I am trying to ensure my client site is GDPR compliant, and have used the amazing Finsweet Cookie Consent tool (shout out to @Finsweet for making such a useful tool for the community).
The issue I’m running into, is that the google analytics script still appears to be loading prior to the user opting in. I have fully followed to Finsweet set up but when I load the site in my browser, my network monitor still registers analytics.google.com, and same with the duckduckgo browser extension I’m using to check what requests are coming through.
Here’s my read only link: read only
Note: I’ve just updated the header code for google analytics to reflect the move from Universal Analytics to GA4, but I don’t know if this has had any influence on this issue.
Here is the GA code I’m using modified to Finsweet’s specifications:
<!-- Google Analytics 4 -->
<script async="" src="https://www.googletagmanager.com/gtag/js?id=G-idnumber" type="fs-cc" fs-cc-categories="analytics"></script>
<script type="fs-cc" fs-cc-categories="analytics">
window.dataLayer = window.dataLayer || ;
gtag('js', new Date());
<!-- Finsweet Cookie Consent -->
<script async src="https://cdn.jsdelivr.net/npm/@finsweet/cookie-consent@1/fs-cc.js" fs-cc-mode="opt-in"></script>
Can any kind person help me troubleshoot what’s going on??
One more thing – I previously entered the google analytics id into integrations, and later deleted it when setting up GDPR compliance. So there is a chance that the issue is arising from that integration still being active. There doesn’t seem to be an option to remove this via the Webflow dashboard however.?.
Hi @Maxwell, the script from finsweet needs to be on top of all scripts. So the cookie consent loads first! Hope that helps, Cheers
@dskrabal thats not true, the docs say:
I don’t know much about finsweet’s Consent Tool, but I think it can’t work that way.
If the analytics script is placed before finsweet’s script, it will automatically load before the cookie consent. So finsweet has no chance to prevent the loading. Even if the analytics cookie is deleted after loading, analytics would have been loaded for a short time and might have transferred data to Google. This cannot be gdpr compliant.
I just had a quick read in the documentation. At first glance, I can’t find anything that says that the script must be loaded before Analytics. However, I have seen the following:
From this I conclude that if you want to have an opt-in, you must load the script from Finsweet before all other scripts. An opt-out is not GDPR-compliant.