Google Tag Manager (GTM) is one of the most popular ways to deploy and manage website scripts without touching source code. If your team already uses GTM for analytics and marketing tags, installing Secure Privacy through GTM keeps your entire consent management setup in one place — and ensures your cookie consent banner loads before any tracking scripts fire, keeping you compliant with GDPR, ePrivacy, and CCPA requirements.
This guide walks you through the full GTM setup process for Secure Privacy, from creating the tag to publishing and troubleshooting.
Who Is This For?
This guide is intended for website owners, developers, or marketing teams who manage their site scripts through Google Tag Manager and want to add a GDPR-compliant cookie consent banner using Secure Privacy — without modifying their site's source code directly.
Prerequisites
Before you begin setting up Secure Privacy in Google Tag Manager, make sure you have:
A GTM account with an active container
The GTM container snippet already installed on your website
Access to your Secure Privacy dashboard and your domain installation script
Step 1: Create a Custom HTML Tag in GTM
Open your GTM container
Click Tags in the left sidebar
Click New
Select Custom HTML as the tag type
Paste your Secure Privacy installation script into the HTML field:
<script>
var s = document.createElement("SCRIPT");
s.src = "https://app.secureprivacy.ai/script/YOUR_DOMAIN_ID.js";
s.type = "text/javascript";
document.getElementsByTagName("head")[0].appendChild(s);
</script>Replace YOUR_DOMAIN_ID with the actual ID found on your Secure Privacy Installation page inside the dashboard (Settings → Installation → Domain ID).
Step 2: Set the Consent Initialization Trigger
Click Triggering below the tag configuration panel
Choose Consent Initialization - All Pages as the trigger
Important: Using Consent Initialization as the trigger is critical for GDPR compliance. This ensures the Secure Privacy cookie consent banner loads before any other GTM tags — including Google Analytics, Facebook Pixel, and advertising pixels. Using a different trigger (such as "All Pages") may allow cookies to fire before the user has given consent, creating a compliance violation.
Step 3: Save, Preview, and Publish Your GTM Tag
Name your tag (e.g., Secure Privacy – Cookie Consent Banner)
Click Save
Click Preview to test in GTM's built-in debug mode
Verify the cookie consent banner appears correctly on your site
Once confirmed, click Submit and then Publish to push the tag live
GTM Tag Configuration Summary
Your completed Secure Privacy tag should have the following settings:
Secure Privacy GTM Tag Settings | |
Setting | Value |
|---|---|
Tag Type | Custom HTML |
HTML Content | Secure Privacy installation script (with your Domain ID) |
Trigger | Consent Initialization – All Pages |
Tag Name | Secure Privacy – Cookie Consent Banner |
Blocking Third-Party Cookies and Scripts via GTM
If you load third-party scripts through GTM — such as Facebook Pixel, Google Ads conversion tags, or LinkedIn Insight — you should configure those tags to respect consent signals. This ensures third-party cookies and tracking scripts are blocked automatically when a user has not granted consent, keeping you compliant with GDPR and ePrivacy regulations.
See the article on implementing Google Consent Mode for advanced GTM tag blocking and consent signal configuration.
Troubleshooting Secure Privacy in Google Tag Manager
Cookie consent banner not appearing
Verify the script source URL is correct and includes your actual domain ID (not the placeholder
YOUR_DOMAIN_ID)Check that the trigger is set to Consent Initialization – All Pages, not "All Pages"
Make sure no other consent management platform (CMP) is installed that might conflict with Secure Privacy
GTM tag not firing
Use GTM's Preview mode to inspect tag firing order and confirm the tag is triggered
Confirm the container is published, not just saved or in preview mode
Check for JavaScript errors in the browser console (F12 → Console tab)
Banner appears but consent preferences are not saved
Verify your domain is correctly registered and active in the Secure Privacy dashboard
Confirm the domain in your script URL matches the exact domain you are testing on (including or excluding
www)
Frequently Asked Questions
Can I use Secure Privacy with Google Tag Manager without editing my website code?
Yes. Deploying Secure Privacy through GTM means you only need to add one tag inside your GTM container. No changes to your website's source code are required, as long as the GTM container snippet is already on your site.
Why must I use the Consent Initialization trigger instead of All Pages?
The Consent Initialization trigger fires before all other GTM tags, ensuring the cookie consent banner is displayed and consent is collected before any tracking or advertising scripts run. Using "All Pages" risks firing cookies prior to user consent, which violates GDPR.
Does this setup work with Google Consent Mode?
Yes. Once Secure Privacy is deployed via GTM, you can configure Google Consent Mode to pass consent signals to Google Analytics and Google Ads tags, enabling compliant data collection based on user preferences.
Next Steps
Configure Google Consent Mode for advanced analytics and advertising compliance across GTM tags
Set up automated cookie scanning to detect all trackers and cookies on your site
Customize your consent banner design to match your brand colors and style