Deployment
/
Understanding & Configuring Google Consent Mode (GCM) V2

Understanding & Configuring Google Consent Mode (GCM) V2

Google Consent Mode V2 allows websites to adjust how and when data is shared with Google based on user consent collected via the Concord Consent Banner & Privacy Center. This article explains what Google Consent Mode (GCM) V2 is, how it works, and steps you through how to enable GCM in your Concord organization.

Our simplified setup integrates with Google in the following ways:

  • Based on the user’s geographical location, privacy laws in that region, and your consent settings in Concord, we are typically configured to block all non-essential cookies and scripts until the user grants consent. The GCM integration allows for a few different options that determine how and when Google tags are allowed and what data is shared with them and when.
  • Regardless of the chosen GCM Mode (Basic vs. Advanced modes are discussed in more detail below), when enabled and once consent is granted, Concord automatically shares the user's consent preferences with Google, which changes the behavior of Google services based on these preferences. This works with both Google Tag (gtag) and Google Tag Manager (GTM) implementations.

What is Google Consent Mode V2?

Google Consent Mode v2 is an updated framework by Google that helps adjust data collection practices based on user consent, ensuring compliance with privacy laws like the General Data Protection Regulation (GDPR). Features of this framework include:

  • Implementation: Website owners can integrate Consent Mode to handle user consent for cookies used by Google Ad Manager.
  • Integration: The framework seamlessly works with Ad Manager and other Google products, adapting reporting and data collection practices based on consent preferences.
  • Functionality: When consent is not given, Consent Mode can be setup to allow cookieless tracking that uses anonymous or aggregated data, allowing for consent based data gaps to be filled using that cookieless data coupled with machine learning.
  • Benefits: This approach helps balance privacy requirements with effective advertising and analytics, providing flexibility in managing user consent.

Google Consent Mode V2 works by modifying how Google tags behave based on user consent. The 7 parameters used in GCM V2 are:

  • ad_storage: Enables storage, such as cookies, related to advertising.
  • analytics_storage: Enables storage, such as cookies, related to analytics (for example, visit duration).
  • functionality_storage: Enables storage that supports the functionality of the website or app such as language settings.
  • personalization_storage: Enables storage related to personalization such as video recommendations.
  • security_storage: Enables storage related to security such as authentication functionality, fraud prevention, and other user protection.
  • ad_user_data: Sets consent for sending user data to Google for online advertising purposes. This was newly added in V2.
  • ad_personalization: Sets consent for personalized advertising. This was newly added in V2.

How to Enable Basic or Advanced Modes for Google Consent Mode V2 in Concord

You can pick from three different modes when enabling Google Consent Mode V2 in Concord:

  • Disabled: Concord functions normally, blocking any Google tags until consent is received based on your standard consent and tracker settings. After user consent is received, no consent data is synced with Google.
  • Basic Mode: Basic Consent Mode offers a simplified privacy friendly option to sync data with Google. Google tags remain inactive until the user interacts with the consent banner. Once users consent, Google tags are enabled, consent data is synced, and Google begins collecting data based on the user’s consent settings. Without consent, no data is sent to Google, and Google Ads relies on a general conversion model. This is the recommended mode for most companies.
  • Advanced Mode: Advanced Consent Mode offers a more robust option that shares additional data with Google prior to consent. Google tags load immediately and while waiting for user consent, a minimal amount of cookieless measurement data is sent to Google to allow for more accurate conversion modeling. Once consent is granted, full measurement data is then sent to Google based on each user’s consent settings. This mode provides additional data insights, but is not as privacy-friendly as Basic Mode, so we recommend Basic Mode for most people. For more details on Google’s conversion modeling please refer to this article.

Configuring Google Consent Mode V2 in Concord

1. Log in to Concord’s Admin UI and navigate to ConsentConsent Settings → General Settings.

2. On the General Settings tab, select the Google Consent Mode V2 dropdown and select Disabled (default), Basic, or Advanced. Click Save to apply your changes.

3. View your Google Consent Mode configuration status in the upper right corner of the Deployment → Integrations → Embed Concord section in the Concord app and use the instructions and links on that page if implementing via Google Tag Manager (more details on the different options can be found below).

Implementing Google Consent Mode via Gtag or Google Tag Manager

Regardless of the Google option that you use (Gtag or Google Tag Manager), we highly recommend first following our Direct Embed Code instructions in the Deployment → Integrations → Embed Concord section of the Concord Admin UI to add the Concord code to your website. Concord should be in the <head> section and should always be above other external script tags to ensure that the scanning and blocking process functions correctly. If that is complete or if you want to use Google Tag Manager to inject the Concord code (which is not recommended), follow the instructions below or refer to the detailed Google docs here.

Gtag

First, add your normal Gtag code to your page below the Concord script you implemented above, ensuring that the Concord script is above the Gtag script. Once that is done, add the separate dataLayer object below before your Concord code. This establishes your consent defaults in the data layer, but will not trigger your Google tag, since you haven't loaded the Google tag library yet.

<script>
  window.dataLayer = window.dataLayer || [];
  function gtag() { dataLayer.push(arguments); }
  gtag('consent', 'default', {
    ad_personalization: 'denied',
    ad_storage: 'denied',
    ad_user_data: 'denied',
    analytics_storage: 'denied',
    functionality_storage: 'denied',
    personalization_storage: 'denied',
    security_storage: 'granted',
    'wait_for_update': 500,
  });
  gtag('js', new Date());
  gtag('config', 'Google tag ID');
  </script>

Concord will now automatically block your Google Gtag script prior to consent and will handle everything else for you automatically based on user consent.

Google Tag Manager

When using Google Tag Manager and our Google Tag Manager community template, that can be found here, you have two implementation options:

  1. Follow the Embed Concord instructions in the Deployment → Integrations section in the Concord Admin UI to directly install Concord on your website. Our single line of code is placed at the top of the <head> section of your website, and you then add the Google Tag Manager script below the Concord script. That ensures that Concord runs first, allowing better control over the process and easier selection between different Google Consent Modes in Concord. We recommend you use this method in almost all cases.
  2. You can use the Inject Concord Script option found in our Google Tag Manager template. In this case, Google will control the initialization process. Google will automatically inject our script onto your website. Since we are not guaranteed to run first, all other scripts, cookies, and iframes (trackers) would also need to be implemented and ordered correctly in Google Tag Manager. As this can be an error prone process that is not future proof, we highly recommend choosing the first option above.

Regardless of which implementation option you use, you will use our Google Tag Manager community template along with the Project ID found in the Deployment → Integrations → Embed Concord section of the Admin UI. We should be configured to run using the Consent Initialization - All Pages Trigger option shown below and the default Google consent settings should typically all be set to denied initially. In most cases the rest of the settings do not need to be adjusted.

The user’s consent settings will now be automatically synced with Google based their consent choices in your Concord Consent Banner & Privacy Center.

Additional Resources

For more details on the different Google options, including advanced settings like region-specific behaviors in Google Tag Manager or URL passthroughs, please refer to the Google docs:

Topics

Product
Consent ManagementPrivacy RequestsData MappingIntegrationsSign InSign Up
Solutions
SoftwareE-CommerceFinancial ServicesGovernmentHealthcare
Resources
Help DocsBlogContact UsBook MeetingFree Privacy ReviewAffiliate ProgramMy Data PrivacyLeadershipMerchPricing
Social
Concord Logo Blue Logo White Text
© 2024 Concord Technologies Inc | All Rights Reserved | Website Privacy Policy | User Privacy Policy | SaaS Agreement | Affiliates Agreement