigger for the page_view Facebook Conversion API tag in the sGTM container. I will trigger the FB CAPI pageview tag when the client name equals GA4, the event name is page_view, and GSC equals G111.
From my experience, this method is less reliable than using the custom events in the web GTM. When a user lands on the page the first time, GA sees that consent is not granted, and FB pageview is not triggered. If a user stays on the same page and allows cookies, GA won't send updated GSC value. Thus, GA and FB tags in sGTM won’t fire, and you will miss some page view events.
11. The last step would be to test the sGTM consent mode in the preview mode and publish the container if everything is correct.
The first thing we need to discuss is that checking the consent status for server tags is obligatory, the same as for web tags.
1.1 When configuring the advanced implementation of Google Analytics 4, you can use the anonymized pings that GA4 sends. To enable advanced consent configuration in GA4, simply access the web GTM and update the Consent Settings to “No additional consent required.” No configuration is necessary for sGTM.
1.2 The second option is to use the Stape Data Tag. It allows you to pass the consent state from the web to the server GTM. To retrieve the Data Tag’s requests in the server GTM, you should use Data Client. Once the “Add consent state” is enabled in the Data Tag, it adds consent_state object to the request, including the following properties:
2.1 Stape modified its tags to automatically change tags’ behavior based on the consent state that was passed from web GTM either by GA4 or Data tag. These are the Stape sGTM tags that support consent mode in server GTM:
All you need to do is expand Consent Settings and enable the checkbox Send data if marketing consent is given. Once done, tags will trigger only when GA4 GSC=G110 or GSC=G111 or when the Data Tag sends status ad_storage.
2.2 Manually create triggers that will check GSC, Data Tag, or any other tag parameters that carry information about the consent state and modify each tag’s behavior manually.
While consent mode in web GTM is a good step by Google, it’s only the start of what needs to be done to have a good privacy and consent framework on your website. There are several ways to use consent mode in the server Google Tag Manager, but unfortunately, sGTM does not have a built-in consent mode yet, making this process more time-consuming.
However, our tags that support consent mode are a particularly effective solution. It’s the best and most convenient way for you to stay ahead in consent management. Ensure you meet the current and future demands of both data privacy regulations and consumer privacy expectations, maintaining trust and integrity.
And if you need the help with the setup up - don’t hesitate to contact us! Our team of experts will do the configuration just right for you.
All it takes is a few simple questions. Click Get A Quote , fill-up the form, and we will send you a quote.
