Google Consent Mode will evolve in March 2024!
As Google strongly recommends the use of Consent Mode on their tags, Commanders Act has developed a new built-in feature for clients who wish to implement it.
Just use our new native feature for a super smooth implementation! Please read the following documentation to learn more about this new feature, and how to use it. If you have already implemented Consent Mode v1 using our tag template and would like to keep it, you can update it on v2. Please see the following section for instructions: Migration Guide Consent Mode v1 tag template to v2
Please note: Google only requires a validated consent signal only for EEA countries and UK.
Implementing Google Consent Mode in regions beyond may negatively impact campaign performance and is not recommended.
Google Consent Mode provides 2 approaches: Basic & Advanced In both cases, you will have to activate the feature Google Consent Mode on your account. The only difference will be the following: Basic Mode: Google tags aren't triggered before consent & remains submitted to Commanders Act Consent Rules, there will be no tags firing in case of Optout Advanced Mode: Google tags are triggered before consent & the collected data will depend on the Consent Mode Signal. Tags remains fired even when user has Optout.
Just follow these 6 steps:
Login on your workspace
Go on page Data Governance > Consent Management > Settings
Turn On the option Google Consent Mode. The sub-menu "Google Consent Mode settings" will appears
Select your appropriate Privacy category from the drop-down list for each Google's category.
The Default Status will determine the behaviour of your tags BEFORE consent. If set on "denied": Google will collect minimum information (as if the user has Optout) If set on "granted": Google will collect all information (as if the user has Optin) *You should ask to your DPO before to set a "granted" default status for any of theses categories
In all cases: once the user has given his consent (optin or optout), the default status will no longer apply. The user's choice will determine the status after consent.
If you do not set a category, the status will always be "denied". The "Default Status" dropdown menu will no longer be displayed. Example below for "security_storage" with no privacy category assigned:
enable_tcf_support
If you use TCF 2.2 CMP template: TCData update (TCData.enableAdvertiserConsentMode) allows Google to infer ad_storage, ad_personalization, and ad_user_data settings from the TC string. This will incorporate consent mode v2 updates directly into the TC string.
Enable the feature tcf_support to let your IAB TCF privacy banner manage the advertising categories.
*Google recommends to activate this feature if your website use an IAB TCF banner template
Don't forget to add your Google associated Vendors (see dedicated documentation for more details)
wait_for_update Enabling this optional feature will send a signal to Google's tags to wait for an update. Enter a value in milliseconds to control the waiting time before the data is sent. This can be useful if you are experiencing timing issues. Otherwise, you can leave it blank!
ads_data_redaction set ads_data_redaction to ON to further redact your advertising data when "ad_storage" is "denied"
url_passthrough URL passthrough option can be used to send event and session-based analytics (including conversions) without cookies across pages.
Sources > Privacy Banners > Select your banner(s)
Go at the edition step of your privacy banner, open the settings menu to turn ON Google Consent Mode Signal
The privacy setup is done! You can now Generate and Deploy your Privacy Banner. *At this point, Consent Mode will not affect the behaviour of your tags. Please follow the next steps!
The activation of this option will automatically add an Google Policy URL, it's a legal requirement for using Google Consent Mode on your website. Feel free to adapt your introduction text if needed
To setup the version "Advanced" of the Consent Mode, remove Commanders Act Privacy rules from all the Google tags, now it's managed by Google Consent Mode
Data Governance > Consent Management > Categories see tab assign tags
- Remove the privacy constraints from Google tags
- Save
For Basic Consent Mode, skip the step 4! Keep your Privacy rules applied on your tags
Go on Sources > WebContainers > generation step
For a single container setup, generate your container with privacy banner(s) included
For a multiple container setup, generate all your containers. The privacy banner(s) must be linked to the first loaded container to ensure that the Consent Mode signal is always sent correctly.
If you was using the Consent Mode v1 tag, don't forget to delete or deactivate it! It's useless now.
What about the triggers ?
The consent mode is compatible with the container loaded trigger. If your Google tags are already set to this, it will work without any trigger modification
But we also provide a custom trigger, if needed! When a Consent Mode signal is sent, our product pushes tC.event.consent_signal_ready You can use it to trigger your tags.
If your site is an SPA, you can keep your tC.event.page/pageview... as trigger for your Google tags. The same goes for your click/scroll tags.
We recommend to test you setup on a UAT environment if possible.
