Google Consent Mode in Commanders Act CMP

Introduction

Google Consent Mode will evolve in March 2024!

As Google strongly recommends the use of Consent Mode on their tags, Commanders Act has developed a new built-in feature for clients who wish to implement it.

Just use our new native feature for a super smooth implementation! Please read the following documentation to learn more about this new feature, and how to use it. If you have already implemented Consent Mode v1 using our tag template and would like to keep it, you can update it on v2. Please see the following section for instructions: Migration Guide Consent Mode v1 tag template to v2

Difference between Basic & Advanced mode

Google Consent Mode provides 2 approaches: Basic & Advanced In both cases, you will have to activate the feature Google Consent Mode on your account. The only difference will be the following: Basic Mode: Google tags aren't triggered before consent & remains submitted to Commanders Act Consent Rules, there will be no tags firing in case of Optout Advanced Mode: Google tags are triggered before consent & the collected data will depend on the Consent Mode Signal. Tags remains fired even when user has Optout.

Just follow these 6 steps:

1- Activate the feature on your workspace

Login on your workspace Go on page Data Governance > Consent Management > SettingsTurn On the option Google Consent Mode. The sub-menu "Google Consent Mode settings" will appears

2-Configure your settings

Default Status

The Default Status will determine the behaviour of your tags BEFORE consent. If set on "denied": Google will collect minimum information (as if the user has Optout) If set on "granted": Google will collect all information (as if the user has Optin) *You should ask to your DPO before to set a "granted" default status for any of theses categories

In all cases: once the user has given his consent (optin or optout), the default status will no longer apply. The user's choice will determine the status after consent.

If you do not set a category, the status will always be "denied". The "Default Status" dropdown menu will no longer be displayed. Example below for "security_storage" with no privacy category assigned:

Additional Settings

enable_tcf_support Enable the feature tcf_support to let your IAB TCF privacy banner manage the advertising categories.
wait_for_update Enabling this optional feature will send a signal to Google's tags to wait for an update. Enter a value in milliseconds to control the waiting time before the data is sent. This can be useful if you are experiencing timing issues. Otherwise, you can leave it blank!
ads_data_redaction set ads_data_redaction to ON to further redact your advertising data when "ad_storage" is "denied"
url_passthrough URL passthrough option can be used to send event and session-based analytics (including conversions) without cookies across pages.

3-Activate the feature on your privacy banner(s)

Sources > Privacy Banners > Select your banner(s)Go at the edition step of your privacy banner, open the settings menu to turn ON Google Consent Mode Signal

The privacy setup is done! You can now Generate and Deploy your Privacy Banner. *At this point, Consent Mode will not affect the behaviour of your tags. Please follow the next steps!

The activation of this option will automatically add an Google Policy URL, it's a legal requirement for using Google Consent Mode on your website. Feel free to adapt your introduction text if needed

4- Advanced Mode: Remove your privacy constraints from Google tags

To setup the version "Advanced" of the Consent Mode, remove Commanders Act Privacy rules from all the Google tags, now it's managed by Google Consent Mode Data Governance > Consent Management > Categories see tab assign tags- Remove the privacy constraints from Google tags - Save

For Basic Consent Mode, skip the step 4! Keep your Privacy rules applied on your tags

5-Generate your container(s)

Go on Sources > WebContainers > generation step For a single container setup, generate your container with privacy banner(s) included

For a multiple container setup, generate all your containers. The privacy banner(s) must be linked to the first loaded container to ensure that the Consent Mode signal is always sent correctly.

If you was using the Consent Mode v1 tag, don't forget to delete or deactivate it! It's useless now.

What about the triggers ?

The consent mode is compatible with the container loaded trigger. If your Google tags are already set to this, it will work without any trigger modification

But we also provide a custom trigger, if needed! When a Consent Mode signal is sent, our product pushes tC.event.consent_signal_ready You can use it to trigger your tags.

If your site is an SPA, you can keep your tC.event.page/pageview... as trigger for your Google tags. The same goes for your click/scroll tags.

6-Tests & deployment

Deployment

We recommend to test you setup on a UAT environment if possible.

Test your configuration

There's 3 different ways to verify your Consent Mode setup:

The easiest way to verify your setup is using the Tag Assistant plugin provided by Google. The "Consent" event should always be sent before any hits from the tags The status "On-page Default" should be the same then the ones you setup at the step 2

After Consent, the "On-page Update" status should correspond to the consent given on the privacy banner

Feel as a developer? You can also look into the console to verify the Google arguments pushed in dataLayer Google. Type dataLayer then press Enter

One last method to verify your setup is possible: check into the payload of your hits in the network. The consent status is fed by the "gcd" parameter

Possibles values for gcd parameter

gcd is included in all hits to Google services, even if Consent Mode isn’t active.

It encodes values for four consent signals (ad_storage, analytics_storage, ad_user_data, and ad_personalization), and it includes information how the consent signal was generated.

