How to Setup Server-Side Tracking – A Step-by-Step Guide

The digital marketing world is steadily shifting focus to acquired first-party data through server-side tracking techniques. 

The increasing limitations of client-side tracking, like data loss from ad blockers and browser Intelligent Tracking Prevention (ITP), create performance bottlenecks and accuracy issues for marketing ads. In fact, at least 30%-60% of data loss occurs due to denied cookie consent, directly impacting analytics and advertising effectiveness. 

The bottom line is that this unreliable client-side approach no longer meets the stringent demands of modern data-driven marketing.

The solution? Server-side Tracking. 

Server-side tracking (SST) is now a crucial, resilient, and privacy-compliant solution for collecting accurate data. The data processing happens in a secure server rather than in the users’ browsers, mitigating issues like ad blocker interference and browser restrictions. 

In this article, we will comprehensively cover server-side tracking and how to set it up internally for your business, drawing on examples from leading global brands.

Client-side vs. Server-side Tracking: Decoding the Shift

In December 2022, Microsoft, one of the world’s leading tech giants, found itself in murky waters. On 2nd December 2022, Microsoft Ireland faced a fine of €60 million ($65 million) by CNIL for having an easy option for users to refuse cookies on bing.com. The investigations revealed that cookies were being used for advertising purposes without user consent. 

The tech company was ordered to acquire consent from French users before deploying ad cookies, along with a daily penalty of €60,000 for non-compliance. Like Microsoft, several other companies, like Sephora, TikTok, and even Google, found themselves in troubled waters for overriding user consent and deploying ad cookies. 

Your learning lesson? 

Users have become increasingly aware of what data they share and how it is being handled.  Businesses need transparent data policies (which is possible only with server-side tracking). A Deloitte report revealed that 73% of consumers are willing to share their data with brands that have clear data policies in place. This is in addition to Salesforce’s study, which revealed that 65% of customers expect businesses to adapt to their changing needs and preferences. 

Server-Side Tagging is our preferred method for sending measurement data to our marketing partners. It allows us to collect data from the website in a secure manner while improving data collection and enabling event enrichment ~ Doug Logue, Senior Product Manager of Marketing Technology, Square [as published on Google Marketing Platform]

Square, prominently known for its payment processing solutions, adopted server-side tagging within Google Tag Manager (GTM 360) and Google Cloud to: 

• Enhance customer data security
• Integrate the internal customer data platform seamlessly
• Accurately measure the impact of marketing efforts

Interestingly, Square saw a 46% improvement in its ability to measure conversions. This is just one of the many stories that show the tangible benefits of a server-side approach in a complex B2B ecosystem. 

This was not how things were done until 2017, when Apple stated that third-party cookies would be cleared after 24 hours. Since then, the decline of once-dominant client-side tracking had begun. The question is why?

Traditional Client-side Tracking and Its Pitfalls

Traditional client-side tracking relies on small JavaScript code snippets embedded directly into your website’s pages or mobile applications. When a user visits your site, these scripts execute within their browser, collecting data on interactions (like page views, clicks, and form submissions) and sending it directly to various analytics and advertising platforms (e.g., Google Analytics, Meta Pixel).

The marketing advantage: 

The initial simplicity of implementation and widespread adoption made it a plausible choice for businesses. Marketers could add these tags with minimal technical expertise using tag management systems. 

The digital pitfalls:

As time passed and data breach issues skyrocketed, users and businesses equally became aware and alert about how sensitive data is handled. The seismic shift in the growing awareness exposed significant limitations, such as: 

