On Friday, September 8, we hosted our first seminar! This afternoon was entirely dedicated to privacy and tracking and how to best anticipate this as an online marketing specialist. With sessions from DDMA, Digitale Bazen, Analytics Support and of course AdPage itself, it was a very successful and valuable afternoon. In this article we list the most important learning points of this afternoon for you.
Tracking trends and developments
The day was kicked off by "our own" Bram and Jochem. Both have been working as account managers at AdPage for several years. Especially in the last year, their expertise lies in tracking and conversion optimization. Their mission is to ensure that all data available to online marketers is as complete as possible.
Using a timeline, Bram and Jochem charted the period from March 2021 to the present. They refer to the time before 2021 as the "golden age for advertisers.
Back then, you simply placed a pixel from Facebook or code from Google Analytics on your website and then you could measure everything. That way, you could see exactly where your conversions were coming from and you could optimize your campaigns very specifically based on those results. Building target groups, for example for retargeting campaigns, was also fairly easy using a tracking pixel.
Apple iOS 14.3 announcement
The first development we faced was the Apple iOS 14.3 update. In March 2021, Apple announced this update and later that year (in December) the update was implemented. This update allowed Apple users to disable tracking from third parties. As an Apple user, you have surely come across the notification below.
Overall, about 95% of Apple users said they preferred not to be tracked. This led to Facebook, among others, having much less data available. From the moment a Facebook user (from an Apple device) clicks on an ad, Facebook "loses track" and any conversions for that campaign are therefore no longer traceable.
As a result, the Facebook pixel could still measure only 20% to 40% of conversions. Facebook responded by introducing the Facebook Conversion API. This allowed a large part of the measurements to be restored, allowing 60% to 70% of conversions to be measured.
Announcement End of Third Party Cookies by Google
2021 turned out to be a year full of significant and sweeping changes, due in part to the Apple update and other privacy developments. In November 2021, Google also announced an important change: the end of Third Party Cookies within Google Chrome.
Google Chrome is also reportedly going to stop being able to track visitors through Third Party Cookies. Logically, this has a huge impact for advertisers, business owners and platforms. When both Google and Apple make it impossible to measure via cookies, measurements become much less accurate. Because Google is not going to implement the update until 2024, the exact impact is still difficult to estimate. But given the data loss from the Apple update, the impact here too will be huge.
Originally, Google's update was scheduled as early as 2021 and later in 2023. It is now clear that it will definitely be implemented in 2024. It is therefore necessary for online marketers to switch to first-party cookies in time to avoid the complete loss of insight into numbers.
Apple iOS 16.4 announcement
Following the above developments, many companies moved to server-side tagging. This means that they started processing data themselves via their own server. From that server, they can decide which third parties to share this data with. Because the server is linked to their own domain, this is considered First Party Data.
Apple was not happy with this development and therefore launched the iOS 16.4 update. This update means that placed cookies may now be placed for up to 7 days, including via server-side tagging. The major problem created by this Apple update was that returning visitors who take more than a week to return could no longer be measured. Fortunately, there is a solution to this problem as well. We'll tell you more about this later in this piece!
Transition from Universal Analytics to Google Analytics 4
As of July 1, 2023, Google Universal Analytics is a thing of the past and your website traffic data is stored in Google Analytics 4 (GA4). The transition from Google Universal Analytics to Google Analytics 4 has been quite a transition.
European Parliament introduces DSA and DMA
So the above developments have meant that we are now at an important crossroads. We can now pretend our noses are bleeding by taking no action, or we can now start collecting our own data.
If you choose the latter, then you are well on your way. Although we can imagine that you do want to do this in a future-proof way. After all, there are also some developments coming up in 2024 that we already know we need to anticipate.
The most significant development is the announcement by the European Parliament. They have announced that the Digital Service Act (DSA) and Digital Markets Act (DMA) will be introduced in the first or second quarter of 2024.
Specifically, these regulations should ensure more transparency in online advertising, less counterfeiting, better privacy protection and, above all, more EU control over the economic power of a few Internet giants. This means that from now on online entrepreneurs will have to collect their data themselves instead of third parties. So as an online entrepreneur, you have to take control of visitor data yourself.
Whereas previously you were forced by large companies, such as Apple, to stop using Third Party Cookies because of their updates, soon it will also be banned from the European Union. Conclusion: in 2024, we will definitely say goodbye to Third Party Cookies.
Watching a presentation back
Watch the full presentation by Bram and Jochem back below.
Privacy-first data-driven marketing
Romar van der Leij is Privacy & Legal Expert at DDMA (Data-Driven Marketing Association). DDMA's goal is to prepare members for all current and future developments in the field of online data and to allow them to take full advantage of the data available to them.
