Ethyca Home

How To: Configure Consent in Google Tag Manager (GTM)

A step-by-step technical guide for setting up opt-outs for CCPA's Data Sales in Google Tag Manager (GTM)

Suggest Edits

California's Consumer Privacy Act (CCPA), requires organizations to offer consumers the right to opt out of data processing for sales. CPRA, VCDPA, and CPA require organizations offer consumers the rights to opt out of data sharing or in to sensitive data processing.

This step-by-step guide walks you through how to configure Ethyca to automatically manage consent to Data Sales or Data Sharing for your users.

This guide focuses on the technical integration for "Do Not Sell"/"Do Not Share" and assumes you are already familiar with the steps for creating your Data Use Case and adding the necessary Consent Flags. These are both required steps for completing your implementation.

❗️

When implementing a use case for processing sensitive personal information, ensure that any third party integrations take the GROUP6 flag into account. If third parties collect sensitive personal information, this information cannot be processed without without explicit opt-in consent from the user.

Implementing Consent in Google Tag Manager (GTM) for Pixels & Tags

Step 1: Set Up a Custom Variable for Ethyca Consent Cookie

a) Create a new User-Defined Variable

b) Choose 1st Party Cookie as the type (see screenshot below):

1029

c) Set the Cookie Name to eth_cmp

d) Give the variable a suitable title, such as "Ethyca - ConsentCookie", as in the example shown below:

1021

Step 2: Set Up a Custom Variable

In order to ensure that consent is set for the user based on their current preferences, we must now create a user defined variable that checks in real-time the users current consent status from the Ethyca Consent Cookie.

a) Create a new User-Defined Variable

b) Choose Custom JavaScript as the type (see screenshot below):

1022

c) Give the variable a suitable title, such as "Ethyca - DataSales" or "Ethyca - DataSharing".

d) Copy the following Javascript into the custom javascript area. Be sure to replace the value {{Ethyca - ConsentCookie}} with the name you gave to your cookie variable in Step 1, above.

function(){  
     if({{Ethyca - ConsentCookie}} == null){  
     return true;  
     } else {  
     return JSON.parse(JSON.parse({{Ethyca - ConsentCookie}})).GROUP4;  
     }  
   }
1205

Step 3: Set Up a Custom Variable for configuring Restricted Data Processing for Google Ads: Ethyca "G Data Sales"

In order to configure Google's Restricted Data Processing flag for the pixel, we need to make minor updates to the Google Ads pixel.

a) Create a new User-Defined Variable

b) Choose Custom JavaScript as the type (see screenshot below):

1022

c) Give the variable a suitable title, such as "Ethyca - G DataSales" or "Ethyca - G DataSharing".

d) Copy the following Javascript into the custom javascript area. Be sure to replace the value {{Ethyca - ConsentCookie}} with the name you gave to your cookie variable in Step 1, above.

function(){  
     if({{Ethyca - ConsentCookie}} == null){  
     return false;  
     } else {  
     if(JSON.parse(JSON.parse({{Ethyca - ConsentCookie}})).GROUP4){  
     return false;  
     } else {  
     return true;  
     }  
     }  
   }
984

Step 4: Configuring Limited Data Use for Facebook

You need to make minor modifications to your pixel in order to implement the Facebook Limited Data Use flag as follows:

a) Edit your Facebook Pixel to add the following items:

938

b) Add the line below BEFORE fbq('init', '00000000000');

{{Ethyca - DataSales}} ? fbq('dataProcessingOptions', []) : fbq('dataProcessingOptions', ['LDU'], 1, 1000);

This line checks the value of Ethyca - DataSales and depending on whether it's true or false will opt a user out of dataProcessing for Facebook or include them in dataProcessing.

If your Facebook pixel is using the <noscript></noscript> for non-javascript browsers, please remove this from your pixel. Consent Management solutions, like Ethyca, rely on Javascript and this pixel would risk firing causing non-compliance. As such, if the following is present, please remove it:

<noscript><img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=000000000&ev=PageView&noscript=1"/></noscript>

c) Save your changes. You're all set for Facebook Limited Data Use!

Step 5: Configuring Restricted Data Processing for Google Ads

In order to configure Google's Restricted Data Processing flag for the pixel, we need to make minor updates to the Google Ads pixel. Please make sure you have completed Step 3 before proceeding.

a) Edit your Google Ads Pixel:

b) In the dropdown list labeled "Enable Restricted Data Processing", select the appropriate variable that you created in step 4 for Data Sales, in our case for this example it is Ethyca - G Data Sales.

c) Save your changes and repeat for any other Google Adsense or similar Google integrations that allow for restricted data processing options.

2000

Step 6: Configure Data Restrictions for Any Other Systems

As of the last date of authoring, the definition of "Data Sales" is still being vocally debated and, as such, many platform providers that implement pixels have not yet added suppression mechanisms for data sales. This may place your business at unnecessary risk of non-compliance.

We recommend ensuring pixels that do not have a built-in flag to suppress data use, should be set to not fire for a user that has opted out of Data Sales.

Create a Data Sales Consent Exclusion Trigger

To support most common trigger types on your site, you will need to create two exclusion triggers:

  1. Page View trigger used for any tags that are fired based on a page view/load.

  2. Custom Event used for any tags that are fired based on a custom event (e.g. "Add to Cart").

First we'll create the Page View trigger:

a) Create a new Trigger.

b) Choose Page View as the type (see screenshot below):

1067

c) Give the Trigger a name such as "Ethyca - PV Consent".

d) Check the radio button for "This trigger fires on" and select "Some Page Views"

e) Select the Ethyca - DataSales value and set the logical operator to equals and set the value to false as shown in the screenshot below:

998

Now we'll create the Custom Event trigger:

a) Create a new Trigger.

b) Choose Custom Event as the type (see screenshot below):

1146

c) Give the Trigger a name such as "Ethyca - CE Consent".

d) Set the Event Name to "Ethyca - ceConsent".

e) Check the radio button for "This trigger fires on" and select "Some Custom Events"

f) Select the Ethyca - DataSales value and set the logical operator to equals and set the value to false as shown in the screenshot below:

1008

Please Note: The same instructions will apply if you are managing pixels in a Window Loaded or DOM Event.

Lastly, we will apply the Exclusion Trigger to Relevant Tags

a) Select an existing tag to edit it, or create a new tag that you would like to provide exclusion based on consent.

b) Click to edit the list of Triggers and then click the "Add Exception" button as shown below:

1000

c) Add the appropriate trigger based on the label you provided in the Step 2, above, in our case, Ethyca - PV Consent, to add this trigger as an exception as shown below:

999

d) Save your tag and repeat Step 3, above, for any other tag you would like to suppress from firing based on the users consent.

Please note: Ensure you use the appropriate trigger type for your tag. If your primary firing trigger is Page View based, use the Page View exception trigger, if your primary firing trigger is Custom Event based, use the Custom Event exception trigger.

Technical Guide

Please visit each of the below support articles if your business manages pixels in any additional locations:

For QA instructions, check out our how to guide for testing Consent for CCPA's Data Sales.

Support

Please contact [email protected] if you have any questions regarding implementation.

Updated 6 months ago