How to set up the GDPR/CCPA app - video tutorials
LongTimeNoBlogPosts, well not anymore... We are back with our brand new video guide. In order to facilitate the initial set up of the GDPR/CCPA app, we decided to create a playlist with video tutorials and help you make your store compliant. Without further ado let’s jump right into the first step:
Step 1: Enable for Specific regions
This option allows you to enable the app for the countries that you want to be compliant with.
Step 2: Set up the Privacy Policy page
It is very important to keep your Privacy Policy page up to date, so you can be compliant with all the requirements. In case you don’t have one yet, follow the steps shown in the video.
Step 3: Configure the Cookie Management section
You are able to choose which cookies to be selected (active) in the Preferences popup when a customer lands on your store. In the video below you will see all the different configurations and decide which one will work best for you.
Step 4: Additional blocking of Google Tag Manager, Google Analytics, Facebook Pixel, and Facebook Flag for Limited Data Use
The blocking will be done with an additional script based on a Container ID. Google Tag Manager will be set based on a condition, which is checking one of the cookies, that are set by our app. The cookie is storing information for the cookie group that is currently blocked, based on the initial state or on the preferences of each customer. If the Analytics cookie group is blocked by default or the customer opts out, the script which is setting the Tag Manager will not be executed. For more details check the video:
On each page load, our GDPR/CCPA app deletes the Google Analytics cookies. Yet, those cookies are created again on the next page load. As we are constantly deleting the cookies each page load is considered a new visitor session. That way, Google cannot fully track what the customer is doing on your web store. We are using this method due to Shopify's limitations that prevent us from getting the tracking codes for each store. Although, there is one more thing you can do if you want to add additional protection for your visitors. Watch the video and follow the steps:
The blocking will be done with an additional script based on Global Tag. Google Analytics 4 will be set based on a condition, which is checking one of the cookies, that are set by our app. This cookie is storing information on which exact cookie group is blocked currently, either based on the initial state, or the preferences of each customer. If the Analytics cookie group is initially blocked or the customer opts out, the script which is setting the Tag Manager will not be executed. Check the video for more details:
At the moment, the Pixel blocking works the same way as the default Google Analytics blocking. However, if you want to add additional protection for the visitors that do not want to be tracked, there is one more thing you can do. Follow the steps shown in the video:
Facebook has released a Limited Data Use feature. This feature will give businesses more control over how their data is used in Facebook's systems. In order for the feature to function, an LDU flag has to be set once a customer opts out of the Marketing cookie group. The flag indicates that Facebook should limit the use of the customer's data. The signal is sent through an array called Data Processing Options. This rule should apply to customers from California only.
We have created a script that will be triggered once the visitor opts out from the Marketing cookies. The script will set the flag in regard to the LDU. Here is how:
Step 5: Check the configuration of the GDPR/CCPA Compliance pages on your store
Make sure to add your GDPR/CCPA Compliance pages to your website footer. This way your store visitors will easily access them and make all kinds of requests for their accounts. Let’s check the two important steps here:
The GDPR compliance page is automatically generated after you install and enable the app. It includes the necessary GDPR tools for your store to be compliant with the latest regulations.
Note: The steps for accessing the CCPA page are similar.
You can add the GDPR page to the navigation menu, in the footer, or on any other page of your choosing. If you want to add the page to one of your navigation menus, check the video below for more details:
Step 6: Giving the option to visitors to withdraw consent
Last but not least your store visitors should be able to withdraw their consent as easy as they give it. We would suggest you add a link or a button to a page of your choosing, that will trigger the Preferences popup again. This way they will be able to change their preferences whenever they want to. We would recommend adding this to your Privacy Policy page. Follow the steps in the video below to see how to add the button:
Note: If you want to add a link instead of a button, replace the button script with the one for the link.
Important: Due to limitations from Shopify the code will not work if you try to add it to a Legal page (Settings > Legal)
That's that for the video guide. Don't forget to subscribe to our channel and click the bell icon to get notifications for new videos.
If you have any additional questions contact us via chat or email, or simply check our FAQ page for more information.