AVG & Privacy
The two main terms that (online) entrepreneurs have to deal with are AVG and ePrivacy. AVG deals primarily with the processing of personal data while ePrivacy deals with the use of cookies and the reading of visitor information.
AVG
With AVG, you are dealing with 7 core principles, the first two being the most important.
- Lawful, fair and transparent
- Target binding
- Data minimization
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
To comply with the AVG regulations as an entrepreneur, it is first and foremost important that you obtain (unambiguous) permission from your visitors to process personal data. This means that you must be clear; you communicate that you process personal data and indicate what you use it for. Then the visitor must have the free choice to agree or not.
The interest of the organization collecting the personal data must always be balanced with the impact on the privacy of the person concerned. So you must always ask yourself to what extent the data is important to you as an entrepreneur and to what extent you want to "violate" the privacy of your visitor. As a business owner, you make this consideration yourself.
Your purpose statement must also be clear. This means that as an entrepreneur, you may only collect personal data for a clear and legitimate purpose. This purpose must always be described clearly and in advance. In addition, the personal data may only be used for the purpose as described to the person involved. In other words, you are obliged to specify the purpose for which you use which data. You may not subsequently use the data for any other purpose.
EPRIVACY
Whereas AVG applies to all forms of processing of personal data, ePrivacy focuses specifically on the processing of personal data for electronic communications services. The main rule of ePrivacy is that you must explicitly ask permission to store or access user data.
Online, this consent is requested via a cookie banner. Through a cookie banner, website visitors are asked to consent to the processing of personal data. This consent must always come from a free, informed and unambiguous action.
There is currently no wrong way to set a cookie banner. Simply because there are no specific regulations for this. When creating a cookie banner, it is good to always ask yourself if you yourself would accept the terms.
In practice, we see that visitors feel cheated when, for example, the accept button is much more conspicuous than any other buttons. This is called "nudging," in which people are "subtly" encouraged to perform a desired action. Applying this is seen as unethical.
Three different cookie banners are shown below. In all cookie banners the visitor is given the freedom to accept or not accept the cookies, they can also differentiate by type of cookie. In two examples you can see that the accept button clearly stands out. So this is not illegal but you have to ask yourself whether your visitors accept this. So the last example is ethically the best choice.
Checklist for entrepreneurs
As a business owner, when you get started with a particular action, campaign, or external party, it is important to follow the steps below. By always asking yourself these questions, you verify that you are allowed and able to perform the action.
1. Is personal data involved?
The definition of personal data within the AVG covers any information of an individual that:
- relates to an identified or identifiable natural person
- is considered identifiable
- relates to a person who can be directly or indirectly identified in particular by an identifier such as.
- a name
- an identification number
- location information
- an online identifier
or of one or more elements characteristic of that natural person's physical, physiological, genetic, psychological, economic, cultural or social identity.
2. What is my role?
Always ask yourself what your role is in the process of processing the personal data:
- Controller: This is the party that collects data and links goals to it. So this is the website or web shop that wants to collect user data.
- Processor: This is the party that receives data from the responsible party in order to do something with it. So for example Meta or Google Analytics receiving data from the business owner via a pixel to then create reports from it.
- Data subject: Person providing data, or user.
In the old situation, a processor was always partly responsible for the data obtained. By switching to first-party cookies, this is no longer the case and you as a company are responsible for the data collected from your site visitors.
3. What basis do I use?
If you have not received explicit prior consent from the visitor, it is important to ask yourself whether it is really necessary to process the personal data. How did you communicate this necessity to the visitors?
4. How do I inform?
How and what are you going to inform visitors about? As a business owner, you have a duty to inform when it comes to collecting personal data. In doing so, you need to inform about the following things:
- What grounds
- Purpose of processing
- Retention period (and how you determine it)
- Justifiable interest (what interest exactly?)
- Name Data Processing Officer (if applicable)
- Third recipients/or categories
- Third countries
- Origin of the data
- Identity responsible
- Obligation to provide data by agreement
- Automated decision-making: plus underlying logic
- Right of inspection and correction
- Right of opposition/objection
- Right to withdraw consent
- Right to file a complaint
- Report additional rights
5. Is there a possibility of opposition?
Is there an opt-out option available? Can visitors choose not to have their data processed at the time it is requested? And can they withdraw their consent at a later time?
6. The trade-off
Weigh whether the tooling is the right solution for you. For each tooling, determine the minimum you need and establish a Tracking Measurement Plan. Discuss this with your colleagues. A marketer and a lawyer will both look at this differently.
