Integrating a Consent Solution with Google Tag Manager has always been a pain, and especially those from Consent Providers.
In the end of May this year Google Tag Manager launched Consent Settings to make it easier handle consents with Google Tag Manager. You would expect Consent Providers jumping on this opportunity to make their product easier to use with GTM because it would benefit them – but no – very few have done it so far.
Because of that, here is my recipe for making Google Tag Manager Consent Settings work with ALL Consent Solutions.
- Introduction to the GTM Consent Recipe
- The Approach from Consent Providers
- Google Tag Manager Setup for this GTM Consent Settings Recipe
- Setting Consent in Google Tag Manager
- Some Final Words
Introduction to the GTM Consent Recipe
The recipe for making GTM Consent Overview work with every Consent Solution, is that we don’t use the Consent Solution Provider integration documentation. This setup is independent of the Consent Solution, although some things are Consent Solution specific. I’m going to explain the cases where you have to use your own ingredients in this recipe.
What you will have afterwards is the possibility to set Consent for your Tags as shown below. In addition to being a more easy solution to work with, you also get full overview over Tags and their Consent.
Consent isn’t easy, but at least this recipe makes it easier to work with Google Tag Manager.
The Approach from Consent Providers
(Many) Consent Providers have for some reasons choosed a similar integration approach, and the approach is not the greatest IMHO. The approach they have are different “Page View” Events for analytics, ads, etc., which means you need to create different triggers that are doing the same job, but for different consent types. Also, those “Page View Triggers” from the Consent Providers, I have seen them load 2-3 seconds after the built in GTM Page View Trigger, which is not good from the perspective of data quality from consented users.
You would probably have to create blocking Triggers as well for all the different consent types. And – to top it up with even more complexity, in some situations you have to create Trigger Groups.
Using this recipe means that you can use a regular Page View Trigger (kind of), and you don’t need Blocking Triggers or Trigger Groups.
Google Tag Manager Setup for this GTM Consent Settings Recipe
In this blog post I’m going to use Cookie Information as an example. For comparison, this is their GTM integration documentation.
Since this blog post is built on the Consent Solution from Cookie Information, some of the setup is specific for them. However, the concept will work with other Consent Solutions. Just follow my tips on how to adapt this recipe to your Consent Solution.
Enough introduction, here is “how to”.
1. Activate “Enable consent Overview”
Enable consent overview can be found in Container Settings.
2. Import Tag Template Consent Mode (Google tags)
- Import Consent Mode (Google Tags) Tag Template made by Simo Ahava.
- (Simo also have a very good article about GTM Consent Settings).
3. Google Tag Manager Variables
You need to create the following GTM Variables:
- Consent – Cookie
- Consent – Marketing
Consent – Cookie
All Consent Solutions I have worked with are storing the consent in a cookie. Find the name of that cookie, and create a 1st Party Cookie Variable.
The Cookie Information cookie is called CookieInformationConsent, and you should URI-decode this cookie.
- Name the Variable Consent – Cookie.
Consent – Marketing
You need to read the consent from the Consent – Cookie Variable, and based on the consent stored in the cookie, return the status.
You will have to create 1 Variable for each Consent Type. In this example I only create a Consent Variable for Marketing.
We are going to use the output from these Consent Variables in the Google Consent Mode Tag.
How to read the consent, and return the status from the Cookie is up to you. In this case I’m going to use a Custom Javascript Variable, but for some other Consent Solutions I have used a RegEx Table Variable.
In addition to checking for consent in the cookie, I’m also going to check for the Consent Status in the Cookie Information Javascript. I just want to be sure that I have checked all possibilities that the user have given consent or not.
In other Consent Solutions, a second place to check for consent could be a Data Layer for example.
The Custom Javascript Variable for checking Consent for Marketing looks like this. If you are using Cookie Information, copy the code.
- Save the Variable as Consent – Marketing – CJS (CJS is an abbreviation for Custom JavaScript).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
function() { try { var consentCookie = {{Consent - Cookie}}; if (consentCookie) { consentCookie = JSON.parse({{Consent - Cookie}}); consentCookie = JSON.stringify(consentCookie['consents_approved']); if (consentCookie.indexOf('cookie_cat_marketing') >= 0) { return 'granted'; } } if (window.CookieInformation && window.CookieInformation.getConsentGivenFor('cookie_cat_marketing')) { return 'granted'; } return 'denied'; } catch (e) {} } |
As you can see in the script, I return “granted” or “denied“, which is a “language” that Google Consent Mode understands.
