Salesforce

Cookie Consent Integration with Google Consent Mode

« Go Back
Information
Cookie Consent Integration with Google Consent Mode
UUID-d81787f6-685c-2262-36c3-5f1f3369e2a7
Article Content

Note

For information on Google Additional Consent, see Using Google Additional Consent.

Implementing Google Consent Mode

What is Google Consent Mode?

Google Consent Mode allows you to configure how Google tags behave based on the consent users choose to provide or withhold through Cookie Consent. The feature indicates whether consent has been granted for analytics and/or ads cookies, which allows Google's tags to dynamically adapt by only utilizing cookies for the specified purposes or cookie categories.

Note

Google Consent Mode is an alternative to script blocking.

Google Products that support Google Consent Mode include the following:

  • Google Ads: this includes Google Ads Conversion Tracking and Re-marketing. Support for Phone Conversions is pending.

  • Floodlight

  • Google Analytics

  • Conversion Linker

Note

For any other tags on Google Tag Manager that fire cookies or need to fire based on user consent, see Cookie Consent Integration with Google Tag Manager. You can also leverage the additional consent check method.

Consent Mode V2 Updates

The European Commission announced that Google has been designated as a gatekeeper under the Digital Markets Act (DMA). The DMA is a new piece of legislation designed to harmonize platform regulation across the EU and ensure fair and open digital markets. To keep using measurement, ad personalization, and remarketing features, you must collect consent for use of personal data from end users based in the EEA and share consent signals with Google. To support you with collecting granular user consent, Google has updated the consent mode API to include two additional parameters:

  • ad_user_data: Sets consent for sending user data related to advertising to Google.

  • ad_personalization: Sets consent for personalized advertising.

See Implementing Google Consent Mode with OneTrust Cookie Consent to see how you can ensure the V2 updates are added to your OneTrust implementation.

Note

You must implement the 202311.1.0 script version or newer to support the new parameters.

Google Consent Storage Types

Google Consent Storage Types are as follows:

  • ad_storage

  • analytics_storage

  • functionality_storage

  • personalization_storage

  • security_storage

  • ad_user_data

  • ad_personalization

 

Basic vs. Advanced Consent Mode

Google Consent Mode can be implemented in basic or advanced modes.

Basic

When Consent Mode is implemented in the basic version, the Google tags are prevented from loading until a user interacts with the consent banner.

  • When a user grants consent, Google tags load and execute the consent mode APIs.

  • When a user rejects consent, no data is transferred to Google, not even the consent status. Tags are completely blocked from firing.

Advanced

When Consent Mode is implemented in the advanced version, Google tags and consent mode APIs load when a user lands on the website. The tags and APIs then do the following:

  • Set the default consent state. By default, consent will be denied, unless you set your own defaults. When consent is denied, Google tags send cookieless pings.

  • Wait for user interaction with the cookie banner and updates the consent status. Only when a user grants consent to data collection will Google tags send the full measurement data.

Advanced mode implementation can be used for behavioral modeling.

Note

For basic Consent Mode, you will implement both Tag Manager blocking as well as Google Consent Mode. For advanced Consent Mode, you only need to implement Google Consent Mode.

 

Implementing Google Consent Mode with OneTrust Cookie Consent

Step 1: Mapping the OneTrust Cookie Categories to Google Consent Types

  1. On the Cookie Consent menu, select Geolocation Rules. The Geolocation Rule Groups screen appears.

  2. Select a geolocation rule group from the list. The Geolocation Rule Group screen appears.

  3. Select a rule to configure.

  4. Click the Edit icon edit_icon.png in the rule header to configure the rule.

  5. Enable the Google Consent Mode setting.

    By default, the Performance category will be associated with analytics_storage and the Targeting category will be associated with ad_storage, ad_user_data, and ad_personalization. You can change categories to associate with each consent key setting and save the settings for the Geolocation Rule.

    google_consent_mode.png
  6. Configure the categories.

    google_consent_mode_categories.png
  7. Once Google Consent Mode and all other configurations are ready, publish the domain script.

