The most common concern I’ve seen raised in Europe is how best to integrate ODP with your website in accordance with GDPR compliance data protection regulations.
Some ODP Background
ODP consists of the following key data entities that will be synced between your website and ODP.
Products Product catalog structure and master data
Customers The Visitors profile data telling us who this customer is such as Name, DOB, Language etc
Events A visitors various interactions with the website such as page views, login, add to cart, orders
Orders Orders that the visitor has placed in your E-Commerce system
Out of these 4 entities, all but the synchronisation of the Product feed is typically subject to GDPR compliance regulations.
Commerce Cloud Connector
Optimizely’s Commerce Cloud connector is a no code add on that can be used Optimizely Commerce Cloud’s Service API to synchronise Product, Customer Contact and Order data entities.
In Europe you would be best advised to enable Product imports but disable Contacts and Orders so that you can do the relevant checks to make sure that your customers have first agreed to the relevant cookie policies.
Note: ODP’s Commerce Cloud Connector is due for release in EU H1 2022
GDPR Friendly Integration
My advice is to separate your ODP tracking implementation from your websites code base by using a Tag Manager that forwards data to ODP only for requests that adhere to the relevant cookie policies.
I’ll assume you are using Google Tag Manager for the rest of this post.
Use your Cookie Opt In Trigger
You will likely already have an Opt-In performance cookie trigger set up in GTM to manage the execution of your Tags. The set up of your trigger will depend on the product you use to manage cookies but it should look like something similar to the below.
All ODP Tags should use this trigger to make sure that only customers who agree to share their data are synced to ODP.
Load the ODP JS Tag
As you are tracking a session, you need to load the ODP JS tag on each page. The JS tag will include the PageView event by default.
Then in Google Tag Manager you can simply add a custom HTML Tag using the Opt-In Performance trigger
This will load the ODP JS script and fire the “pageview” event for customers who have accepted the configured cookie policies.
Using the Tag Manager Data Layer
Using this approach you can push any Tag Manager data layer events you are already firing to ODP and push new data layer events for any other data you want to track.
As you learn new profile information on your customer, push a “CustomerProfile” event to the data layer with the customer profile object.
Then create a Tag to push that data onto ODP as demonstrated below.
Note the timeout wrapping the ODP API push. This is because of an intermittent issue with a race condition that sometimes caused this event to fire before the JS script was loaded resulting in the event failing to fire.
Events are actions the customer takes on your website. They can be anything from page views to keyword searches or completing a checkout.
The below example triggers the Tag when a “Search” event is pushed to the data layer and the customer has accepted the relevant cookie policies.
Using a Tag Manager is a great low code option for integrating ODP into your website while maintaining your GDPR compliance.
One thought on “Integrating Optimizely Data Platform (ODP) for GDPR compliance”