Server-side tracking routes analytics and conversion data through your own server before forwarding to platforms like GA4, Meta, and LinkedIn — bypassing ad blockers, ITP, and browser privacy restrictions.
Quick Answer
Server-side tracking routes analytics and conversion data through your own server before forwarding to platforms like GA4, Meta, and LinkedIn — bypassing ad blockers, ITP, and browser privacy restrictions.
sGTM set cookies last up to 400 days on first-party subdomains vs 7 days with Safari ITP restrictions
Expect 15–40% improvement in measured conversions after implementing server-side tracking in privacy-restricted browsers
Always implement event deduplication IDs — both client and server can send the same event to Meta/GA4
Key Takeaways
sGTM set cookies last up to 400 days on first-party subdomains vs 7 days with Safari ITP restrictions
Expect 15–40% improvement in measured conversions after implementing server-side tracking in privacy-restricted browsers
Always implement event deduplication IDs — both client and server can send the same event to Meta/GA4
How Server-Side Tracking Works
Traditional client-side tracking fires JavaScript tags directly from the visitor's browser to third-party platforms (Google, Meta, LinkedIn). Ad blockers, browser ITP (Intelligent Tracking Prevention), and privacy-focused browsers intercept or block these requests — causing data loss estimated at 15–40% of conversions in many B2B environments. Server-side tracking (sGTM) moves this data flow to a server you control: the browser sends one request to your server, your server enriches it, then your server forwards it to all downstream platforms. The user's browser never contacts third-party domains directly.
Why Server-Side Tracking Matters for B2B Marketing
Google Tag Manager's server-side container runs on Google Cloud Run (or any Docker-compatible host) and operates as a proxy. You configure a first-party subdomain (e.g., metrics.yourdomain.com) that points to your sGTM container. Client-side GTM sends events to this first-party endpoint. The sGTM container receives, validates, and routes the data to GA4 (via the Measurement Protocol), Google Ads, Meta CAPI, LinkedIn CAPI, and other platforms via server-side tags. Critically, sGTM can set first-party cookies with up to 400-day expiry (vs Safari's 7-day ITP limit for JavaScript-set cookies).
Server-Side Tracking: Best Practices & Strategic Application
Best practices: host your sGTM container on a first-party subdomain of your main domain for maximum cookie longevity. Implement server-side deduplication — both client and server may send the same event, and platforms like Meta use event IDs to deduplicate. Always implement Consent Mode v2 on the client side and pass consent state to sGTM so you remain compliant while maximizing data collection. Monitor server costs (Google Cloud Run scales with traffic) and set billing alerts.
Agency Perspective: Server-Side Tracking in Practice
sGTM is not a replacement for client-side GTM — it's a complement. Client-side GTM still handles DOM interactions, user behavior signals, and data layer events. sGTM handles the forwarding and enrichment of that data to platforms. For B2B teams where each lead has significant revenue value, even a 20% improvement in conversion data accuracy can meaningfully improve Smart Bidding performance and campaign ROI. The setup investment (typically 8–16 hours for a full implementation) pays for itself quickly.
Frequently Asked Questions: Server-Side Tracking
Server-side tracking routes analytics and conversion data through your own server before forwarding to platforms like GA4, Meta, and LinkedIn — bypassing ad blockers, ITP, and browser privacy restrictions.
The sGTM container itself is free. You pay for the hosting infrastructure. Google Cloud Run costs approximately $5–$30/month for typical B2B traffic volumes (under 1M requests/month) on the minimum two-instance configuration Google recommends. Costs scale with traffic but remain manageable for most SMB and mid-market sites.
It significantly reduces ad blocker impact because your analytics requests go to your own first-party subdomain rather than google-analytics.com or connect.facebook.net. Sophisticated blockers can still detect sGTM patterns, but the vast majority of common browser extensions and default browser privacy settings will not block first-party subdomain requests.
No, but it helps. GDPR compliance is primarily about consent, not about where data flows technically. However, sGTM reduces the number of third-party domains that receive user data before consent is confirmed, which supports a privacy-by-design architecture. Combined with Consent Mode v2, sGTM enables compliant modeling of consented and unconsented traffic.
MV3 Marketing helps B2B companies apply these strategies to drive measurable pipeline growth. Our team executes analytics setup for technology, SaaS, and professional services companies.
ID used to identify users for 24 hours after last activity
24 hours
_gat
Used to monitor number of Google Analytics server requests when using Google Tag Manager
1 minute
_gac_
Contains information related to marketing campaigns of the user. These are shared with Google AdWords / Google Ads when the Google Ads and Google Analytics accounts are linked together.
90 days
__utma
ID used to identify users and sessions
2 years after last activity
__utmt
Used to monitor number of Google Analytics server requests
10 minutes
__utmb
Used to distinguish new sessions and visits. This cookie is set when the GA.js javascript library is loaded and there is no existing __utmb cookie. The cookie is updated every time data is sent to the Google Analytics server.
30 minutes after last activity
__utmc
Used only with old Urchin versions of Google Analytics and not with GA.js. Was used to distinguish between new sessions and visits at the end of a session.
End of session (browser)
__utmz
Contains information about the traffic source or campaign that directed user to the website. The cookie is set when the GA.js javascript is loaded and updated when data is sent to the Google Anaytics server
6 months after last activity
__utmv
Contains custom information set by the web developer via the _setCustomVar method in Google Analytics. This cookie is updated every time new data is sent to the Google Analytics server.
2 years after last activity
__utmx
Used to determine whether a user is included in an A / B or Multivariate test.
18 months
_ga
ID used to identify users
2 years
_gali
Used by Google Analytics to determine which links on a page are being clicked
