In this guide, we will walk you through the process of implementing Google Analytics 4 (GA4) with the Evidon Universal Consent Platform (UCP) and Tag Control (TC) application. This combination ensures compliance with privacy regulations while effectively measuring traffic and engagement on your websites and apps.

Overview

What is Tag Control?

Tag Control is a security tool that empowers you to control which tags are allowed to fire on your website and effectively block unauthorized third-party resources. It operates by leveraging the Content Security Policy (CSP) embedded in the response header, offering an additional layer of security to detect and mitigate various types of attacks, such as cross-site scripting (XSS) and data injection. TagControl will block tags from being executed on your website until you obtain explicit consent from your website visitors.

Google Analytics 4 (GA4)

Google Analytics 4 is a comprehensive analytics service that enables you to measure user traffic and engagement across your websites and mobile applications.

Implementation Steps

Mark GA4 Tag as Essential in TagControl

To ensure that GA4 tags are not blocked during the initial page load, it is crucial to mark them as essential within the TagControl application. This action does not impact privacy regulations and still be compliant if GA4 is tag wrapped correctly in any other TagManager (ex., GTM), so that no cookies would be set unless the user has consented to cookies.

Configure GA4 Tags with Google Consent Mode

GA4 tags operate in accordance with the Google Consent Mode set within the data layers. To enable Google Consent Mode, add the following script snippet to your website's code:

<script >
    window.dataLayer = window.dataLayer || [];
if (typeof gtag !== 'function')
function gtag() {
    dataLayer.push(arguments);
}
gtag('set', 'developer_id.dOGRkZj', true);
gtag('consent', 'default',

    {
        'ad_storage': 'denied',
        'analytics_storage': 'denied',
        'region': ['AT', 'BE', 'BG', 'CZ', 'DE', 'DK', 'ES', 'FI', 'FR', 'GB', 'GR', 'HU', 'IE', 'IT', 'LU', 'NL', 'PL', 'PT', 'RO', 'SE', 'BR', 'TH', 'TR']
    }
); </script>

Opt-In Regulations (e.g., GDPR)

For regions or scenarios where Opt-In regulations like GDPR apply, it is recommended to set the consent mode as "denied" by default. This ensures that tags do not execute until explicit user consent is obtained.

For further information on how consent settings influence GA4 tag behavior, consult Google's documentation.

By following these steps, you can properly implement GA4 with the Universal Consent Platform (UCP) and Tag Control (TC), ensuring both compliance with privacy regulations and accurate measurement of user engagement on your digital properties.