Checking if Google Consent Mode is properly implemented
By using our application with Google Consent Mode integration enabled, gives you the ability to customize the behavior of your Google tags based on the consent given or not given by your users. You can specify whether consent has been granted for Analytics and/or Ads cookies, and Google's tags will dynamically adjust by using cookies only for the designated purposes or cookie categories. This serves as an alternative to script blocking.
Google Consent Mode (GCM) is a simple and trustworthy method for preventing Google scripts from setting cookies through Google Tag Manager or gtag. Despite its easy implementation, it can be challenging to confirm whether it has been correctly set up and functioning properly.
It's crucial to mention that only specific tags in Google Tag Manager have pre-installed consent checks. These are listed in the next figure.
When Consent Mode is activated, it will modify the functioning of these kinds of pings.
Consent status pings - Consent status pings are sent from each page the user visits where consent mode is implemented, as well as if the consent changes (e.g., if the user opts in). These pings communicate the consent state (i.e. granted or denied) for each consent type (e.g. ad storage, analytics storage).
Conversion pings - Conversion pings are sent to indicate that a conversion has occurred.
Google Analytics pings - Google Analytics pings are sent on each page of a website where Google Analytics is implemented and upon events being logged.
To verify the effectiveness of Consent Mode, you should examine three aspects:
Built-in consent tags are activated regardless of consent.
Google Tag Manager has recorded the default Consent Mode settings, and updated configurations are sent to the dataLayer when consent preferences are identified.
Cookies are not created prior to consent or after opting out.
These checks will assist you in evaluating whether Google Consent Mode has been properly implemented and is operating appropriately.
To accomplish this, you have two options: utilize the preview mode in Google Tag Manager, or if you lack access to it, install the Google Tag Assistant browser extension. In this guide, we will be employing the latter, which can be downloaded at: https://get.google.com/tagassistant/
Our next step is to verify if tags were activated before obtaining consent by utilizing Google Tag Assistant. This will confirm if the approved tags have been executed. In this instance, we can affirm that both Google Tag Manager and Google Analytics were loaded.
Note: there shouldn't be added other supported tags to this list after consent submission.
Upon loading a page before acquiring consent, the Google Consent Mode settings must be accurately recorded in Google Tag Manager. With our integration for Google Consent Mode the default settings will be transmitted to the dataLayer. Therefore, here is a script that enables you to examine the registered consent preferences in Google Tag Manager:
Having the Google Consent Mode integration active from inside our application means that you should see these settings in the dataLayer, before anything else.
Checking the contents of the dataLayer can be done by simply executing the command dataLayer in the console, or using this script to make it a bit easier to read:
The output should look similar to this (Google Consent Mode settings in bold):
{"set","ads_data_redaction",true}
{"set","url_passthrough",true}
{"consent","default",{"ad_storage":"denied","analytics_storage":"denied","functionality_storage":"denied","personalization_storage":"denied","security_storage":"granted","wait_for_update":500}}
{"event":"Pandectes_Consent_Update","pandectes_status":"deny","pandectes_categories":{"C000":"allow","C001":"deny","C002":"deny","C003":"deny"},"gtm.uniqueEventId":4}
{"gtm.start":1676370384330,"event":"gtm.js","gtm.uniqueEventId":5}
{"event":"sh_info","page_type":"Homepage","page_currency":"EUR","user":{"type":"visitor"},"gtm.uniqueEventId":6}
{"event":"gtm.dom","gtm.uniqueEventId":7}
{"event":"gtm.load","gtm.uniqueEventId":8}
After consent has been given for all types of cookies, the dataLayer will contain both the initial, and updated Google Consent Mode settings (GCM in bold):
{"set","ads_data_redaction",true}
{"set","url_passthrough",true}
{"consent","default",{"ad_storage":"denied","analytics_storage":"denied","functionality_storage":"denied","personalization_storage":"denied","security_storage":"granted","wait_for_update":500}}
{"event":"Pandectes_Consent_Update","pandectes_status":"deny","pandectes_categories":{"C000":"allow","C001":"deny","C002":"deny","C003":"deny"},"gtm.uniqueEventId":4}
{"gtm.start":1676370384330,"event":"gtm.js","gtm.uniqueEventId":5}
{"event":"sh_info","page_type":"Homepage","page_currency":"EUR","user":{"type":"visitor"},"gtm.uniqueEventId":6}
{"event":"gtm.dom","gtm.uniqueEventId":7}
{"event":"gtm.load","gtm.uniqueEventId":8}
{"consent","update",{"ad_storage":"granted","analytics_storage":"granted","functionality_storage":"granted","personalization_storage":"granted","security_storage":"granted"}}
{"event":"Pandectes_Consent_Update","pandectes_status":"allow","pandectes_categories":{"C0000":"allow","C0001":"allow","C0002":"allow","C0003":"allow"},"gtm.uniqueEventId":10}
{"event":"gtm.triggerGroup","gtm.triggers":"9024031_93,9024031_140,9024031_255","gtm.uniqueEventId":11}
{"js","2023-02-14T10:26:32.900Z"}
This is the most challenging aspect. To ensure that no cookies were previously established or transported from another domain, we must confirm that there are no existing cookies.