• Browser Restrictions (ITP/ETP): Modern browsers, such as Safari with Intelligent Tracking Prevention (ITP) and Firefox with Enhanced Tracking Protection (ETP), severely restricted cookie lifetimes and cross-site tracking. For instance, major e-commerce retailers, who once relied on 30-day cookie windows for attribution, began seeing significant gaps in their reported conversion data, making it challenging to optimize ad spend effectively and impacting their ability to retarget accurately.
• Ad Blockers: The widespread adoption of ad blockers prevented tracking scripts from firing entirely. This resulted in substantial blind spots for online publishers relying on ad revenue. Impression and click data became increasingly incomplete, directly impacting their monetization strategies and content optimization.
• Performance Impact: Heavy JavaScript code loading on the client side significantly slowed down page load times. Many large consumer brands, particularly those with extensive tag implementations for various marketing tools, noticed their Core Web Vitals scores degrading, negatively impacting SEO and user experience, and leading to higher bounce rates.
• Data Accuracy Issues: The combination of browser restrictions and ad blockers led to incomplete or inconsistent data. This resulted in flawed marketing decisions. Digital agencies managing campaigns for diverse clients regularly struggled with discrepancies between their reported analytics and actual sales figures, making it challenging to demonstrate true ROI.
• Security Concerns: Client-side tracking exposed potentially sensitive user data directly to numerous third-party scripts on the user’s browser. This raised significant privacy compliance questions and security risks for global enterprises in regulated industries (e.g., healthcare technology firms) because it was challenging to fully control what data each third-party script could access or transmit.

Server-side Tracking: Marketers’ Solution to Gain Data Control

Let’s assume you run a digital marketing agency and have already implemented server-side tracking. This is what it means for your business: 

Server-side tracking fundamentally alters the data flow. Instead of sending data directly from the user’s browser to multiple third-party platforms, data is first sent from the client (browser or app) to your secure, first-party server. Your server then acts as a central hub, processing this data and forwarding it to various analytics and advertising platforms via robust server-to-server APIs.

You have more control of the data stream, moving data processing and distribution away from the volatile and increasingly restricted browser environment. You own this data – you can dictate what data to collect, how to process it, and where to send it. 

As a business, you get: 

• Improved Data Quality: SST bypasses browser restrictions and ad blockers to ensure comprehensive and reliable data capture, resulting in more accurate analytics. For example, this shift can benefit a global SaaS business in gaining a more reliable and comprehensive view of its marketing funnel. As a result, it can overcome data loss that previously obscured lead generation effectiveness and insights into product usage. 
• Enhanced Website Performance: Offloading tracking script execution from the client’s browser to your server reduces the client-side load, leading to faster page load times and a smoother user experience. For instance, an international travel booking platform will find that migrating key tracking elements to SST can significantly improve their site speed scores, directly contributing to reduced abandonment rates during the booking process.
• Greater Privacy Control: SST centralizes data management on your server, allowing you to filter, anonymize, or pseudonymize sensitive data before it’s sent to third parties. Financial services, for instance, can better comply with strict data privacy regulations, such as GDPR and CCPA, while building greater trust with their customers.
• Future-Proofed Data Collection Strategy: As the digital landscape continues marching towards a privacy-first approach, SST provides a resilient foundation that is less susceptible to future browser updates or privacy regulations impacting client-side cookies and tracking. For example, automotive manufacturers developing connected car services will have the confidence that their long-term data strategy for understanding user interaction with in-car entertainment and navigation systems will remain viable long after it is collected. 

Now that we have established the supremacy of server-side tracking over client-side tracking, let’s proceed to the main part: implementing server-side tracking. 

Before that, here’s a pro tip: Server-side Tracking and server-side tagging are often used interchangeably, but they indicate two different approaches.

Implementation requires a complete understanding of what we are dealing with. While discussing server-side tracking may sound interesting, the implementation requires an understanding of the core components involved.

Core Components of a Server-side Tracking Setup

Server-side tracking is your first step to reducing CAC and improving ROAS for your brand. Implementing a robust Server-Side Tracking (SST) solution involves several interconnected components working in harmony. Below are the top 4 components of setting up server-side tracking. 

1. Data Layer

The data layer is a structured JavaScript object (for websites) or an equivalent data structure (for mobile applications) that resides on your website or app. It serves as a universal container for all relevant data points you want to track, including product IDs, prices, user IDs, event names (e.g., ‘addToCart’, ‘purchase’), and user properties.