    For more information, see Publishing and Implementing Cookie Consent Scripts.

Step 2: Defining Consent Storage Type Defaults

To adjust your tags' behavior relative to the users' preferences, consent defaults must be defined. There are two options available to choose from when setting the default Google Consent Storage types:

  • Option 1: Use the OneTrust CMP template.

  • Option 2: Set the default gtag values on your website page.

Option 1: Defining Consent Defaults Using OneTrust CMP-GCM Template

The OneTrust CMP Template is available in the Tag Manager Community Template Gallery.

ot_cmp_gcm_template.png

The advantage of the CMP template is the consent defaults are already built in the template, so it is not required to explicitly set the defaults on the website. Using this template, you can associate your OneTrust purpose IDs with the Google Consent Mode storage types so that Google Consent Mode setting defaults and updates will occur based on user consent.

Caution

The CMP template will inject a banner script into your page. If you choose to utilize this method, please remove any other banner scripts that may already be implemented on your website. Running two banner scripts simultaneously on a page can lead to unexpected behaviors.

  1. On the Google Tag Manager menu, select Templates. The Templates screen appears.

  2. In the Tag Templates section, click the Search Gallery button. The Community Template Gallery appears.

  3. Enter "OneTrust CMP" in the Search field.

  4. From the search results, select the OneTrust CMP template.

    gcm_cmp_search.png
  5. Click the Add to Workspace button. A confirmation modal appears.

  6. Click the Add button.

  7. On the Google Tag Manager menu, select Tags. The Tags screen appears.

  8. Enter a name for the tag.

  9. In the Tags section, click the New button. A popover pane appears.

  10. Click the Tag Configuration section. The Choose tag type pane appears.

  11. Select the OneTrust CMP, available in Custom Tag Types. The Tag Configuration screen appears.

  12. Under CMP Settings, add your Data Domain Script.

    Tip

    You can retrieve this from the Testing CDN or Production CDN section of a specific website within the Scripts tab of the Cookie Consent application.

    gcm_data_domain.png

    For more information, see Publishing and Implementing Cookie Consent Scripts.

  13. Select the Determine the language from HTML page setting if your scripts have the Enable Language Detection on Scripts setting enabled and configured as Determine the language from HTML page in Cookie Consent.

    gcm_html_page.png
  14. Select Yes for the setting Do you want to use Google Consent Mode?

  15. Click the Add GCM Category button. The Add Google Consent Mode Category pane appears.

    gcm_category.png
  16. Map each GCM category to a OneTrust category ID. Configure the Global Default Consent for each mapped category to match the consent model configured for the Global region in the OneTrust tool.

    Note

    The GCM consent storage-type mapping to each OneTrust category should match the configuration in your Geolocation Rule Group. For more information, see Configuring Geolocation Rules. To find cookie category IDs, navigate to Categories tab of the Categorizations screen in OneTrust. For more information, see Managing and Categorizing Cookies and SDKs.

  17. Click the Add button for each category once configuration is complete. Repeat step 16 and 17 as necessary.

  18. Click the Add region-specific default button if you have region-specific Geolocation Rules configured in the OneTrust tool. Ensure that country codes follow ISO-3166 standards.

    gcm_region_specific.png

    Tip

    Example: If the California region is added in the OneTrust tool with an opt-out consent model, then add the region-specific default with the region code as us-ca and select On by default for required storage types.

  19. Once the category mapping and region-specific defaults are configured, click the Triggering section of the Tag Configuration screen. The Choose a trigger screen appears.

  20. Select Consent Initialization - All Pages.

    gcm_triggers.png
  21. Click the Save button.

Option 2: Defining Consent Defaults Without Using OneTrust CMP-GCM Template

To adjust your tags' behavior relative to consent, use the gtag('consent') API:

gtag('consent', '<consent_command>', {<consent_type_settings>});

where <consent_command> is one of:

  • 'default': Used to set the default consent settings that apply to a page.

