This guide will help you undertake some of the necessary checks to make sure your Google Consent Mode (GCM) v2 advanced setup is working as expected for your website.
1. What's Google Consent Mode?
2. What is the advanced mode?
3. How to test your advanced setup?
4. How to read the gcd parameter?
5. Test cases
Verify the consent notice UI
Website - Prior consent
Website - After positive consent (optin)
Website - After negative consent (optout)
GTM - Prior consent
GTM - After positive consent (optin)
GTM - After negative consent (optout)
Need further help?
1. What's Google Consent Mode?
Google Consent Mode (GCM) serves as a link between data privacy and digital advertising by adjusting the behavior of Google tags to your users' consent status. This allows you to obtain insights on campaign conversions and other data, always respecting user consent choices for both ads cookies and analytics cookies, which will help you optimize and improve ad monetization.
After several months, Google has come up with a v2 of the feature. If needed, please read more about Google Consent Mode v2 and how to set it up in our article.
2. What is the advanced mode?
There are two modes available: advanced and basic. To know more about the difference between the two, please refer to this part of our article.
If you're not sure of the trade-off between advanced and basic, Didomi encourages you to consult with your Data Protection Officer or legal team.
The objective of this article is to allow you to verify an implementation in advanced mode. This means that Google tags will fire as soon as Didomi is loaded and GCM signals are set.
The data collected will adapt to the default GCM signals and then to the user's choices. In other words; data will almost always be collected. And what is collected and possibly stored may vary depending on your default settings or user choices.
The main benefit of this mode is: "get modeled data into your GA4 property [for traffic and audiences] to fill in the gap in data observed when users withhold consent."
Source: Consent mode on websites and mobile apps
3. How to test your advanced setup?
The goal is to verify that requests are sent and that the GCM information sent with them matches your default GCM settings or your users' choice.
How you enabled GCM (via our console, using the GTM template or using the didomiConfig option - see this part of our article) has no impact on where to check the behavior of your tags.
The location of the scripts is what determines the options for future checks. The checks will be carried out:
- On your website, if your Google tags are in your source code
- Via the Google Tag Manager preview (or on your website), if your Google tags are placed in GTM
4. How to read the gcd parameter?
The gcd parameter is added to every Google Ad Words or Google Analytics hit when GCM is enabled. It reflects the statuses of GCM signals and is what assures Google that GCM is enabled (and consent is collected).
This is not publicly documented by Google, but there are articles and literature about it.
It is a character string composed of several parts where each part can have different values:
gcd=11<ad_storage>X<analytics_storage>X<ad_user_data>X<ad_personalization>5
“11” – prefix that does not change (or "13" sometimes)
“5” - suffix that does not change (or "7" sometimes)
X can have the values:
“1” – separators for consent parameter values (“ad_storage”, “analytics_storage”, “ad_user_data” and “ad_personalization”)
“3” – separators for consent parameter values (“ad_storage”, “analytics_storage”, “ad_user_data” and “ad_personalization”)
Y can have the following values :
“p” – “denied” default value
“t” – “granted” default value
“q”, “m” or “u” – “denied” after a user's choice
“e”, “r”, “n” or “v” – “granted” after a user's choice
“l” – undefined value
For instance
13t3p3p3p5 =
- ad_storage granted by default
- analytics_storage denied by default
- ad_user_data denied by default
- ad_user_personnalization denied par défaut
13u3q3q3q5 =
- ad_storage denied after a user's choice (and previously granted)
- analytics_storage denied after a user's choice
- ad_user_data denied after a user's choice
- ad_user_personnalization denied after a user's choice
5. Test cases
We recommend running the following tests on your website to confirm that GCM is correctly configured in advanced mode.
* Verify the consent notice UI
Depending on the vendors you have selected, check that they are present and correctly displayed in the notice
- Open your website in an incognito window
- Access the vendor view of your record
- Check the vendors
Case 1: you've selected the 2 vendors
Case 2: you've only enabled the Google Advertizing Products vendor
Case 2: you've only enabled the Google Analytics Products vendor
* Website - Prior consent:
Verify that Google Analytics, Ad Words, Floodlight, or Conversion Linker queries are sent and contain the expected gcd value
- Open a private browsing window
- Before accessing your website, open the developer tools with a right click and then “Inspect”
- Open your website
- Go to the “Network” tab of your browser console, top left
- Use the filter to check that there are queries containing the words "analytics.js" (legacy), "gtag", "collect" and that they contain a
gcdparameter - Study the value of the
gcdparameter and verify that it matches your default setting
* Website - After positive consent (optin):
Check that requests contain the gcd parameter with each signal set to granted
- Open a private browsing window
- Before accessing your website, open the developer tools with a right click and then “Inspect”
- Open your website
- Go to the “Network” tab of your browser console, top left
- Click "Accept all"
- Check that the value of the
gcdparameter matches each signal with a granted value
* Website - After negative consent (optout):
Check that queries contain gcd with each signal set to denied
- Before accessing your website, open the developer tools with a right-click then "Inspect" in an incognito window
- Open your website
- Go to the “Network” tab, top left
- Click on “Refuse all”
- Verify that Analytics and Ad Words queries contain a "
gcd" parameter and that its value reflects each signal as denied during your navigation
* GTM - Prior consent:
Confirm that Google tags are triggered and Consent is set as desired
- Open Tag Manager in incognito mode (or clear your cookies and local storage for your website in your preferred browser)
- In your Tag Manager console, click on the “Preview” button
- Set your website URL
- Establish that your Google Analytics, Ad Words, Floodlight, or Conversion Linker tags are fired during the
didomi-readyevent
Make sure they are not triggered before - Check the
Consent(default) event
Go to the Consent tab and verify that the On-Page Default statuses match your default settings
* GTM - After positive consent (optin) :
Confirm that tags are triggered and Consent is granted
- Open Tag Manager in incognito mode (or clear your cookies and local storage for your website)
- In your Tag Manager console, click on the “Preview” button
- Go to your website
- Click "Accept all"
- Make sure there is a
Consent(update) event and that GCM signals are granted in the On-page Update column - Also check that your tags are triggered during subsequent navigation during
didomi-readyevents
GTM - After negative consent (optout):
Check that the tags are triggered and that the statuses are denied
- Open Tag Manager in incognito mode (or clear your cookies and local storage for your website)
- In your Tag Manager console, click on the “Preview” button
- Set your website URL
- Click on “Refuse all”
- Check that Google Analytics, Ad Words, Floodlight and Conversion Linker tags are fired on
didomi-readyevents - Study the
Consent(update) event and make sure that every signal (except security_storage) is denied in the On-page Update column