To guarantee this, you can use incognito mode while browsing or manually erase cookies by accessing the Developer tools (F12 or Ctrl + Shift + i) and navigating to the Application → Cookies section.
Before granting consent, navigate through a few pages and click on various links. During this time, you should not notice the creation of the _ga, _gid, or _gat cookies.
If the preceding two checks have been executed correctly, it is improbable that you will observe the aforementioned cookies being established before obtaining consent. However, if you do, it is likely that you are adding them through an inline script, such as analytics.js, which does not support Consent Mode.
After completing the previously outlined steps, you may find that your data does not align with your expectations. We receive many inquiries regarding this issue, but unfortunately, we cannot offer assistance in this area.
Google Consent Mode is primarily an API that our application uses to transmit consent information to Google Tag Manager. The manner in which a tag should interpret this data is beyond our scope. Although we can ensure that our application appropriately transmits consent settings and that Google Tag Manager accurately receives them, we have no knowledge of how tags utilize this data.
We cannot provide insight into how Google Analytics should react when presented with the Consent Mode directives, nor can we speak on Google's behalf about what data should be recorded. While this may appear unhelpful, we cannot modify the data logging process in Google Analytics from our end. Our application and Google Consent Mode integration are only responsible for setting and updating the consent status in Google Tag Manager, respectively. For more information on Consent Mode and tag behavior, please consult Google's Consent Mode documentation.
If you want to deactivate Google Consent Mode integration, please just disable it from the integration.
Google Consent Mode (GCM) is a simple and trustworthy method for preventing Google scripts from setting cookies through Google Tag Manager or gtag. Despite its easy implementation, it can be challenging to confirm whether it has been correctly set up and functioning properly.
It's crucial to mention that only specific tags in Google Tag Manager have pre-installed consent checks. These are listed in the next figure.
When Consent Mode is activated, it will modify the functioning of these kinds of pings.
Consent status pings - Consent status pings are sent from each page the user visits where consent mode is implemented, as well as if the consent changes (e.g., if the user opts in). These pings communicate the consent state (i.e. granted or denied) for each consent type (e.g. ad storage, analytics storage).
Conversion pings - Conversion pings are sent to indicate that a conversion has occurred.
Google Analytics pings - Google Analytics pings are sent on each page of a website where Google Analytics is implemented and upon events being logged.
To verify the effectiveness of Consent Mode, you should examine three aspects:
Built-in consent tags are activated regardless of consent.
Google Tag Manager has recorded the default Consent Mode settings, and updated configurations are sent to the dataLayer when consent preferences are identified.
Cookies are not created prior to consent or after opting out.
These checks will assist you in evaluating whether Google Consent Mode has been properly implemented and is operating appropriately.
1. Checking if tags fire
To accomplish this, you have two options: utilize the preview mode in Google Tag Manager, or if you lack access to it, install the Google Tag Assistant browser extension. In this guide, we will be employing the latter, which can be downloaded at: https://get.google.com/tagassistant/
"Pandectes" in window
? Pandectes.consent.status && Pandectes.fn.revokeConsent()
: console.warn("Pandectes methods are not available!");Our next step is to verify if tags were activated before obtaining consent by utilizing Google Tag Assistant. This will confirm if the approved tags have been executed. In this instance, we can affirm that both Google Tag Manager and Google Analytics were loaded.
Note: there shouldn't be added other supported tags to this list after consent submission.
Checking the Consent Mode settings
Upon loading a page before acquiring consent, the Google Consent Mode settings must be accurately recorded in Google Tag Manager. With our integration for Google Consent Mode the default settings will be transmitted to the dataLayer. Therefore, here is a script that enables you to examine the registered consent preferences in Google Tag Manager:
(() => {
l = s => s == undefined ? "" : s ? "granted" : "denied";
c = s => s == "granted" ? "color: #0C0": "color: #C00";
if (!"google_tag_data" in window) {
console.log("No Google Consent Mode data found");
return;
}
var g = google_tag_data.ics.entries,
i = "",
t = "",
u = "";
for (var a in g) {
i = l(g[a]['initial']);
u = l(g[a]['update']);
if (i == "" && u == "") continue;
t = ("\t" + a + ":" +
(i != "" ? "\n\t\tDefault: %c" + i : "%c")
+ "%c" +
(u != "" ? "\n\t\tUpdate: %c" + u : "%c"));
console.log(t, i != "" ? c(i) : "",
"", u != "" ? c(u) : "", "");
}
if (i == "") console.log("No default Google Consent settings found");
})()Having the Google Consent Mode integration active from inside our application means that you should see these settings in the dataLayer, before anything else.
