Server-side tracking

The need to comply with EU General Data Protection (GDPR) and ensure greater data protection and security has highlighted the importance of hosting European data on European servers, thus placing more legal and technical restrictions on the data collection and sharing (website tracking for example) that is critical for business insight, and targeted marketing in particular.

There is no doubt that in an increasingly privacy-focused world ways of working need to adapt.  And in this case, server-side tracking offers an alternative that is not currently widely used.

There are various server-side tracking options on the market; perhaps unsurprisingly, Google Tag Manager (GTM) is the most prominent and common solution for server-side tracking.

Server-side tracking vs client-side tracking

Most companies currently use client-side tracking, which creates a direct connection between a user’s device and the third-party tracking code used by the website they are viewing. Marketing analytics tags in the form of JavaScript snippets, which download as the page is opened, are loaded onto the device, reducing the performance of the website. This third-party code is difficult to control. In addition, some browser tracking preventions restrict the lifetime of the tracking cookies set via JavaScript, and in some cases prevent the entire data flow.

Server-side tracking allows companies to move measurement and advertising tags off the website and into a secure server container. The multiple data streams between the web page being viewed by the end user and the server can be pruned down to one, reducing both the third-party code and the tracking tags required on the website.

When someone is viewing a website, their pageviews and interactions are sent to the server tag manager (which, because it can be hosted on a sub-domain of that website, means details are collected in a first-party context). The tags for vendors such as Google Analytics, Google Ads and Facebook configured in the server tag manager can access the information, but the owner of the server defines what data is sent to these third-party servers – specifying for example that IP addresses need to be redacted.

Setting the cookies required to recognize users across browsing sessions via the server means they can only be read by the website’s server. This makes them more secure than when they are set via JavaScript (the method used in client-side tracking), while their lifetime is not limited by browser tracking preventions. As a result, user recognition is more effective with server-side tracking and the data quality improves.

In summary, there is no direct connection between the user’s device and third-party vendors; the latter only receive data that has been defined by the server.

The benefits of server-side tracking

Adopting server-side tracking results in only the server for the site in question being able to read the user’s details and interactions. The parts of the data that should be forwarded to  third-party vendors can then be defined within the server. This is in sharp contrast to client-side tracking, which sees JavaScript set cookies and send data directly to third parties.

Server-side tracking restricts access to a user’s data, thereby protecting it from being collected by any third parties, i.e. anyone other than the site they are visiting. And with fewer third-party code and tracking tags, page load speeds automatically increase, improving the user experience – and potentially increasing the purchase funnel conversion rate.

Third-party tools do not receive any information about the user’s device because the tag manager server sits between them; it can overwrite anything considered to be PII, such as the IP address and the web browser, before it is sent to third parties. (Google Analytics does have IP anonymisation, but this is carried out after the full information has been transmitted to its server.)

The first-party nature of the data collected also improves its quality.

Spam protection tools help to ensure that only real users are tracked. While tools such as Google Analytics have built-in filters, a server tag manager puts its owner in control, enabling them to define their own list of the bots and crawlers to be blocked, and which data they do want to send to a third party.

Tools such as Google Analytics need to receive information in a particular format and within certain parameters; specific rules can be defined in the server tag manager to check data, and make any necessary corrections before it is sent. The tag manager user can also enrich the user’s data with its own (first-party) data.

In terms of the Austrian and French DPA rulings, data collection via server-side tracking helps to ensure operations are secure, as data ownership and control is kept close to enterprises and server holders.

Performance and privacy

Server-side tracking is relevant to any organisation that wants to strengthen its control over the data traffic from its website, improve the quality of the data it does track, and enhance the experience of its customers. Despite these advantages, it is still an under-deployed way of operating.

But in meeting both the performance and privacy demands of today’s competitive and increasingly regulated market, server-side tracking, whether with GTM or another offering, should be on the radar of most enterprises.

Artefact Newsletter

Interested in Data Consulting | Data & Digital Marketing | Digital Commerce ?
Read our monthly newsletter to get actionable advice, insights, business cases, from all our data experts around the world!