Privacy and data governance with Onetrust and Google Tag Manager

With the increasing scrutiny placed on privacy, having a complete and flexible system to document and comply with GDPR (General Data Protection Regulation (Regulation (EU) 2016/679)) and the newer CCPA (California Consumer Privacy Act) and CPRA (California Privacy Rights Act) is crucial for organizations large and small.


We partner with OneTrust to help our clients manage their privacy and data governance and give their legal and compliance team the tools they need to stay on top of their data. Ensuring compliance and honoring customer rights, choice, and transparency.

Onetrust scans a partners site and helps them categorize scripts inside of the App. This helps internal compliance resources document how 3rd party companies are tracking a site’s users. This information is then made available on your site to honor regulations linked to GDPR, CCPA, and CPRA.

Onetrust also handles the location based targeting around who will see the cookie preference and privacy modals setup in their system and as new regulations arise can adapt to new compliance needs.

Google Tag Manager and datalayer

Using Onetrust with Google Tag Manager lets our partners keep tag creation and deployment separated from the legal and compliance parts of your organization. With this correctly setup, tags implemented through Google Tag Manager are triggered or NOT triggered by the browser dataLayer return from the Onetrust script running on a site.

Inside of Tag Manager we setup activation and blocking triggers around the categories in Onetrust. Categories like Marketing, Tracking, Social Media etc. will allow the user and the Onetrust platform to allow or disallow categories based on the user preference or the signals coming in from the user’s browser while allowing functional or performance based scripts and cookies to remain.

Let’s talk.

A quick conversation is all it takes to get started.