4. Google Tag Manager Triggers
We need to create (at least) the following triggers:
- Consent – Button – Click
- Consent – Consent Selected – Event
- PageView – Consent
Consent – Button – Click
This Click Trigger identifies if someone clicks on a button that either Grants or Denies Consent. The purpose of this Trigger is to trigger a Custom HTML Tag that will generate our own GTM Consent Event called consentSelected.
As you can see from the image above, Cookie Information has 2 buttons the user can click on to either accept or decline consent. We need to track click on both buttons, and we are going to do that by matching Click Classes with RegEx.
- Name the Trigger Consent – Button – Click.
The consent banner from Cookie Information comes in different shapes with different buttons. Because of that there are quite a few Class Names to match. The full RegEx is below (these are the Class Names I have identified).
1 |
^(coi-consent-banner__agree-button|bottom-bar__update-consent|coi-consent-banner__decline-button|coi-banner__accept|coi-banner__decline)$ |
Since we are relying on tracking clicks on buttons in this example, this is the most fragile part of this solution. If Cookie Information decides to change how their buttons are coded, this Click Trigger may break.
What if You Aren’t Using Cookie Information?
Using a Click Trigger as we do here with Cookie Information would probably work well on other Consent Solutions as well. That is up to you to figure out.
Some Consent Solutions do also send a Custom Event when consent is granted or denied. Maybe you can hook up your setup on this Event instead.
Consent – Consent Selected – Event
This Custom Event is “our” Consent Event called consentSelected. The purpose of this Trigger is to update Google Consent Mode if consent settings are set or updated, and to generate the first Page View for Tags that are restricted by consent.
PageView – Consent
For Tags that have Consent Checks built into the Tag, you can use your regular Page View Triggers (All Pages/Page View, DOM Ready & Window Loaded) as is. For now, only Google Tags have Consent Settings built into their Tags.
For other Tags, you have to use a special “Page View” Trigger. The Trigger is a Custom Event, that will either Trigger on gtm.js Event (which is the same Event that Page View Triggers uses), and it will also Trigger on the consentSelected Event. The purpose of that is to Trigger Tags on the page the user is standing on when giving consent.
Add the RegEx below to a Custom Event Trigger as shown in the image.
1 |
^(gtm\.js|consentSelected)$ |
For DOM Ready or Window Loaded use ^(gtm\.dom|consentSelected)$ or ^(gtm\.load|consentSelected)$ as RegEx.
5. Google Tag Manager Tags
You must create 2 Tags:
- Consent – Selected – cHTML
- Consent – Google Consent Mode
Consent – Selected – cHTML
This is a Custom HTML Tag (cHTML is an abbreviation for that). This Tag creates the consentSelected Event.
As you can see from the code below, the Event is delayed before it’s sent. The reason for this is that we want to be sure that the Consent Solution has updated the consent in the cookie (and elsewhere) before the consentSelected Event is sent.
1 2 3 4 5 6 7 8 9 10 |
<script> (function() { var timeout = 700; // Milliseconds - change to what you want the timeout to be. window.setTimeout(function() { window.dataLayer.push({ 'event': 'consentSelected' }); }, timeout); })(); </script> |
- Name the Tag Consent – Selected – cHTML
- Add Consent – Button – Click as Trigger
This Tag should not be limited by consent in GTM Consent Settings. Use No additional consent required in the Consent Settings.
Consent – Google Consent Mode
Only Marketing Consent is used in this example setup.
The Google Consent Mode Tag has 2 Consent Command settings; Default and Update. I use only Update as setting in this example setup, since the Consent – Marketing – CJS Variable handles the consent.
If Pass Ad Click Information Through URLs and Redact Ads Data should be checked, I leave that to you.
- Set a very high Tag firing priority number. This Tag should have the highest priority of all Tags.
- Add Initialization – All Pages and Consent – consentSelected – Event as Triggers to the Tag.
If you want/need to use both Consent Command settings; Default and Update, then the Default Tag should use the Initialization – All Pages Trigger, and the Update Tag should use the Consent – consentSelected – Event Trigger.
The technical part of this recipe is now completed.
