Most web marketing specialists use GTM (Google Tag Manager) to configure additional tags (i.e. script tags) on their website.

Many of these third party scripts will set cookies, and the site will easily become non-GDPR compliant unless integrated with a Consent Management Platform.

Consent Management Platform examples:

• Iubenda.com
• cookie-script.com
• cookieyes.com
• cookiebot.com

If using GTM, which is usually the case in a marketing website, then we likely want to integrate the consent management platform (i.e. cookie banner provider) via GTM.

https://support.google.com/tagmanager/answer/10718549#consent-overview

TODO: write about configuring GTM to have proper consent overview

TODO: write about create a GTM trigger event consent update

TODO: write about to load any third party scripts only on consent update by requiring additional consent(s) (e.g. ads_storage or analytics_storage)

TODO: if the script supports (like GA4, FB pixels etc) consent_mode it still likely needs to be only loaded on consent_update, but it doesn’t need to be conditionally loaded, but should respect the user’s settings and only e.g. do aggregate analytics if allowed to do so, but e.g. not identify user.