It serves as the single consistent source of all tracking data, ensuring accuracy and consistency before any information is sent from the client. Without a well-defined data layer, your server-side container will not know which data to collect or how to process it reliably. 

For instance, an e-commerce giant like Amazon will require a sophisticated data layer to capture detailed purchase information like specific product variations (size, color), return status, and customer loyalty ties. This granular data, consistently available, powers their server-side analytics, enhancing precise inventory management and personalized marketing campaigns. 

This is how Amazon indicates whether a product you are viewing has been seldom returned, reviewed positively, or consistently returned.

The user information Amazon acquires not just helps in tailoring product recommendations that suit your taste, but also helps you make an informed decision as a buyer (based on information collated from several buyers who match your profile/preferences).

2. Server-side Tag Management System

This environment is a key component of your SST setup. When hosted securely, it intelligently manages the routing, transformation, and enrichment of data before it is sent to final destinations. Think of it as a control tower for your data, which can determine where each piece of information needs to go and in what format. 

The server container receives and processes incoming data from various client sources. This can be from web browsers (via a client-side GTM container or direct requests), mobile applications, and even offline systems, such as CRM databases. 

Within the server-side container, you configure the TAGS that dictate where the processed data will be sent. These tags send information to specific platforms, such as Google Analytics, Facebook Conversion API, or ad platforms. This enables the sending of more reliable ad impressions and click data directly to ad partners, thereby bypassing browser limitations and ad blockers.

The server container can manipulate, anonymize, filter, and enrich data on the server before forwarding it. This improves data quality and ensures compliance with privacy regulations. 

For instance, a global media streaming advertising platform will want to use transformations to hash user IDs on the server before sending them to advertising platforms. This is to ensure that PII (Personally Identifiable Information) is never directly exposed. They can also enrich incoming web data with subscription tier information from their internal database, allowing for more segmented analysis in their analytics platform without exposing sensitive user details. 

3. The Cloud Environment: Powering Your Server (e.g., Google Cloud Platform, AWS, Azure)

The cloud environment provides a scalable and reliable infrastructure necessary to host your server-side tag manager (such as the GTM server container) and process potentially vast amounts of data. It keeps your data pipeline operational and can handle fluctuations in traffic. 

Key considerations when choosing your cloud environment: 

• Scalable: The cloud environment should dynamically handle varying data volumes. For instance, for an eCommerce giant like Amazon, on Black Friday sales, the infrastructure needs to scale to process millions of transactions per hour instantly. However, for a SaaS product, the requirement might be a steady and reliable capacity for consistent daily usage while incorporating new feature launches. 
• Reliable: There should be continuous data flow and minimal downtime to maintain accurate real-time analytics and ensure no critical conversion data is lost. 
• Cost: Understand the pricing models for compute, network, and storage. Costs can vary based on the data volume, processing power required, and outbound data transfer. 
• Region: Choose a data center location relevant to your audience, data residency requirements, and compliance needs. For instance, an EU-based consumer goods brand will likely benefit from using EU-based servers to store European user data in order to comply with the GDPR. Conversely, a South American media company might opt for a local region to reduce latency and improve data transfer speed for their audience.

4. APIs for Data Forwarding (e.g., Facebook Conversions API, GA4 Measurement Protocol)

APIs are secure, server-to-server connections that allow your server-side tag manager to send processed data directly to various analytics, advertising, and marketing platforms. Implementing these direct connections helps bypass traditional browser limitations, ensuring higher data fidelity and reliable attribution. 

Examples of brand applications: 

• Facebook Conversions API (CAPI): This API allows you to send conversion events (e.g., purchases, leads, sign-ups) directly from your server to Facebook’s ad platform.
• Google Analytics 4 (GA4) Measurement Protocol: This protocol allows you to send events directly to GA4 from any internet-connected environment, including your server.
• Other platform APIs (e.g., TikTok Conversion API, LinkedIn Conversions API): Similar direct integrations are available for a comprehensive data ecosystem.