The format of the string is this:

&gcd=11<ad_storage>1<analytics_storage>1<ad_user_data>1<ad_personalization>5

The string starts with 11, uses 1 to separate the different consent signals, and ends with a number like 5 (or sometimes something else) to mark the end.

Letter Description Example value Meaning

Letter	Description	Example value	Meaning
`l`	The lowercase L means that the signal has not been set with Consent Mode	`11l1p1l1l5`	only analytics_storage has been denied by default
`p`	denied by default (no update)	`11p1p1p1p5`	all consent states are denied by default
`q`	denied both by default and after update	`11p1q1p1p5`	the user updated their consent choice to set analytics_storage to denied after it was already set to denied by default
`t`	granted by default (no update)	`11t1t1t1t5`	all consent states are granted by default
`r`	denied by default and granted after update.	`11r1r1r1r5`	the user grants consent to all services after they were first denied by default
`m`	denied after update (no default)	`11p1m1p1p5`	all other states were denied by default, but analytics_storage was only set after the user denied it
`n`	granted after update (no default)	`11n1n1n1n5`	the site did not set a default consent state and instead set all states to granted after the user chose so
`u`	granted by default and denied after update.	`11u1u1u1u5`	the user withdrew all consents after they were set to granted by default
`v`	granted both by default and after update.	`11v1v1v1v5`	all states were granted by default and by user confirmation

l

The lowercase L means that the signal has not been set with Consent Mode

11l1p1l1l5

only analytics_storage has been denied by default

p

denied by default (no update)

11p1p1p1p5

all consent states are denied by default

q

denied both by default and after update

11p1q1p1p5

the user updated their consent choice to set analytics_storage to denied after it was already set to denied by default

t

granted by default (no update)

11t1t1t1t5

all consent states are granted by default

r

denied by default and granted after update.

11r1r1r1r5

the user grants consent to all services after they were first denied by default

m

denied after update (no default)

11p1m1p1p5

all other states were denied by default, but analytics_storage was only set after the user denied it

n

granted after update (no default)

11n1n1n1n5

the site did not set a default consent state and instead set all states to granted after the user chose so

u

granted by default and denied after update.

11u1u1u1u5

the user withdrew all consents after they were set to granted by default

v

granted both by default and after update.

11v1v1v1v5

all states were granted by default and by user confirmation

FAQ

Modification/Update Configuration

In case of setup modification, such as activation/deactivation of a parameter, mapping changes on categories, etc.... Web Containers & Privacy banners must be regenerated & deployed.

Parameter "Region"

Google Consent Mode allows the consent management only for the declared Region(s) Our native feature does not include this parameter, for web performance reasons. If you need to use this parameter, we recommend using our TMS Tag template. Please refer to the next section of documentation for configuration details.

Migration guide

For customers who has already implemented the Consent Mode v1: You can activate the built in feature as described above (don't forget to deactivate your actual consent mode tag) However, if you really want to keep your actual setup and simply update your tag, then you can refer to this documentation!

Summarizing all recommended steps:

Access your Commanders Act account.
Update your tag template.
Test and deploy your container(s).

Update your tag template

Go on page "Sources" > "Web containers"Select you "Google Consent Mode with Trust" tag.

Update the js code block of your tag with the following code, then save to obtain the new fields