Checking the contents of the dataLayer can be done by simply executing the command dataLayer in the console, or using this script to make it a bit easier to read:
(function(w, d, t) {
for (i of w[d])
t += JSON.stringify(i).replaceAll(/\"\d{1,}\":/g, "") + "\n";
console.log(t);
})(window, "dataLayer", "")The output should look similar to this (Google Consent Mode settings in bold):
{"set","ads_data_redaction",true}
{"set","url_passthrough",true}
{"consent","default",{"ad_storage":"denied","analytics_storage":"denied","functionality_storage":"denied","personalization_storage":"denied","security_storage":"granted","wait_for_update":500}}
{"event":"Pandectes_Consent_Update","pandectes_status":"deny","pandectes_categories":{"C000":"allow","C001":"deny","C002":"deny","C003":"deny"},"gtm.uniqueEventId":4}
{"gtm.start":1676370384330,"event":"gtm.js","gtm.uniqueEventId":5}
{"event":"sh_info","page_type":"Homepage","page_currency":"EUR","user":{"type":"visitor"},"gtm.uniqueEventId":6}
{"event":"gtm.dom","gtm.uniqueEventId":7}
{"event":"gtm.load","gtm.uniqueEventId":8}
After consent has been given for all types of cookies, the dataLayer will contain both the initial, and updated Google Consent Mode settings (GCM in bold):
{"set","ads_data_redaction",true}
{"set","url_passthrough",true}
{"consent","default",{"ad_storage":"denied","analytics_storage":"denied","functionality_storage":"denied","personalization_storage":"denied","security_storage":"granted","wait_for_update":500}}
{"event":"Pandectes_Consent_Update","pandectes_status":"deny","pandectes_categories":{"C000":"allow","C001":"deny","C002":"deny","C003":"deny"},"gtm.uniqueEventId":4}
{"gtm.start":1676370384330,"event":"gtm.js","gtm.uniqueEventId":5}
{"event":"sh_info","page_type":"Homepage","page_currency":"EUR","user":{"type":"visitor"},"gtm.uniqueEventId":6}
{"event":"gtm.dom","gtm.uniqueEventId":7}
{"event":"gtm.load","gtm.uniqueEventId":8}
{"consent","update",{"ad_storage":"granted","analytics_storage":"granted","functionality_storage":"granted","personalization_storage":"granted","security_storage":"granted"}}
{"event":"Pandectes_Consent_Update","pandectes_status":"allow","pandectes_categories":{"C0000":"allow","C0001":"allow","C0002":"allow","C0003":"allow"},"gtm.uniqueEventId":10}
{"event":"gtm.triggerGroup","gtm.triggers":"9024031_93,9024031_140,9024031_255","gtm.uniqueEventId":11}
{"js","2023-02-14T10:26:32.900Z"}
Checking if cookies were set
This is the most challenging aspect. To ensure that no cookies were previously established or transported from another domain, we must confirm that there are no existing cookies.
To guarantee this, you can use incognito mode while browsing or manually erase cookies by accessing the Developer tools (F12 or Ctrl + Shift + i) and navigating to the Application → Cookies section.
Before granting consent, navigate through a few pages and click on various links. During this time, you should not notice the creation of the _ga, _gid, or _gat cookies.
If the preceding two checks have been executed correctly, it is improbable that you will observe the aforementioned cookies being established before obtaining consent. However, if you do, it is likely that you are adding them through an inline script, such as analytics.js, which does not support Consent Mode.
Why data that appear maybe inaccurate?
After completing the previously outlined steps, you may find that your data does not align with your expectations. We receive many inquiries regarding this issue, but unfortunately, we cannot offer assistance in this area.
Google Consent Mode is primarily an API that our application uses to transmit consent information to Google Tag Manager. The manner in which a tag should interpret this data is beyond our scope. Although we can ensure that our application appropriately transmits consent settings and that Google Tag Manager accurately receives them, we have no knowledge of how tags utilize this data.
We cannot provide insight into how Google Analytics should react when presented with the Consent Mode directives, nor can we speak on Google's behalf about what data should be recorded. While this may appear unhelpful, we cannot modify the data logging process in Google Analytics from our end. Our application and Google Consent Mode integration are only responsible for setting and updating the consent status in Google Tag Manager, respectively. For more information on Consent Mode and tag behavior, please consult Google's Consent Mode documentation.
If you want to deactivate Google Consent Mode integration, please just disable it from the integration.
Updated on: 14/02/2023
Thank you!