Setting Up Cookies Using Cookiebot and GTM

The latest requirement to comply with European GDPR is that user must opt in and be able to change cookie settings to select necessary/statistics/marketing cookies separately. Cookiebot have a solution for this and recommend installing their script as a tag within Google Tag Manager. All other tags such as Google analytics, Hotjar, and Facebook Pixel need to then also be set up within GTM which as I understand then only fires those tags when cookie consent has been given.

However within GTM there isn’t an official Facebook Pixel Tag.

I have several questions:

  1. Can Cookiebot actually control the cookies if GTM is not used? For example if each 3rd party tracking app is installed as custom tracking code whereby Cookiebot is the first custom code and then the integrations follow will Cookiebot actually block this from running if consent hasn’t been given? Below is the way I found in Cookiebot support to adjust the custom code for facebook.

Sorry you’ve almost certainly solved this by now, but just in case someone else stumbles over this, I’ve personally tried more fixes to cookiebot’s underlying GTM template than I can remember. All of them end up in code breaks (often duplicate fires of the cookiebot script), and frequently they end up undermining the GTM data layer, which kills reporting.

So I went back to basics, scrapped all their code and followed this . No problems since. My site is compliant because whenever I add tags I ensure I include a consent dependency on the cookies. That’s a fairly minor job to do since I’m adding through GTM anyway, certainly versus constant errors in their enforcement code.

While I’m tipping, the other problem is the unsophisticated cookie declaration injection. This post gave me a few ideas about how to do that better, and made sure my cookie policy (and others) were formatted in line with the rest of my site.