  • 'update': Used to update existing consent settings. This command will be used after a user grants consent via the OneTrust Cookie Consent application.

  • <consent_type_settings> is an object that defines which consent types are 'denied' or 'granted'.

    'denied' is when cookieless pings are sent (consider this as an opt-in consent model).

  • 'granted' is when cookies are written on the page and all measurement data is sent (consider this as an opt-out consent model).

Important

Remember that the default settings must be called before Google Tags or OneTrust loads. The order of the code here is vital. If your consent code is called out of order, your consent defaults will not function as expected.

Order of scripts:

  1. Define consent defaults.

  2. Place GTM script or gtag script.

  3. Deploy the OneTrust CDN.

Tip

Where ‘G-XXXXXX’ is seen below, please replace this with the unique ID Google ID being used on your site.

Where ‘XXXXXX’ is seen below, please replace this with the unique data domain ID from your OneTrust banner CDN.

Example 1, without CMP template and GTM script:

<script> 
  // Define dataLayer and the gtag function. 
  window.dataLayer = window.dataLayer || []; 
  function gtag(){dataLayer.push(arguments);} 
  
  gtag('set' , 'developer_id.dYWJhMj', true);

  // Default ad_storage to 'denied'. 
  gtag('consent', 'default', { 
        ad_storage: "denied", 
        analytics_storage: "denied", 
        functionality_storage: "denied", 
        personalization_storage: "denied", 
        security_storage: "denied",  
        ad_user_data: "denied",
        ad_personalization: "denied", 
'wait_for_update': 500 

  }); 
</script>
 
<!-- Google Tag Manager --> 
<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': 
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], 
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 
'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); 
})(window,document,'script','dataLayer','GTM-XXXXXX');</script> 
<!-- End Google Tag Manager --> 
 
<!-- OneTrust Cookies Consent Notice start --> 
 
<script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js"  type="text/javascript" charset="UTF-8" data-domain-script="XXXXXX" ></script> 
<script type="text/javascript"> 
function OptanonWrapper() { } 
</script> 
<!-- OneTrust Cookies Consent Notice end -->  

Example 2, without CMP template and gtag script:

 <script> 
// Define dataLayer and the gtag function. 
window.dataLayer = window.dataLayer || []; 
function gtag(){dataLayer.push(arguments);} 
// Default ad_storage to 'denied' as a placeholder 
// Determine actual values based on business requirements 
gtag('consent', 'default', { 
  'ad_storage': 'denied' 
}); 
</script> 
<!-- Google tag (gtag.js) --> 
<script async src="https://www.googletagmanager.com/gtag/js?id=TAG_ID"> 
</script> 
 
<!-- OneTrust Cookies Consent Notice start --> 
 
<script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js"  type="text/javascript" charset="UTF-8" data-domain-script="XXXXXX" ></script> 
<script type="text/javascript"> 
function OptanonWrapper() { } 
</script> 
<!-- OneTrust Cookies Consent Notice end --> 

Region-Specific Behavior

If you are proceeding without the OneTrust CMP template:

To change the default behavior of your tags for users from certain regions, specify a region in your consent command. By providing a region value, you can fine-tune defaults based on your users' geographic locations. For example, to set ad_storage to denied for users from Spain and California, and to set ad_storage to granted for all other users:

gtag('consent', 'default', {
  ‘ad_storage': 'denied',
  'region': ['ES', 'US-CA']
});
gtag('consent', 'default', {
  'ad_storage': 'granted'
});

For more information, see Configuring Geolocation Rules.

The most specific takes precedence. If two default consent commands occur on the same page with values for a region and subregion, the command with a more specific region will take effect.

For example, if you have ad_storage set to granted for the region US and ad_storage set to denied for the region US-CA, a visitor from California will have the more specific US-CA setting take effect. For this example, that would mean a visitor from US-CA would have ad_storage set to denied.

