Docs: How to use Google Tag Manager to handle cookies & JavaScript (GDPR)

If you are looking to generate a cookie consent script you can do it at our: Cookie consent generator. The wizard will go through this tutorial in an interactive way. This page is only here if you have to look back at some steps or want to see our process of implementing a solution.

This is a tutorial on how to make your cookies and Javascript execution GDPR compliant. We have put emphasis on using Google Tag Manager (GTM) when handling these processes. There are other ways to do it but we believe that this is a solid process that saves you or your dev team a lot of time.

If you already have GTM setup you can skip to Step 2: Download GTM script & import to your GTM account. Be aware that you might have to edit some of your old configuration to make sure that some of the tags don't fire until your visitor have given his or hers consent to you.

Step 1: Create a Google Tag Manager (GTM) Account

First of all you need to create a GTM account which is easily done with your google account at:

Click on create account to setup your account name and country details.

Setup the container by entering container name and choose platforms that you would like to utilize with the GTM container.

Read through and confirm the GTM Terms & Conditions.

After confirming the T&Cs you will be presented to code snippets together with instructions on where to place them in your html code.

Step 2: Download GTM script & import to your GTM account by clicking the download button below.

Download the GTM script that you just generated in our generator by clicking on the button to the right.

The generator will present you with a download button when you have configured and generated a script.

Login to GTM and click Admin.

Under container, click import container.

Select the downloaded script as the file to import. Choose between creating a new workspace or add to an existing. You can also choose to merge or overwrite the container.

Preview and confirm your import.

Open the Google Analytics - Universal Analytics tag

Click on the information symbol close to google analytics settings. A new view, very similiar to the previous one will appear. Click on the information symbol close to google analytics settings again.

Click on tracking-id and enter your Google Analytics tracking id, then save.

Submit your changes and publish!

Step 3: Add your JavaScript tags execution flow.

Our Guess is that you have other services than google analytics running, that might be using cookies. Remember that this solution only handles cookies created by javascripts inside your GTM container. You will want to add these scripts in GTM as well. Remember that there are two consent groups. Performance which is opt-out by default (you can change this in GTM in the default variable) as well as the targeting group which is opt-in.

In the script that you just imported there are 4 example tags showing how you can setup and configure the executions of these tags depending on the users consent actions. You can either edit these or remove them add new tags, as you wish.

Step 4: Configure your policy page

It is time to configure your policy page to give your visitors the chance to change their preferences regarding cookies. You do this by adding the following code to your policy-page. This has to be the same page that you entered when you generated your script.

Put the following html code on your privacy page

<input id="consent_functional" type="checkbox" checked disabled /><label for="consent_functional">Functional (Strictly Necessary) Cookies</label>
<input id="consent_performance" type="checkbox" checked /><label for="consent_performance">Performance Cookies</label>
<input id="consent_targeting" type="checkbox" /><label for="consent_targeting">Targeting Cookies</label>
<button type="button" class="button" id="consent_save">Save Cookie Settings</button>

You can move them around and style them as you want, just make sure they are on your privacy policy page. If you want to be extra sure to follow the cookie laws and GDPR requirements you should add a list of the cookies used under each category.

If you do not have a well written policy page there are several good resources online if you spend a couple of minutes on google. You are also free to copy and rewrite ours!