Zum Inhalt

Google Tag Manager

Google Tag Manager allows you to embed other scripts (tags) into a website under certain conditions (triggers). Many cookie-banners rely on this mechanism and require that consent given via the cookie-banner be stored as a trigger in Tag Manager so that Tag Manager can control which scripts are loaded. CCM19 works fundamentally differently in this regard, and it is not necessary to set up triggers in Tag Manager. You can always have Tag Manager execute any script, thereby saving yourself a lot of configuration effort. CCM19 can automatically block scripts integrated via Tag Manager if consent is not given.

To block scripts loaded via Tag Manager, ideally use only the feature “Block scripts containing the following text.” For the script blocking to work, you must ensure that the CCM19-code appears in the source code before the-Manager-code.

We strongly recommend that you also always block Tag Manager itself via CCM19 until consent is given, since a court has confirmed that loading Tag Manager without consent is not compliant with the GDPR. \ To block Tag Manager, simply add the "Google Tag Manager" entry from our database under "Integrations & Cookies."

If a site visitor clicks “Accept All” to consent to all cookies, the Tag Manager will be loaded and will also integrate all other scripts according to the configuration. If the user only grants permission for the Tag Manager, it will become active and integrate the scripts as well. However, the scripts remain inactive because they have not been approved in CCM19 and continue to be blocked.

If you still wish to control consent via the Tag Manager and through triggers, this is of course also possible. In this case, the Tag Manager must not be blocked by CCM19 so that it can always function and use the consent-signals as triggers. Below, we describe how to set up the triggers in the Tag Manager.

Integration into Google Tag Manager

Events are triggered in Google Tag Manager via the window.dataLayer interface if it is integrated on the landing page.

As soon as an embedding is approved via the CCM19-interface, the following event is triggered. The events are triggered repeatedly with every page view for all approved embeddings.

window.dataLayer.push({
    event: 'CCM19.embeddingAccepted', // Constant identifier
    id: 'xxxxxxx', // CCM19-internal embedding-ID
    name: 'Google Analytics', // Custom embedding-name
});

In Tag Manager, you can respond to this via Triggers → New → Custom Events.

Mon Oct 25 2021 11:17:23 GMT+0200 (Mitteleuropäische Sommerzeit).png

This is what the information contained in the data layer looks like. Our goal is to set up triggers based on this information.

We’ll start from the point where you’ve successfully implemented CCM19 and Google Tag Manager on your website.

1. The CCM19 entry for Google Tag Manager

In CCM19, navigate to the “Integrations & Cookies” menu item. There, create an entry for Google Tag Manager. You can find instructions on how to create an entry and what to keep in mind here. Be sure to set the Tag Manager astechnically necessary . Only then will the Tag Manager itself not be blocked and be able to control the integration of other tools.

2. Set Up the Tag

For our example, we created a tag for the web analytics tool Google Analytics. We left the tracking-type set to “Pageview.”

Mon Mar 22 2021 154243 GMT+0100 (Mitteleuropäische Normalzeit).png

3. Select a trigger

For the trigger type [a)], we set a custom event and name it .* [b)]. Check the option Use regular expression matching [c)].

Mon Mar 22 2021 154642 GMT+0100 (Mitteleuropäische Normalzeit).png

4. Create Variables

Since the event is the same for every embedding, we now want to use variables to specify that the tag is triggered only when consent is given for the Google Analytics embedding. So we click on Fire this trigger on: Some custom events and add a new variable.

cbimage.jpg

For the variable type, we select the data layer variable [a)]. We enter the key name as the name [b)] and switch to version 1 [c)].

Mon Mar 22 2021 162718 GMT+0100 (Mitteleuropäische Normalzeit).png

5. Add a variable filter

Now we define what value the name key must have to trigger the event. Here, we always enter the name of the embedding (as it was stored in CCM19), which in this case is Google Analytics [a)].

We’ll also add an event [b)].

Mon Mar 22 2021 162726 GMT+0100 (Mitteleuropäische Normalzeit).png

The event we enter here is: CCM19.embeddingAccepted

6. Test, test, test…

Tag Manager offers a preview mode for testing. So before you go live with this version, you should check whether the tags are actually being triggered. In the messages, look for the corresponding embedding and take a closer look at the tag. If all the checkboxes are checked there, the tracking is working.

cbimage (1).jpg

Additional Events

CCM19.consentStateChanged

As of version 2020.11.26

This event is triggered every time the site visitor saves the consent-configuration. After initial consent is given, it is also sent during subsequent page views.

It provides information about the permissions the site visitor most recently configured.

Example:

window.dataLayer.push({
    event: 'CCM19.consentStateChanged',
    initialConsent: true,
    'ccm19_Google Ads Conversion': true,
    'ccm19_Facebook Pixel': true,
    'ccm19_YouTube Webplayer': true,
});

-event: string — Event-identifier -initialConsent: booleantrue upon the site visitor’s initial configuration, otherwise false. -ccm19_{EMBEDDING_NAME}: booleantrue if the page visitor has consented to the embedding, otherwise false.

CCM19.embeddingAccepted

This event is fired on every page view and upon confirmation of the consent dialog-for each embedding that the site visitor has consented to through their most recent configuration.

Example:

window.dataLayer.push({
    event: 'CCM19.embeddingAccepted',
    id: 'xxxxxxx',
    name: 'CMS Session',
});

-event: string — Event-identifier -id: string — CCM19-internal embedding-ID -name: string — User-defined embedding-name

We would like to expressly point out that the use of Google Tag Manager may involve a certain risk, as a cookie is set in most cases. This is not technically necessary, but must be defined as such in order for it to function.

Furthermore, from the perspective of the Schrems II ruling regarding the Privacy Shield, the unsolicited integration of Google services is at least questionable and should be carefully considered. Thus, Google Tag Manager always sends at least the user’s IP-address to the Tag Manager server—and thereby also to Google.

CCM19 offers an alternative to the core function of Google Tag Manager, which is to implement scripts on a website without having to edit the source code.

If in doubt, always consult a trusted legal advisor; we can only point out the technical basics here.