How to deploy server-side tagging as a marketing agency
Erik Minkels is a marketing expert at Digital Bosses. As a marketing expert, he has extensive experience in online marketing for various clients. The developments in recent years have had a huge impact, with a major turnaround especially in the last year.
For many online marketers, including Erik, Google Analytics is the foundation. In Google Analytics, you get insight into the traffic to the website. You see where visitors come from, whether they convert and where they drop out in the customer journey. Based on the reports in Google Analytics, decisions about campaigns and ads are often made.
"Google Analytics is the foundation. You almost blindly assume that the information here is correct."
Over the past few years, Erik increasingly ran into the problem of incomplete data in Google Analytics. In fact, he even came to the conclusion that he only had 70% of the data available. As a result, the "basis" of many of his campaigns was falling away, causing him to increasingly doubt the decisions he needed to make.
As a marketing agency, he wanted to create value for clients and be able to prove this value. Being in a situation where he had to make decisions based on 70% of the available data, he could never be sure that his decisions would be the right ones. He was at the mercy of his gut feeling and that is not how you want to operate as a marketer. Your added value as a marketing agency is thus lost.
As an online marketing expert, Erik was keen on collecting complete data for his clients. To achieve this, he started looking for a solution himself and soon arrived at the best solution for his situation: server-side tagging. Implementing server-side tagging, however, proved to be no easy task. Within his organization, which consists mainly of marketers, the knowledge to get this right is lacking.
In his search for a good partner, Erik came into contact with several parties. The implementation takes a lot of time with those parties but the end result remains the same: the result was not 100%.
Erik eventually got in touch with the owner of AdPage, Koen van de Wetering. Koen too saw the challenge of being able to measure everything 100%, but he rose to the challenge. And with success: thanks to some custom solutions, he has now managed to restore the data 100%. As a result, Erik can once again rely on his reports within Google Analytics.
How to set up server-side tagging
Koen van de Wetering is the founder of AdPage. In 2014, he started developing a landing page tool with his business partner. This tool has since been expanded into a full builder for landing pages, popups and personalization.
Koen has a lot of contact with marketers and in recent years has been getting more and more questions about campaign measurability. Together with a team of developers, he spent several months building the solution: AdPage Tagging. The goal of AdPage's server-side tagging solution is to help marketing agencies and web shops realize as many results as possible for their online campaigns.
Now that we know why server-side tagging is necessary and what it can accomplish. Is of course also important to go deeper into the actual implementation of server-side tagging.
The gap between Marketer and Developer
Setting up tracking correctly on your website has become quite a challenge. For proper tracking setup, it is essential to set up the DataLayer and Tag Manager containers properly. To do this properly, you need both technical knowledge and marketing knowledge.
There are three different ways to forward events and conversions to your server:
- Through a Tag Management System such as Google Tag Manager
- Via Webhooks
- With the GA4 Measurement Protocol
With server-side tagging, you make sure that in a Tag Management System (in the case of AdPage, it is Google Tag Manager), a web and server container work together. In order for communication between the two containers to run smoothly so that the data collected can be shared with third parties, the following components are important:
- DataLayer with appropriate events and parameters installed on your website
- Google Tag Manager Web Container
- Google Tag Manager Server Container
- Correctly set channels
The process within a Web or server container is through triggers, variables and tags. The cooperation between triggers and tags can be thought of as an "if-then construct." So if a visitor takes a specific action, execute an action.
- Trigger: The action performed by visitor on a website that will cause a tag to fire (i.e. trigger the tag). So for example, viewed a product, clicked a button, etc.
- Variables: The information provided within the tag configuration, for example, the product name, order value or visitor's personal information. This information is retrieved from the DataLayer.
- Tags: Ensures that the desired information in the form of variables is forwarded to your server and server container as an event for Meta or Google Analytics, for example.
Setup with Web container only
The image below shows the setup when working only with the Google Tag Manager Web container, that is, via client-side tagging.
A Web site has a DataLayer that collects visitor data. The triggers respond to this and cause tags with associated data to be forwarded to your channels, such as Meta and Google Analytics.
You can compare this process to the process of pixels of the external platforms themselves. Like those pixels, visitor data is stored in the browser and sent directly to the respective platforms.
With server-side tagging, an additional step is added, which is the server container. Unlike the setup above, this ensures that events are not forwarded directly to the external channels, but first to your server.
The triggers on a server container respond to these events and conversions coming in through the web container. In the server container, you then determine which platforms you want to share those events and conversions with. This allows you to process visitor data through your proxy server, and it is no longer done within the visitor's browser.
