Cookiebot Google Tag Manager Implementation

Are you a Google Tag Manager (GTM) user? The Cookiebot solution works great with a GTM implementation. Find our below how to implement Cookiebot with Google Tag Manager.

Combine the use of Google Tag Manager with automatic cookie blocking by Cookiebot to get the best of both worlds. If you want to use automatic cookie blocking together with GTM please check out this knowledgebase article: Google Tag Manager and automatic cookie blocking

In the next steps we will show you how to:

1. Implement the cookie consent banner
2. Control cookie-setting tags
3. Show the cookie declaration on a specific page on your website

We are assuming you have created a Google Tag Manager account, created a website container and implemented the GTM code on your website. More information: https://support.google.com/tagmanager/answer/6103696

1. Implementing Cookiebot with Google Tag Manager

**** If you want to use automatic cookie blocking together with GTM please check out this knowledgebase article: Google Tag Manager and automatic cookie blocking

In the GTM container click on “Templates” in the left menu. Then in the “Tag Templates” panel click the button “Search Gallery”:

Type “Cookiebot” in the searchbox and select the template “Cookiebot CMP” from the results:

Then click the button “Add to workspace”. You will see a warning dialog where you will be asked to allow Cookiebot to add scripts in your website. Click “Add”.

Now create a new tag by clicking on Tags in the left menu and the click on the button “New”. Click on “Tag configuration”, and look for the “Cookiebot CMP” under “Custom” in the “Choose tag type” screen. Select this tag:

Fill in the field “Your Cookiebot Domain Group ID” with your personal Cookiebot code. (Which you will find in the Cookiebot manager , tab ‘Your scripts‘).

Under the collapsible configuration group ‘Default Consent State’ you can adjust which categories of cookies should be granted or denied before the end user submits consent. As most data protection legislations like GDPR require so-called ‘prior consent’, the default setting is ‘Denied’ for all categories. The category ‘necessary’ (mapped to consent type security_storage) is by default set to ‘Allow’ and is not configurable, as it does not require consent.

GTM by default supports 5 different consent types that are automatically mapped by Cookiebot to the 4 categories used in Cookiebot CMP:

Choose “Consent initialization – All pages” as trigger and apply a name to your tag at the top of the configuration page, e.g. “Cookiebot”. Click “Save” to create the tag.
 
This is what your tags should look like:

Make sure that you have registered and saved the domain name(s) of your website(s) in the Cookiebot manager.  

2. Controlling cookies with Cookiebot Google Tag Manager

Google Tag Manager includes several features that work together with Cookiebot to help you manage how tags behave in response to the end user’s consent choices.

Tags with built-in consent checks (such as Google Ads, Analytics, Floodlight and Conversion Linker) include logic that automatically changes the tag’s execution behavior based on the user’s consent state. No consent configuration is needed for this type of tags.

If a tag doesn’t support built-in consent checks, you can add Additional Consent Checks for the tag as described below. If a user does not give consent to the specific consent types you’ve selected for the tag, the tag will not run.

2.1. Setting up Additional Consent Checks

1. In your GTM container, create the following trigger, to be used in your GTM configuration:

Event Name: cookie_consent_update,
Event Type: Custom Event,
Fires On: All Custom Events

You trigger should look similar to this:

2. Tags that do not support built-in consent checks and set cookies should specify the types of cookies using the Additional Consent setting under Tag Editor > Advanced Settings with the categories that the tag requires (see the scan report from Cookiebot if you are in doubt).

In this example the tag requires consent for ad_storage:

3. To achieve this, update any cookie-setting tags to replace the existing trigger (e.g. “All Pages”) with the new consent update trigger, e.g. for your Facebook Pixel Code tag. This will fire your tag when the user has opted in on the required consent type.

If multiple conditions are necessary you can use a trigger group to join those conditions into one trigger. (https://support.google.com/tagmanager/answer/9164222?hl=en)

4. For a complete view of the consent settings across all the tags in your container, you can enable the Consent Overview from your container settings.

If you implement Cookiebot using GTM you can also use Cookiebot to block tags which are not loaded by GTM. For example script tags that are inserted directly in your website template. Just mark up such tags for ‘prior consent’ as described in this article: https://www.cookieinfo.net/en/knowledge-base/manually-enable-prior-consent/

3. Implementing the cookie statement 

This script is inserted in the HTML of the page where your cookie declaration has to be visible. If you don’t have such a page create a new page for it. Replace the green code below for the code from the cookiemanager. (Which you will find in the Cookiebot manager , tab ‘Your scripts‘):

<html>
<head>
...
</head>
<body>
<h1>Cookie verklaring</h1>
<script id="CookiePolicy" src="https://consent.cookiebot.com/00000000-0000-0000-0000-000000000000/cd.js" type="text/javascript" async></script>
</body>
</html>

You can let your webdeveloper implement these scripts. Just send him/her the scripts and the information on this page.