Tag Manager Analytics and EU Cookie Law Compliance

The specific exercise I’m going to go over in this topic may not apply to many that might read this article. However, I’d encourage you to skim it anyway, as there will still be some valuable information on using dataLayer variables to set up triggers that determine behavior based on cookies (or local storage, if you’re so inclined). What I’m talking about is using an EU cookie law compliance script on your website to effectively turn tracking on and off without completely disabling Tag Manager.

For the purposes of this article, the script I used was cookieCuttr, however very little would need to change for another script or if you rolled your own solution. If you are unfamiliar, the issue in question revolves around the privacy requirements for businesses operating in the EU to disclose their use of cookies, and ask the visitor for consent to save them. Most examples show you how to wrap your analytics or Tag Manager container code in a check from your cookie script to turn it on or off. This is, of course, an issue for Tag Manager since there are a lot of non-analytics, non-cookie oriented reasons to use it. In my case, I wanted a solution that would allow me to just disable specific tags related to the cookie requirement without impacting my ability to use Tag Manager wholesale.

cookieCutter gets things going by saving a pair of accept/decline cookies that save the user’s preference, which you can use to determine what loads on the site. So we’ll make a dataLayer variable that’ll serve as the transport component to get that setting off the site and into Tag Manager. That looks something like this:

The acceptsCookies variable

The acceptsCookies variable.

Here I default it to a binary boolean 1 (yes, if you look at the code below, it’s technically a string because that’s the currency of data in Tag Manager) for the default so I can be sure all our sites, including the ones not in the EU, aren’t disrupted. Obviously, you can use whatever you prefer.

Next, I toss the following simple chunk of JavaScript on the site just before Tag Manager loads so that it has the cookie preference value from the start.

// Set the default value we want to use; 1 for accept, 0 to refuse
var gimmeCookies = '1';
// Check to see if the user has declined cookies
if (jQuery.cookie('cc_cookie_decline') == 'cc_cookie_decline') {
  // Set the preference to false
  gimmeCookies = '0';
}
// Initialize our dataLayer array with the user's cookie preference
var dataLayer = [{ acceptsCookies: gimmeCookies }];
// YOUR GTM CONTAINER CODE WOULD GO HERE

Next we need to modify our trigger that would be used to fire off our analytics tracking. Normally, you’d just use a standard pageview trigger to do that. We use that, but add an additional Fire On condition to it to check our acceptsCookies variable from the dataLayer as well. Additionally, I would apply the same Fire On condition to any triggers used for things like event tracking and such. Basically, any trigger that is paired with an analytics tag or any other tag that would set a cookie would get that condition. In my above screenshot for instance, you might note that my variable is being used by the Button Clicks trigger as well, which is for a Google Universal Analytics based tag for event tracking.

The modified pageview trigger

The modified pageview trigger.

If you need help organizing these things, you can always make a folder in Tag Manager to identify the conditionally tracked elements. Finally, just set up your tag like normal, using your trigger that specifically checks the cookie setting value. Basically, there’s nothing different here aside from just not using a plain pageview trigger.

The tracking tag. Nothing special here.

The tracking tag. Nothing special here.

Ultimately, all the special sauce is in the script you choose to save the user’s cookie preference and the variable and trigger. This setup will now allow you to include Tag Manager on your site without prejudice, while maintaining the integrity of user preferences regarding cookie privacy. You can ensure that only the tags sensitive to the setting are disabled without stopping you from leveraging other features in Tag Manager.

Do you have a better or different approach? Leave it in the comments below!