Region

ad_storgage

Behavior

US

'granted'

Applies to users in the US that are not in CA.

US-CA

'denied'

Applies to users US-CA.

Unspecified

'granted'

Uses the default value of 'granted'. Applies to users that aren't in US or US-CA.

Important

Ensure the defaults you add to your page align with the expected behavior per region.

 

Testing Google Consent Mode

Testing the functionality of Google Consent Mode is crucial for ensuring compliance with data privacy regulations and providing a better user experience. Testing this functionality ensures that user consent is properly collected and tracked.

Checking the datalayer

The datalayer console command can be used to see the "consent" event that is triggered when the user provides or revokes consent for data processing in Google Consent Mode.

After using the datalayer console command, it is possible to see all the events that are being triggered on the domain. Within this list the "consent" event can be seen, which shows the default settings for Google Consent Mode and also any updates to these settings due to user interaction.

Before user interaction:

before_1.png

After user interaction:

after_1.png

If Google Tag Manager is being used, this "consent" event can also be tracked using the tag assistant preview mode available.

Before user interaction:

before_2.png

After user interaction:

after_2.png
 

Checking the Network Call

You can test whether Google Consent Mode is working as expected and check for the Google Consent State (GCS) value within the network call with the following steps:

  1. Visit the website that has implemented Google Consent Mode.

  2. Use the browser's Developer Tools to monitor network activity.

  3. Look for the network call to Google Analytics or Google Ads.

  4. Check for the gcs= parameter on URLs for consent status. The gcs parameter has the following format: gcs=G1[ad_storage][analytics_storage].

  5. Check for the correct gcs= parameter values based on the provided consent. The value for ad_storage and analytics_storage will be one of the following:

    Value

    Description

    G100

    Consent for both ad_storage and analytics_storage is denied.

    G110

    Consent is granted for ad_storage and denied for analytics_storage.

    G101

    Consent is denied for ad_storage and granted for analytics_storage.

    G111

    Consent for both ad_storage and analytics_storage is granted.

    G1--

    The site did not require consent for ad_storage or analytics_storage.

    For more information on testing, please see Google’s developer guide for Consent Mode.

    Example network call:

    network_call.png

    In this example, gcs=G100, which means consent is denied for both ad_storage and analytics_storage.

  6. Verify that Google services are behaving as expected based on the user's consent status. For example, if the user has not provided consent, certain types of data should not be collected by Google services.

 
 

Adding Additional Consent Checks to tags within Google Tag Manager

There may also be tags within the Tag Manager container that do not have built-in consent checks, so additional consent checks will need to be added if user consent is necessary.

Note

Adding additional consent checks is an alternative to the standard Google Tag Manager blocking method using active/blocking triggers.

Leverage the following instructions on how to add Additional Consent Checks to tags:

  1. Click Tags in the left-hand menu. A list of tags appears.

  2. Select the tag to which you want to add the additional consent checks.

    additional_consent_1.png
  3. In the Tag Configuration section, click Edit to open the tag editor.

  4. Click the Consent Settings selection menu in the Advanced Settings section.

  5. Select the Require additional consent for tag to fire option.

  6. Click the Add Required Consent button.

    additional_consent_2.png
  7. Input the storage type for which you want consent to be checked.

  8. Click on the Save button to save the changes to the tag.

 

Additional Consent Mode Resources

Google has provided additional information about Consent Mode in their documentation here. Refer to the Goggle Consent Mode overview for detailed information about tag behavior by consent type and consent state.

Please reach out to a Google support resource for any additional information.

Additionally, please see the OneTrust Cookies, Cookie Blocking via Google Tag Manager, and Google Consent Mode Implementation Webinar and Previously Recorded Cookie Consent Office Hours.

 
 
 
Article Visibility
129,862
Translation
English
Checked

Powered by