Skip to main content

White Paper Data Governance - Download our White Paper to manage your data assets and activate your audiences.

Month: March 2020

GDPR : la bonne gouvernance des cookies passe par la maîtrise de vos tags

GDPR: the right cookie governance policy involves keeping your tags under control

Protecting the personal data stored by cookies inevitably involves setting up best practices for how those data are collected.

If there were any reason for a CDO or digital marketing manager to take another look at tag management from a more strategic angle, then the GDPR could very well be the ideal opportunity to do so. Not a day goes by without cookies hitting the headlines in the digital press. From Apple’s ITP feature to Google’s decision to delete third-party cookies in Chrome and the latest recommendations issued by France’s data protection authority (CNIL) on how to apply the GDPR, followed by a number of opinion pieces by tech players spelling out their vision of a cookieless world, cookies are a hot topic, and the uncertainty surrounding their future is causing a great deal of concern among marketing teams.

At the present time, organisations have no other choice than to take their cookie governance policy back to the drawing board. This very problem stems from the lax and opaque way in which some organisations have managed their cookies to date, and the GDPR is clearly aiming to rectify the situation. But cookies harbour an essential component that hardly gets a mention, and that component is a tag. Whoever wants to get their cookies in long-lasting order first needs to bring their tags under control.

Tags in the front line with the GDPR

A tag is a script, meaning a few lines of computer code to simplify data transfers between two systems (e.g. between a website and a third-party application). In a way, it is a “vehicle” that collects data, such as from a web store, and then transfers those data to another ecosystem, which might be one of the solutions that the marketing team uses to improve its sales performance.  Cookies are files stored in a browser that contain identifiers, i.e. information relating to the user’s profile (device, activity, etc.). When the tag is executed, it places the cookie in the browser and defines the rules for collecting the data associated with the cookie.

The reason why cookies have such a stormy reputation is that they will first link and then recognise the visitor’s device with the data collected and the marketing information that was potentially extracted. However, it is the tag that defines the conditions for collecting and sending data to third parties. In this respect, it is ultimately the combination of both components that underlies the GDPR: protecting the stored personal data associated with cookies inevitably involves setting up best data collection practices and therefore an effective tag governance policy.

So what constitutes an effective tag governance policy?

For an organisation to bring its exposure to GDPR risks back under control, it must first identify which tags are present on the website. Most compliance projects start by listing the tags. Which tags are running on the site? What is their scope of application? Which variables are involved? What is their purpose? What are their rules for deployment? This necessary process of listing the tags marks the first step in most projects aimed at ensuring compliance with the GDPR, whether those projects are led by DPOs or legal firms. However, that process may prove to be extremely complex when tags have been deployed without any governance policy, documentation or knowledge transfers (when relevant stakeholders have changed position or left the company). Ensuring that all the tags have been inventoried is an uphill struggle when ecosystems are increasingly expansive.

In case of an organisation with digital activities on a global scale, just having access to a reliable tag inventory may equate to several tens of thousands of euros in direct costs if that task is delegated to a consultancy, not to mention the expenses involved in mobilising the internal teams and procuring the tools and routines to give the process greater reliability. Once all tags have been listed, the organisation simply needs to gain back control over their execution. In other words, it must accurately configure the execution conditions and variables for each tag, so that it can define which data will be collected, when it will be executed or not and, if applicable, for how long. These are the data collection conditions that underpin the framework imposed by the GDPR.

Lastly, it is important to remember that the regulation is not set in stone, but is constantly being updated to reflect market trends and the new measures recommended by the regulatory authorities. There is every likelihood that your current implementation will need to be aligned with the new restrictions, case law, and so on.In particular, the GDPR has already inspired similar initiatives elsewhere in the world, and all the signs seem to suggest that the trend will continue gathering pace as awareness grows of the need to regulate the digital data market. Nevertheless, not all regulations have the same level of requirements, and each organisation is responsible for adjusting its arrangements and mechanisms accordingly. Therefore, an effective tag governance policy needs to be agile enough that it can be amended quickly, easily and at any time.

TMS: an indispensable ally

Enterprise Tag Management Systems (TMS) have gained traction in the digital landscape as a key strategic component, insofar as they allow organisations to take control of the tags and cookies in their digital ecosystem. TMS brings the rigour, quality and transparency required by the GDPR in terms of tag management, as well as the flexibility, simplicity and efficiency that organisations are expecting.

One of the main benefits with a TMS is that it can be used to centralise and standardise all the tags deployed by an organisation within the same interface, across the entire digital ecosystem. When tags are deployed with a TMS, they are automatically inventoried along with their respective parameter settings. Execution conditions can easily and quickly be defined, including by non-technical profiles. Therefore, a member of the marketing team can determine on which page a tag should be executed and according to which conditions, as well as which data must be collected and transferred. It is just as easy to modify the execution conditions, promptly correct any errors if necessary and quickly take centralised and automated action on large volumes of pages and tags.

As such, the TMS proves to be a considerable ally when aligning with the requirements of the GDPR and governing tags and cookies. In addition to considerably simplifying inventories, ensuring greater control over tag obsolescence risks and promoting agile governance, it guarantees effective, safe and compliant processes for marketing, technical and legal teams.

Le vrai faux de l'attribution

The true and false about attribution

Do you really know the attribution? Let’s check with these four questions.

Is the Last click dead?

True and false!

Although experts have announced the death of the last click for several years now, it is still the most widely used attribution model (by almost one in two advertisers). However, it is destined to be flanked by other attribution models as it cannot keep up with the ever-increasing complexity of Customer Journeys.

Is attribution a strategic web marketing solution?


Almost 9 out of 10 digital professionals are doing or have done a strategic tought on attribution to find a suitable model. This reflection allows to optimize the budgets allocated to the various media and to better understand the Customer Journey.

Is there an ideal attribution model?


There is no perfect solution in terms of attribution: every advertiser must make a targeted analysis of his Customer Journey in order to properly exploit the interactions involved in the conversion. Each model should therefore be customized, taking into account the Customer Journey, the business sector, the set of interactions and their contribution to the conversions.

Does last click attribution minimize the impact of branding?


Branding is indispensable in any marketing strategy. However, branding is a long-term strategy and its effects are difficult to measure. However, it is rarely the element that leads to a conversion, even if it may be at the origin. The last click, which attributes conversion to the last interaction, does not take into account the contribution of branding in the conversion process.

To not miss any of the latest news from Commanders Act, subscribe to our newsletter!  

© Commanders Act. All rights reserved 
Powered by CREAATION.