code snippet to update

<script language="javascript">
window.dataLayer = window.dataLayer || [];
var gtag = function (){
	dataLayer.push(arguments);
};
tC.internalvars.getRegion = function(a){
	a = a.toString().replace(/\s/g, '');
	a = a.split(",");
	return a;
};
tC.internalvars.setRegion = function(a) {
	tC.internalvars.regionArray = tC.internalvars.getRegion(a);
	if (((typeof tC.privacy.isEnable !== "undefined") && tC.privacy.isEnable()) && (tC.internalvars.regionArray.length > 0) && (tC.internalvars.regionArray[0] !== "") && (typeof tC.internalvars.consentSettings !== "undefined")) {
		tC.internalvars.consentSettings.region = tC.internalvars.regionArray;
		return true;
	} else return false;
};
tC.internalvars.setWait = function(a){
	if (((typeof tC.privacy.isEnable !== "undefined") && tC.privacy.isEnable()) && (isNaN(parseInt(a, 10)) === false) && (parseInt(a, 10) > 0) && (typeof tC.internalvars.consentSettings !== "undefined")) {
    	tC.internalvars.consentSettings.wait_for_update = parseInt(a, 10);
      	return true;
    } else return false;
};
tC.internalvars.setConsentCommand = function(a, b, c){
	tC.internalvars.isRegionSet = tC.internalvars.setRegion(b);
	tC.internalvars.isDelaySet = tC.internalvars.setWait(c);
  	if (((typeof tC.privacy.isEnable !== "undefined") && tC.privacy.isEnable()) && (tC.internalvars.isRegionSet || tC.internalvars.isDelaySet)){
    	return "default";
    }
  	if ((a.toString() === "default") || (a.toString() === "update")){
		return a;
	}
	if ((typeof tC.privacy.isEnable !== "undefined") && tC.privacy.isEnable()) return "default";
	else return "update";
	return "default";
};
gtag('set', 'developer_id.dOWVhY2', true);
tC.internalvars.consentSettings = {
	'ad_storage': (#DEFAULT_AD_CATEGORY# !== "")?#DEFAULT_AD_CATEGORY#:"denied",
	'analytics_storage': (#DEFAULT_ANALYTICS_CATEGORY# !== "")?#DEFAULT_ANALYTICS_CATEGORY#:"denied",
	'functionality_storage': (#DEFAULT_FUCTIONALITY_CATEGORY# !== "")?#DEFAULT_FUCTIONALITY_CATEGORY#:"denied",
	'personalization_storage': (#DEFAULT_PERSONALIZATION_CATEGORY# !== "")?#DEFAULT_PERSONALIZATION_CATEGORY#:"denied",
	'security_storage': (#DEFAULT_SECURITY_CATEGORY# !== "")?#DEFAULT_SECURITY_CATEGORY#:"denied",
  'ad_personalization':(#DEFAULT_AD_PERSONALIZATION_CATEGORY# !== "")?#DEFAULT_AD_PERSONALIZATION_CATEGORY#:"denied",
  'ad_user_data':(#DEFAULT_AD_USER_DATA_CATEGORY# !== "")?#DEFAULT_AD_USER_DATA_CATEGORY#:"denied" 
}
console.log(tC.internalvars.consentSettings);
console.log("REGION: " + #REGION#);
console.log("WAIT_FOR_UPDATE: " + #WAIT_FOR_UPDATE#);
// Default command on page load
console.log("INFO: default command");
gtag('consent', tC.internalvars.setConsentCommand("default", #REGION#, #WAIT_FOR_UPDATE#), tC.internalvars.consentSettings);
tC.internalvars.ga_url_passthrough = #URL_PASSTHROUGH#;
tC.internalvars.ga_ads_data_redaction = #ADS_DATA_REDACTION#;
if ((typeof tC.internalvars.consentSettings !== "undefined") && (tC.internalvars.consentSettings.ad_storage === "denied")) {
	if ((tC.internalvars.ga_url_passthrough !== "") && ((tC.internalvars.ga_url_passthrough.toLowerCase() === "true") || (tC.internalvars.ga_url_passthrough.toLowerCase() === "false"))) {
		gtag('set', 'url_passthrough', (tC.internalvars.ga_url_passthrough.toLowerCase() === "true"));
	}
	if ((tC.internalvars.ga_ads_data_redaction !== "") && ((tC.internalvars.ga_ads_data_redaction.toLowerCase() === "true") || (tC.internalvars.ga_ads_data_redaction.toLowerCase() === "false"))) {
		gtag('set', 'ads_data_redaction', (tC.internalvars.ga_ads_data_redaction.toLowerCase() === "true"));
	}
}
tC.internalvars.setConsentUpdateCommand = function(result){
	tC.internalvars.consentSettings = {
	    'ad_storage': (result.consent.categories[#TRUST_AD_CATEGORY_ID#].status === "on") ? "granted" : "denied",
	    'analytics_storage': (result.consent.categories[#TRUST_ANALYTICS_CATEGORY_ID#].status === "on") ? "granted" : "denied",
	    'functionality_storage': (result.consent.categories[#TRUST_FUNCTIONALITY_CATEGORY_ID#].status === "on") ? "granted" : "denied",
	    'personalization_storage': (result.consent.categories[#TRUST_PERSONALIZATION_CATEGORY_ID#].status === "on") ? "granted" : "denied",
	    'security_storage': (result.consent.categories[#TRUST_SECURITY_CATEGORY_ID#].status === "on") ? "granted" : "denied",
	  'ad_personalization':(result.consent.categories[#TRUST_AD_PERSONALIZATION_CATEGORY_ID#].status === "on") ? "granted" : "denied",
  'ad_user_data':(result.consent.categories[#TRUST_AD_USER_DATA_CATEGORY_ID#].status === "on") ? "granted" : "denied"
    }
	console.log(tC.internalvars.consentSettings);
	console.log("REGION: " + #REGION#);
	console.log("WAIT_FOR_UPDATE: " + #WAIT_FOR_UPDATE#);
	// Update command on page load
	console.log("INFO: update command");
	gtag('consent', tC.internalvars.setConsentCommand("update", #REGION#, #WAIT_FOR_UPDATE#), tC.internalvars.consentSettings);
};
cact('consent.get', function (result) {
	if (result.consent.status !== "unset") {
      tC.internalvars.setConsentUpdateCommand(result);
	}
});
// Triggered on consent changes
cact('consent.onUpdate', function (result) {
  	tC.internalvars.setConsentUpdateCommand(result);
});
</script>

You can do your mapping on the new fields & Save again your tag

Set the by default status of the *new categories (denied or granted)

Enter the ID of your privacy categories to link them with the Google's *new categories If needed, you can find your privacy ID on the page Data Governance > Consent Management > Categories

Don't forget to save your settings