There's 3 different ways to verify your Consent Mode setup:
The easiest way to verify your setup is using the Tag Assistant plugin provided by Google. The "Consent" event should always be sent before any hits from the tags The status "On-page Default" should be the same then the ones you setup at the step 2
After Consent, the "On-page Update" status should correspond to the consent given on the privacy banner
Feel as a developer? You can also look into the console to verify the Google arguments pushed in dataLayer Google.
Type dataLayer then press Enter
One last method to verify your setup is possible: check into the payload of your hits in the network. The consent status is fed by the "gcd" parameter
gcd is included in all hits to Google services, even if Consent Mode isn’t active.
It encodes values for four consent signals (ad_storage, analytics_storage, ad_user_data, and ad_personalization), and it includes information how the consent signal was generated.
The format of the string is this:
&gcd=11<ad_storage>1<analytics_storage>1<ad_user_data>1<ad_personalization>5
The string starts with 11, uses 1 to separate the different consent signals, and ends with a number like 5 (or sometimes something else) to mark the end.
To help you ensure that the consent signal is sent before your Google tags, we offer a method to get logs in the browser console
tC.privacy.explainGCMSequencingValidation()
If the Consent is set before any Google tags triggered, you will obtain the log
'valid sequencing'
If Google tags are triggered before the Consent is set, then your implementation is incorrect. The log will returns the value
'Consent is set too late, Google tags are triggered before consent set. Please verify your Consent Mode sequencing'
Need a boolean value for specific use cases ?
Use tC.privacy.validateGCMSequencing()
Will simply return true if your sequencing is correct, otherwise the result will be false
If Google tags haven't been fired yet, the result will always be "false". To get a "valid sequencing" result, Google tags must have been fired at least once.
In case of setup modification, such as activation/deactivation of a parameter, mapping changes on categories, etc.... Web Containers & Privacy banners must be regenerated & deployed.
Google Consent Mode allows the consent management only for the declared Region(s) Our native feature does not include this parameter, for web performance reasons. If you need to use this parameter, we recommend using our TMS Tag template. Please refer to the next section of documentation for configuration details.
Still facing trouble shooting on your implementation, and looking for help ? Contact our technical support team ! Since we certified as Google CMP Partner, we provide a dedicated email support : cact_support_cmp_google@commandersact.com They will ever gave you a personalized reply to your questions!
For customers who has already implemented the Consent Mode v1: You can activate the built in feature as described above (don't forget to deactivate your actual consent mode tag) However, if you really want to keep your actual setup and simply update your tag, then you can refer to this documentation!
Summarizing all recommended steps:
Access your Commanders Act account.
Update your tag template.
Test and deploy your container(s).
Go on page "Sources" > "Web containers"
Select you "Google Consent Mode with Trust" tag.
Update the js code block of your tag with the following code, then save to obtain the new fields
You can do your mapping on the new fields & Save again your tag
Set the by default status of the *new categories (denied or granted)
Enter the ID of your privacy categories to link them with the Google's *new categories
If needed, you can find your privacy ID on the page Data Governance > Consent Management > Categories
Don't forget to save your settings
Go on page Source > Privacy Banners > edition step
LEGAL REQUIREMENT
Add the following link to the Google Consent Mode Policy in your Privacy Center or in your Vendors menu
https://policies.google.com/privacy
Don't forget to generate & deploy your privacy banner(s) once you've made this additional setting.
You can now Generate & Deploy your privacy banner(s)
You are up to date, you can test your settings on your website. Don't hesitate to refer at the test step above to get tips & tricks.
| Letter | Description | Example value | Meaning |
|---|---|---|---|
l
The lowercase L means that the signal has not been set with Consent Mode
11l1p1l1l5
only analytics_storage has been denied by default
p
denied by default (no update)
11p1p1p1p5
all consent states are denied by default
q
denied both by default and after update
11p1q1p1p5
the user updated their consent choice to set analytics_storage to denied after it was already set to denied by default
t
granted by default (no update)
11t1t1t1t5
all consent states are granted by default
r
denied by default and granted after update.
11r1r1r1r5
the user grants consent to all services after they were first denied by default
m
denied after update (no default)
11p1m1p1p5
all other states were denied by default, but analytics_storage was only set after the user denied it
n
granted after update (no default)
11n1n1n1n5
the site did not set a default consent state and instead set all states to granted after the user chose so
u
granted by default and denied after update.
11u1u1u1u5
the user withdrew all consents after they were set to granted by default
v
granted both by default and after update.
11v1v1v1v5
all states were granted by default and by user confirmation
