HubSpot Tracking Code with CMS GDPR Consent Tracking
Jun 13, 2018 10:42 AM
Consent Free Tracking - tracking that can be done without GDPR Consent
Consented Tracking - tracking that can only be done once the visitor has consented to being tracked
CMS - third party CMS
Marketing Consent System - a system that stores and logs Marketing Consent, and allows different content to be added to the page depending on whether the relevant Consent has been given
Granular Consent - allow a visitor to consent to some cookies and not others, thus Analytical Systems may be added to the page and not Social Media.
We are based in the UK and so GDPR is a major focus. This ticket may seem a little late given the deadline was a few weeks ago, but we have been waiting for HubSpot to complete its GDPR development.
We provide a proprietary CMS solution to our customers, this includes a Marketing Consent System we developed over 2 years ago when GDPR was first announced.
HubSpot is being used for Marketing Automation and its tracking, and so HubSpot tracking code has been added to the pages of the website.
We need a way to tell HubSpot whether the visitor has consented to being tracked or not.
The simplest way is to skip the entire HubSpot Tracking code when Consent has not been given, but this will also turn off HubSpots Consent Free Tracking, which will skew the data HubSpot records very heavily, since most visitors will not consent to being tracked (although they may consent to Analytics).
Ideally HubSpot could provide two HTML snippets, once that only enables Consent Free Tracking, and the other that enables all Tracking. We can then switch between the one that applies.
I have been looking at the HubSpot Cookie Banner, the text implies that in clicking the supplied button it will affect all cookies on the page, whereas in reality it only affects HubSpot cookies, and does nothing with the other cookies on the page. It is quite misleading and not really compliant. It also seems to be an all on or all off consent, rather than Granular Consent.
It seems the current assumption is that HubSpot is the sole Marketing Consent System, however it lacks the functionality (or at least API) required to control all other content on the page, such as Analytics, third party tools, and Social Media cookies. Can we add additional Consent types?
I have looked at the documentation seen here:
I know HubSpot have spent the last 2 months developing code for the GDPR, and I have been checking on updates regularly, watching the webinars etc, but am still unable to find this information on how to either allow our Marketing Consent System to be in control, or use HubSpots Marketing Consent System to Granularly control the cookie Consent such that the CMS can change the content based on HubSpots Consent.
I appreciate this is a long message, if you need any additional detail please let me know.