Embed Google AdSense GDPR compliant in WordPress

Place ads on your own website to generate revenue without much work? Thanks to the Google AdSense advertising network service, this is no longer a pipe dream.

However, we’re sorry to disappoint you if you assume that you can use the Google service on your WordPress website without any problems. The reason for this is (once again) data privacy.

How you can use Google AdSense as GDPR-compliant as possible to be able to place ads on your WordPress website despite the privacy confusion, we tell you in this article!

We must point out that the following statements do not constitute legal advice. Therefore, we can only give you evaluations from our intensive experience with the EU legal regulations in practice and a technical assessment of the situation. We must point out that the following remarks do not constitute legal advice. We can therefore only give you assessments from our intensive experience with EU legislation in practice and a professional evaluation of the situation. Furthermore, this article deals with the legal situation before the new “Trans-Atlantic Data Privacy Framework“.

Contents show

What is Google AdSense and how does it work?

In addition to Google Maps, Google Analytics and Google Ads, Google AdSense is also one of the in-house Google services – who would have thought it 😉

With the help of Google AdSense, website operators have the opportunity to generate revenue by placing targeted ads on their own website. The ads are based on the content and the visitors to the website. The costs of placement are borne by the advertisers – as is the creation of the ad. And the advertiser also has to hand over part of the revenue generated to Google.

Just as in Google Ads, the auction principle is a central element in Google AdSense. In Google AdSense, the ad of the highest bidder is played out. In Google Ads, the Google-internal rating also plays a role.

Difference between Google AdSense and Google Ads

Admittedly: Both ad networks sound pretty darn similar. However, there is a big difference between Google AdSense and Google Ads.

Google Adsense: You place ads on your website and receive a certain amount of money for each click. You earn money.

Google Ads: You place paid ads in Google search and on various websites. You spend money.

Google AdSense and the privacy

The question about whether the use of Google AdSense and privacy is compatible, is quite legitimate. Because as you almost certainly already know, Google is not exactly praised in the highest terms by data protectionists – on the contrary.

This is due to the fact that Google is a US company. It becomes particularly problematic whenever data processing personal data takes place in the USA. After the EU overturned the Privacy Shield – a data protection agreement negotiated between the EU and the U.S. – the U.S. is considered an unsafe third country with a poor level of data protection.

In order to display advertising as precisely as possible to the target group, Google AdSense uses, among other things, the IP address of the user, which in some countries – such as Germany – is considered personal data. Unlike Google Analytics, Google AdSense does not provide you with an IP anonymization function.

What is IP anonymization?

Since in many countries (e.g. Germany) the IP address is considered a personal date, the obligation to make it unrecognizable is therefore a logical consequence. An IP address is changed or shortened in such a way that the user cannot be clearly identified. For example, 111.234.564.133 becomes → 111.234.564.X

In Google Analytics, the anonymize_ip tag is available for this purpose. You can or should insert this tag into your Google Analytics tracking code. In Real Cookie Banner this is already stored.

Furthermore, when Google AdSense is used, cookies are set. The cookies set by Google AdSense are used to distinguish users as well as to record their behavior on the website in detail. The information collected is then linked to advertising data from the Google Ads advertising network and evaluated for the targeted placement of ads and performance measurement.

This data can be linked to user data from Google accounts on google.com.

Caution. For non-essential cookies, you generally need opt-in consent within the EU. Cookies that are not technically necessary for the basic functionality of the website are considered non-essential. An economic interest of the website operator is irrelevant here.

Means concretely: for the cookies set by Google AdSense you need an opt-in consent of your visitors.

How to integrate Google AdSense into your WordPress website in compliance with the GDPR

Now we’ll show you all the things you need to consider in order to use Google AdSense advertising on your website in the most GDPR-compliant way possible.

✅ Opt-in consent

As you already know, you need opt-in consent both for data processing of personal data to the US and for setting non-essential cookies. To make obtaining opt-in consent for Google AdSense as quick and straightforward as possible, we recommend you take a look at the Cookie Consent plugin Real Cookie Banner.

Why?

All you have to do is select the Google AdSense template stored, enter your Google Adsense Publisher ID and that’s it! Practically, the whole thing looks like this:

1. Open your WordPress backend.
2. Go to Plugins > Install. Search for Real Cookie Banner.
3. Activate and install the plugin.
4. After successful installation, click on Cookies > Services (Cookies) > Add Service in the left menu.
5. Search the templates for Google AdSense (The template is already available in the free version 😉)

Click on the template. Now you are in the service configuration.
Scroll down to the Technical Handling.
Enter your Google Adsense Publisher ID in the appropriate field.

How to find your Google Adsense Publisher ID:

Open your Google AdSense Dashboard.
Go to account > settings > account information.

1. Done! Now you have created Google AdSense in your cookie consent banner, so that the service is only used after the consent of the visitor – quite privacy compliant so 😉

Google AdSense and the Transparency and Consent Framework (TCF)

In addition to opt-in consent, Real Cookie Banner PRO provides you with TCF compatibility.

The Transparency and Consent Framework (TCF) is a standard from the European digital marketing industry association IAB Europe. It allows users to provide consent for data collection and processing in accordance with applicable EU law and to share it with third-party services (e.g., advertising networks) in a standardized format. Some services require consent under the TCF standard to be used on your website.

You can read more valuable information about TCF and Real Cookie Banner in our knowledge base article on Setting up a TCF-compatible cookie banner.

We recommend that you enable this feature in case of Google AdSense. Google is fully compatible with TCF and is also represented in the list of TCF providers.

The advantage here is that you signal to Google by means of TCF compatibility that you have obtained consent to play out personalized advertisements and that these will consequently always be played out.

Try Real Cookie Banner now!

🤝 Order processing contract

In this case, when using the Google service Google AdSense, no order processing contract needs to be concluded. This is because Google is acting as a data controller – and not a data processor – in this case. Google assumes the role of data processor according to Article 28 of the GDPR, for example, when using the analytics service Google Analytics.

According to its own statements, Google is the data controller for all of its publisher products.

📝 Privacy Policy

Of course, you also need to include Google AdSense in your privacy policy. In the course of this, you should explain the reason why you use Google AdSense. Likewise, what data is transferred. Thus, your website visitor has a fair opportunity to fully inform themselves about the use of Google AdSense.

Last update: 3 months ago