-
Managing GDPR and Non-GDPR Shopify Stores: Separate GTM Containers Necessary?
So I’m managing a bunch of Shopify stores that are basically identical, right? But they’re each set up on their own subdomains based on region (like us.store.com, uk.store.com, and so on). Now, some of these require GDPR consent, but others, like the US one, don’t.
The normal approach would be to run them all through a single GTM container, but with the extra complexity and potential for extra work from all the additional blocking tags, I’m not sure if it’s better to run the GDPR stores from a separate container. Would I just be making more work for myself if I did it that way?
Also, a consultant I’ve been working with suggested splitting them up. They said that it would help avoid potential inaccuracies with the GDPR configurations. Their advice was basically not to expose the non-GDPR sites to it if I can avoid it. The thing is, I can’t tell if that risk, which might be really small, is worth the extra effort of doing double entry every time I need to make GTM changes, given that the sites are nearly identical in design and purpose.
And just one more thing – if you have a simple condition on a consent trigger that checks for a GDPR domain before it moves on to the GDPR app handshake, I don’t really see where these potential inaccuracies could come up for the non-GDPR sites. Can you?
-
2 Replies
-
While it might seem more complicated to handle multiple GTM containers, the consultant’s advice holds value in terms of accuracy and avoiding unintended GDPR-related conflicts or mistakes happening for non-GDPR sites. The level of risk might be small, but GDPR non-compliance comes with severe penalties which might outweigh the effort of maintaining distinct containers.
Also, handling GDPR domains separately could actually simplify your work, as it would segregate the data and tags that need explicit user consent from the ones that do not, making organization and control easier.
Your idea to use a condition based consent trigger for checking GDPR domain is clever and might offer some protection for non-GDPR sites, but human errors could still occur. Maintaining two separate GTM environments reduces these risks as the margin for error becomes less when you are handling these domains separately. In essence, think of the increased effort in maintaining two containers as an investment in risk mitigation.
-
It sounds like you’re in a bit of a tight spot! Honestly, if you use one GTM container and add a condition to check for GDPR specific domains, you should be fine. This will eliminate any inaccuracies and make your life easier, as updating would only need to be done in one place. The consultant might be extra cautious, but adding unnecessary complexity can be just as risky as slicing corners.
Log in to reply.