DataLayer
To properly set up server-side tagging for your website, it is important to have a properly functioning DataLayer in place. A DataLayer is a JavaScript object used to collect information from your website, the information is then passed to Google Tag Manager.
Tip: Not sure if you have a DataLayer or if it is set up properly? Use the Google Chrome extension "DataLayer Checker. At each step of your customer journey, you can then see what events are fired in the DataLayer, and what user data is associated with that event.
Server-side tagging with webhooks
In combination with server-side tagging, you can also use webhooks to measure data. This allows you to include refunds in your analyses and analyze the entire multichannel of your business, among other things.
This can be useful, for example, when you advertise a lot on Facebook. If you know that a certain type of ad causes a lot of refunds, you know that that ad needs attention to reduce these refunds.
A webhook is a push notification that you send directly to the server. Cookie information is sent with every order. When someone returns a product, the cookie information is sent along with the webhook. This allows the refund to be matched with the order and the campaign in question. You can also use these webhooks in combination with your CRM or POS system, this way you can make more use of multichannel marketing.
Watching a presentation back
Watch Koen's full session below.
Apple's iOS 16.4 update and how we fixed it
Jeroen Frenken is Lead Developer at AdPage. Despite his young appearance, Jeroen already has years of experience writing code. Within AdPage, he is responsible for the entire development of AdPage Tagging. Hereby he takes care of the maintenance of the servers and the continuous optimization of all features to respond to new and upcoming updates. Jeroen is constantly looking for features and possibilities to make the tracking even better for our users.
One of the updates that improved privacy for Apple users and made measuring data via server-side tagging more difficult is the iOS 16.4 update.
For server-side tagging, you use CNAME cloaking to be able to forward the measured data to your server and store it first party. CNAME cloaking is linking your server to your domain through your DNS settings. Apple today performs checks to see if the first 4 digits of the IP address of the domain matches the IP addresses of your server. If this is not the case, safari will mark the placed cookie as Third Party. As a result, attribution goes back to 7 days.
How did AdPage fix this?
Through a master cookie. Through plugins or server work, a master cookie can be placed on a site that replaces marketing cookies. That master cookie asks itself during each session started if the master cookie is still present. If it is not, that master cookie is placed right back from your server.
The ITP is a feature Apple implemented for their users to ensure their online privacy. So putting back the master cookie does not contradict any directive or law. Thus, Apple, Google and other platforms will continue to release new features that make measuring visitor data more difficult. AdPage is on top of these developments and making sure there is a solution to keep tracking in order.
GA4 Measurement Protocol
Jody Twijsel is a Google Tag Manager and GA4 specialist. He supports marketing agencies in its implementation.
The need for Server-side tagging is a technical story. Jody knows how to explain it perfectly using the example below.
You as a consumer want to buy Coca Cola, for this you go to the local supermarket. Before you can buy that cola, it has been transported from the distribution center to the supermarket. Before the cola reached the distribution center, it was transported from the Coca Cola factory to the distribution center.
So before you have your Coke in your hands, a long way has already passed.
The process in obtaining Data is basically the same, where:
- the Coca Cola factory is replaced by your server;
- the distribution center is replaced by your browser;
- the local supermarket is replaced by storage in Google Analytics.
Last year, the distribution centers were blocked by farmers' protests. Consequence: the distribution centers could not be supplied and could not deliver to the supermarkets. Result: empty shelves in the supermarkets.
Then, to ensure full shelves as a supermarket, it goes directly to the factory. After all, the distribution center is blocked and skipped in the process.
The farmers' protest in this case can be compared to the new laws and features that prevent your browser from forwarding data to Google Analytics. To make sure that you still have access to this data, make sure you retrieve the data directly from the server.
Fetching data directly from your server to forward to Google Analytics is called the Measurement Protocol.
The Measurement Protocol is a way to send data without standard tracking codes using HTTP requests. You can forward these HTTP requests from your server, Google sheets, apps, POS systems or other devices.
Unlike Server-side tagging, with the Measurement Protocol you retrieve the data directly from your server to then send directly to Google Analytics.
With Server-side tagging, you use (as described in the example) a distribution center to put your data through. The Measurement Protocol can also be the connection between your hosting server and the server for your first-party data.
To send data to Google Analytics or your server with first party data you use a request with an api_secret after which a payload is sent. The payload is then filled with the data you requested via your requests. The big difference also with Universal Analytics is that from now on an api_secret must be included in the request so that not everyone can send data to your Analytics. To generate such a request, use the Google Event Builder.
Watching a presentation back
Watch Jody's full presentation below.
More insight into your data?
Want to get started with server-side tagging yourself? Schedule a no-obligation demo with our tracking specialists. Together we will look at the current settings and possibilities for improvement.