Setting Consent in Google Tag Manager
If you have a previous setup with Blocking Triggers, Trigger Groups and Custom Events for tracking “Page Views”, do the following first:
- Remove (and delete) Blocking Triggers
- Remove (and delete) Custom Events for tracking “Page Views” that comes from the Consent Solution.
- Trigger Groups are not needed.
- If you have Trigger Groups that includes Click based Triggers (Click and Link Click), remove (and delete) Trigger Groups, and use the regular Trigger (Click and Link Click).
- If you have Ecommerce Events that are “click based” (Add to Cart, Remove from Cart, Product/Promotion Click) and restricted using Trigger Groups, remove (and delete) Trigger Groups, and use the Ecommerce Event as Trigger.
Setting Consent for Marketing Tags
You can either select all marketing Tags from the Tags Page, or do it from the Consent Overview Page.
If you select all marketing Tags from the Tags Page, click Edit Consent Settings afterwards.
Consent Settings
Consent Settings have 3 choices:
- Not set
- You haven’t decided what to do with this Tag.
- No Tags should be Not set when the setup is completed
- You haven’t decided what to do with this Tag.
- No additional consent required
- This Tag doesn’t need consent, or the Tag has built-in consent.
- Require additional consent for tag to fire
- For Marketing Tags that haven’t built-in consent, use ad_storage.
Google Analytics Settings Variable
If you have used allowAdFeatures in your Google Analytics Settings Variable, allowAdFeatures can be removed from Fields to set. Google Consent Mode will handle this.
Testing Google Consent Mode
To find out whether data is being transferred to Google correctly, open the collect request in the Network tab of the Chrome Dev Tools. There you will find the parameter gcs = G1XX sent with all Google hits (Analytics, Ads or Floodlight). G1 is always identical. This is followed by 2 digits: 1 stands for approval and 0 for rejection.
Google Consent Mode Parameter | Description |
G100 | ad_storage = denied; analytics_storage = denied = No consent, neither for marketing nor for statistics cookies |
G101 | ad_storage = denied; analytics_storage = granted = consent to statistical, but not to marketing cookies |
G110 | ad_storage = granted; analytics_storage = denied = consent to marketing, but not to statistics cookies |
G111 | ad_storage = granted; analytics_storage = granted = consent to both marketing and statistics cookies |
Do also go incognito to verify that ex. Google Ads isn’t setting cookies when consent isn’t granted, but at the same time, data are being sent with the correct value in the gcs-parameter.
Give consent, and verify that Tags are triggered correctly, and cookies from the respective Tags are being set. To verify Tags with built in consent, you will have to check the Network Tab in your Browser Console.
If everything seems correct in GTM Preview Mode, you have now completed the setup.
Some Final Words
Since this recipe has a potential fragile spot, namely the tracking of Clicks on Consent Buttons, I recommend that you track when users are giving consent (and what consent was granted). The image below demonstrates how this can be done with Universal Analytics. As Event Action in this example I track if Consent for Marketing was granted or not, and as Event Label I track the Click Text from the Consent Button.
Although I haven’t tested this recipe on ALL Consent Solutions, I have tested it on several solutions, so I take the chance and claim it will work on all. The key here is to think outside Consent Providers integration documentation if they don’t support GTM Consent Settings.
Using Google Tag Manager Consent Settings should make your life easier. But – there are cases where Consent Mode will not solve everything automagically, but that’s not within the scope of this blog post.
Do I need to set custom trigger for Universal Analytics tag? Shouldn’t it work with built-in All pages. I can see update tag firing, but that doesn’t trigger UA tag again ;(
The Universal Analytics Tag with All Pages Trigger will be automatically triggered again when consent is granted. You will however not see that in GTM Preview, you have to check the console. Either check the network tab, or if you are using some debugger tool (GA Debug or GTM/GA Debug), that should also show this.
Do also inspect the GCS-parameter as mentioned in this blog post.
Regards,
Eivind
Hello! Thank you very much for this detailed guide!
I am using cookieprivacy.com for a website and the things is there is no Click event in DL or anything else when the user interacts with the Cookie banner.
Any ideas on how to possibly trigger the Consent Update tag in this situation? Thank you!
Sorry, I meant this : https://www.privacypolicies.com
Unfortunately I haven’t used that solution. A quick look at the cookie consent builder, it looks like there are some class names to target:
cc-nb-okagree
cc-nb-reject
cc-cp-foot-save