Once you have the know-how of the core components, let’s start setting up your server-side tracking.

Setting up Server-side Tracking: Step-by-Step Guide

Ideally, there are four approaches to implementing server-side tracking: 

1. Using a server-side tag manager
2. Custom direct integration (using conversion APIs manually)
3. Meta’s conversion API gateway
4. Other platforms and approaches

ScaleX recommends using:

• GTM Server-Side (sGTM) for multi-channel tracking
• Meta Conversions API Gateway for Facebook/Instagram
• Custom solutions for niche cases, if required

Setting up the server-side tracking is done in four phases. Let’s start.

Phase 1: Planning and preparation

The first step is to establish a solid plan that aligns your SST setup with your business goals. This phase involves defining your objectives, conducting an audit, selecting the ideal platform, and aligning your teams for the setup. 

Steps	What You Will Do
Define Objectives	Clearly state what data you need to collect and the Key Performance Indicators (KPIs) SST will improve. Focus on business outcomes.
Current Audit	Analyze your existing client-side tracking setup. Document all current tags, triggers, and variables. Identify what data is being collected and what needs to be migrated or enhanced.
Select Platform	Choose your server-side tag manager (e.g., GTM Server Container) and cloud provider (e.g., Google Cloud Platform, AWS, Azure). Consider scalability, existing infrastructure, and budget.
Align Teams	Involving your marketing, analytics, and engineering teams from the beginning is crucial. Ensure everyone understands the new data architecture and their roles.

Phase 2: Implementation

Once your goals are defined and you have selected a platform, you begin by setting up the technical configuration of your server-side environment and tags. 

1. Client-side Data Layer Enhancement: 

Update your website or app’s data layer to send comprehensive and consistent data to your new server endpoint. This often involves modifying existing JavaScript on your site to push relevant event and user data into the data layer.

For instance, if you are running an e-commerce business, your app will need to capture delivery_status, order_value, and customer_id for every transaction and send it to the servers.

2. Provision Server Container:

Set up and deploy your server-side container in your chosen environment. Configure server resources (example: memory, CPU) and auto-scaling to handle expected data volumes. 

3. Configure Client in SST: 

Define how your server-side container receives data from your client. For web, this might involve setting up a custom loader path or a dedicated data endpoint, like gtm.yourdomain.com. Similarly, for mobile apps, integrate SDKs to send data to your server endpoint. 

4. Create Server-side Tags: 

• GA4 Tag: Set up a GA4 client and a GA4 server-side tag. This forwards events, such as page views, purchases, and customer events, to Google Analytics 4. 
• Facebook CAPI Tag: Implement a Facebook Conversions API (CAPI) tag. This sends conversion events directly to Facebook’s ad platform. 
• Configure any other necessary tags, such as the TikTok Conversion API, Pinterest Conversions API, and LinkedIn Conversions API, to leverage server-side sending for a holistic marketing ecosystem. 

5. Implement Measurement Protocol/Conversion APIs:

Ensure data is correctly formatted and sent via the respective platform APIs (e.g., GA4 Measurement Protocol, Facebook CAPI). This often involves mapping variables from your client-side data layer or server-side transformations to the specific parameters required by each API.

Phase 3: Testing and Validation – Ensuring Data Integrity

Confirm your SST setup via thorough testing. Test and validate that your SST is collecting accurate and complete data.

Steps	What You Will Do
Debug Mode	Utilize your server-side tag manager’s preview and debug mode. Meticulously inspect incoming data, outgoing requests, and any transformations applied. Ensure all parameters are correct and firing as expected.
Monitor Network	Verify server-to-server calls using network proxy tools (e.g., Fiddler, Charles Proxy) or your cloud provider’s logging tools. Confirm successful data transmission to the end platforms.
Compare Data	Conduct thorough comparisons between data received via SST and any remaining client-side data (if running in parallel). Identify discrepancies and ensure accuracy.
Activate Audience	Verify that audiences built from server-side data are populating correctly and being activated effectively in ad platforms. This confirms the data’s utility for targeting and personalization.

