With rising privacy regulations like GDPR, CCPA, and ePrivacy Directive, it’s crucial to implement Google Consent Mode v2 to control how tracking technologies behave based on user consent. In this article, you’ll learn how to implement Consent Mode v2 in OpenCart using Google Tag Manager (GTM) to comply with advertising requirements from Google, Meta, and others.

🎯 What Is Consent Mode v2?

Consent Mode v2 allows Google tags (like GA4, Ads, Floodlight) to adjust behavior based on user consent for:

• ad_storage – for remarketing
• analytics_storage – for analytics
• ad_user_data – required by Google for EU traffic
• ad_personalization – enables personalized ad delivery

---

🧰 Prerequisites

Tool	Purpose
OpenCart 3.x or 4.x	eCommerce CMS
Google Tag Manager	For controlling all marketing pixels
Cookie Consent Manager	e.g., Cookiebot, Complianz, OneTrust
GA4 & Google Ads Setup	GA4/Ads tags in GTM

---

🧱 Step 1: Add Consent Initialization Tag in GTM

1. Go to Tags > New
2. Select Tag Type: “Consent Initialization – Google tag (gtag.js)”
3. Configure with your GA4 and Google Ads IDs:

gtag('set', 'default_consent', {
  'ad_storage': 'denied',
  'analytics_storage': 'denied',
  'ad_user_data': 'denied',
  'ad_personalization': 'denied'
});

✅ Trigger: Consent Initialization – All Pages
⏱ Loads before any other tags.

---

🌐 Step 2: Set Up Consent Management Platform (CMP)

You can use any CMP that supports Consent Mode v2. Examples:

• Cookiebot
• OneTrust
• Complianz
• CookieYes

Example: Cookiebot Integration

1. Sign up and configure domains
2. Choose Google Consent Mode v2 compatible
3. Copy the Cookiebot script

Paste this in your OpenCart header.twig:

<script id="Cookiebot" src="https://consent.cookiebot.com/uc.js" data-cbid="YOUR-ID" data-blockingmode="auto" type="text/javascript" async></script>

---

📦 Step 3: Configure Tags to Respect Consent

In GTM:

• Open each tag (GA4, Google Ads, Meta Pixel, TikTok, etc.)
• Scroll to “Consent Settings”
• Enable “Require additional consent”
• Add:

ad_storage
analytics_storage
ad_user_data
ad_personalization

This ensures tags don’t fire until the relevant consent is granted.

---

🧪 Step 4: Debug Consent Mode

Use Chrome Extension: Google Tag Assistant

Check:

Status	Meaning
granted	Consent granted – full tracking
denied	Data collection limited
default_consent	Applied if no choice made

Also test in GA4 > DebugView.

---

💬 Step 5: Optional — Custom Consent Tracking Event

Push a DataLayer event when user consents or rejects:

<script>
window.addEventListener("CookieConsentDeclaration", function() {
  dataLayer.push({
    event: "consent_updated",
    ad_storage: Cookiebot.consents.given.marketing,
    analytics_storage: Cookiebot.consents.given.statistics
  });
});
</script>

You can trigger internal tags, call APIs, or log user behavior on consent action.

---

🔁 Step 6: GA4 Enhanced Measurement Compatibility

If using Enhanced Measurement in GA4:

• Tags won’t collect PII or cookie data until analytics consent is granted.
• Some events like page_view will still be sent in cookieless, anonymous mode.

---

📊 Optional: Fire Meta/Facebook & TikTok Pixel Respecting Consent

Wrap in GTM Custom HTML with conditional logic:

<script>
if (Cookiebot.consents.given.marketing) {
  fbq('track', 'PageView');
  ttq.track('ViewContent');
}
</script>

Or delay execution using Consent Triggers only when ad_storage is granted.

---

🔐 Server-Side Consent Propagation (Advanced)

If using Server-Side GTM, pass consent states as custom headers:

• x-consent-ad_storage: granted
• x-consent-analytics_storage: denied

Then route or suppress requests server-side accordingly.

---

📈 Strategic Benefits

• Ensures compliance with GDPR & ePrivacy
• Retains ad tracking while respecting user choice
• Enables cookieless pings for attribution even when denied
• Prevents tag bloat and duplicate event firing

---