Differ Anonymisation based on Cookie selector on SS

Is there any way to anonymise the data only of those who do not accept profiling cookies ( always via Consent Mode) and instead leave as is it for those who do accept the marketing profilisation?

So, for example for GA4, to keep the data in the platform even for all the users who decided to not be “profiled”.

I think it can be done, but I don’t get the technical approach.

yes, change the destination URL (/anonymize or not) based on your cookie selection

1 Like

This could also be done using a Transformation inside GTM. You would then have to look at the event data parameter named x-ga-gcs if you are using GA4 as transport to server side GTM. This is very powerful as you can apply it to only certain tags and certain conditions if you wish.

Ok. sounds clear. But I am left with a doubt. At the point when the user enters and initially closes the cookie banner (so they do not express a clear preference for profiling and thus remain anonymized), at the point when in the same session the accept to be profiled, would two separate sessions be created?


That depends on how your consent is setup and what is the default state.

I can assume by default all consent is rejected, in that case until user accepts, GA4 will do cookie-less pings (in case you have consent configured with native GTM consent overview) to the property, which you will not even see as events/sessions unless you’re enrolled into [GA4] Behavioral modeling for consent mode - Analytics Help

So in this case, not only those are two different sessions, but the first one is not exactly a session that you can find in your reports (see above). Also if user changes a page before accepting consent - you’ve lost all your click ids and utms.

For this reason (among others) consent banner are normally implemented such that can’t be ignored and a choice is required before further engagement with the website.

yes, by default I provide ‘denied’ if there is no interaction with the banner.
So without interaction/rejection I would have to activate the anonymised server (which then starts by default every session).

My doubt concerns when the user actually accepts the profiling. Here a new session starts again, correct?
Below I have tried to sketch a scheme, to understand the logic I am reasoning on and whether it is consistent with best practice.

@Davide_Arsego anonymiser is not a solution for lack of consent.

Anonymiser is designed to help you comply with regulations that revolve around sending potential PII to a US company (Google GA4). So where these regulations apply, even if customer has provided full consent - data needs to be stripped of some parameters (depending on severity of your local regulation and degree to which you’re willing to comply or take a risk).

Again, anonymiser is NOT a solution for the lack of consent. In this light, your schema doesn’t make much sense. If customer has not given you consent to be tracked no signal whatsoever should be sent towards analytics.