Sometimes you may want to turn off visitor cookies and not use them to collect data. This may be because you want to comply with certain privacy laws or for other reasons.
Without cookies, your data will be less accurate. That’s because cookies store visitor data, such as a visitor ID. This ID helps us recognize returning visitors and their sessions. At the end of this article, we’ll show you how turning off cookies can affect your data.
To turn off cookies, follow these steps:
- Go to Menu > Administration.
- Navigate to Sites & apps.
- On the left, pick the site or app you want to work with.
- Navigate to Privacy > Compliances.
- Turn off Use visitor cookies.
Note:
- This setting applies to consenting visitors, or to all visitors if you don’t ask for consent. Visitor cookies can also be turned on or off for non-consenting visitors in Administration > Sites & apps > Privacy > Ask visitors for consent > Collect anonymous data from non-consenting visitors. Read more
- If you turn off both visitor cookies and session hashes, each event will be treated as a new session and you won’t recognize visitors.
- Done!
Note: Some triggers in Tag Manager create cookies to function correctly. If you use one of the following conditions in triggers, we’ll set a cookie:
- Event condition > Traffic source
- Event condition > Returning visitor
- Event condition > Campaign
- Event condition > External referrer
- Multiplicity > Fire tag once per session
- Multiplicity > Fire tag multiple times per session, excluding first
- Multiplicity > Fire tag once per page view
If you don’t want to use these cookies, don’t set these conditions in the trigger. More about cookies
Comparison of options
We’ll now show you how your data might change when cookies are deactivated. We’ll also compare different data collection methods, helping you understand how combining them can influence your data.
| Consenting visitors or all visitors if you don’t ask for consent | ||||
|---|---|---|---|---|
| Visitor cookies & session hash | Session hash only | Visior cookies only | No visitor cookies & session hash | |
| Mechanisms used to collect data | ||||
| First-party cookies | (1) | (1) | ||
| Local storage | ||||
| Session hash | (2) | |||
| Collected data | ||||
| Visitor’s IP address | Yes / No (3) | Yes / No (3) | ||
| Visitor ID | ||||
| Capture all traffic | ||||
| New vs. returning visitors | ||||
| Visitor’s session | (4) | |||
| Visitor’s location | Latitude, Longitude, Organization, Provider, City, Region, Country, Continent | Latitude, Longitude, Organization, Provider, City, Region, Country, Continent | Latitude, Longitude, Organization, Provider, City, Region, Country, Continent | Latitude, Longitude, Organization, Provider, City, Region, Country, Continent |
| Events | ||||
| Traffic sources | ||||
| Channel attribution | Last-click, position-based, first-click, last-non-direct-click, time-decay, linear and custom models | Last-click | Last-click, position-based, first-click, last-non-direct-click, time-decay, linear and custom models | |
| Privacy laws | ||||
| Compliant with | Countries without privacy laws, CCPA (5), HIPAA (7) | Cookie laws, HIPAA (7) | Cookie laws, HIPAA (7) | GDPR, UK GDPR/PECR (6), TTDSG (6), HIPAA (7) |
- Some triggers in Tag Manager set cookies to function correctly.
- We create a session hash to recognize the visitor’s session. We only use it for 30 minutes since the last event.
- You can mask visitors’ IP addresses under Administration > Sites & apps > Privacy > Mask IP addresses. An IP address gives you a visitor’s location. Masking it removes the selected number of bytes from the address before saving it to the database. Nobody will ever see the full address. Masking an address can enhance visitor privacy, as you won’t be able to see their precise location.
- Each event is a new session.
- You need to add an opt-out form (“do not sell my personal data”).
- Assuming the product is set up to avoid storing additional device-level information, such as screen resolution or browser plugins. You can set it in Administration > Sites & apps > Privacy > Don’t collect visitor’s device data (on).
- If you have the Enterprise plan and have signed a BAA with us.