Phase 4: Maintenance and Optimization

SST is not a set-it-and-forget-it solution. Ongoing maintenance and optimization are crucial for long-term success. 

• Continuous Monitoring: Regularly check your data streams for errors, inconsistencies, or processing delays. Set up automated alerts for critical data flows to detect and address issues quickly.

• Optimize Performance: Monitor cloud resource usage (compute, network, storage) and optimize costs. Scale infrastructure up or down dynamically as traffic demands change to avoid over-provisioning or performance bottlenecks.

• Adapt and Update: Stay informed about platform updates (e.g., new GA4 features, API changes from ad platforms) and evolving privacy regulations. Update your server-side configurations and tags as needed to maintain compliance and leverage new functionalities. 

• Verify Scalability: Proactively plan for increased traffic and data volume as your business grows. Ensure that your server-side infrastructure and data pipeline can scale seamlessly to meet future demands.

Let’s now implement this using Google Tag Manager. 

Prerequisites:

• A Google Tag Manager account.
• A Google Cloud Platform (GCP) account (or another cloud provider if provisioning manually).
• Access to your website’s or app’s code.

Step-by-Step Guide:

1. Create a GTM Server Container:
   • Go to your Google Tag Manager account.
   • Click “Admin” (gear icon) in the top navigation.
   • Under the “Container” column, click the “+” button to create a new container.
   • Name your container (e.g., “MyWebsite SST”).
   • Select “Server” as the target platform.
   • Click “Create.”
2. Provision the Tagging Server:
   • After creating the server container, GTM will prompt you to “Set up your tagging server.”
   • Option A: Automatically Provision Tagging Server (Recommended for most users):
     • Choose “Automatically provision tagging server.”
     • GTM will guide you through setting up a Google Cloud Project and deploying the server container on Google Cloud Run. This is the simplest method.
   • Option B: Manually Provision Tagging Server:
     • Choose “Manually provision tagging server.”
     • You will receive a “Container Config” string. You’ll need to deploy a server-side GTM environment on your preferred cloud provider (e.g., AWS, Azure, or your server) using this config. This requires more technical expertise.
   • Note: Ensure your server is accessible via a custom subdomain (e.g., analytics.yourdomain.com) for optimal first-party data collection.
3. Update Client-Side Data Collection:
   • Your website or app needs to send data to your new GTM server container instead of directly to third-party platforms.
   • For Websites using gtag.js:
     • In your gtag.js configuration, add the server_container_url parameter.

Example:
JavaScript
gtag('config', 'GA_MEASUREMENT_ID', {
'server_container_url': 'https://analytics.yourdomain.com'
});

• Replace GA_MEASUREMENT_ID with your GA4 Measurement ID and https://analytics.yourdomain.com with your actual server container URL.

• For Websites using dataLayer.push (and a GTM Web Container):
  • In your GTM Web Container, update your GA4 Configuration Tag.
  • In the “Server Container URL” field, enter your server container’s URL (e.g., https://analytics.yourdomain.com).
  • This tells your web container to send all data to your server container first.
• For Mobile Apps:
  • Integrate the appropriate SDKs (e.g., Firebase SDK for Android/iOS) and configure them to send data to your server container’s endpoint.

4. Configure Clients in the Server Container:
   • In your GTM Server Container, go to “Clients.”
   • A “Google Analytics 4″ client is usually pre-installed. This client is responsible for receiving and parsing incoming GA4-formatted requests from your website/app.
   • Ensure this client is enabled and correctly configured.
5. Create Server-Side Tags:
   • Now, you’ll set up tags in your GTM Server Container to forward data to your desired platforms.
   • Example: GA4 Server-Side Tag:
     • In your GTM Server Container, go to “Tags.”
     • Click “New” and choose “Google Analytics: GA4” as the tag type.
     • Set the “Measurement ID” to your GA4 property ID.
     • Set the “Triggering” to “All Pages” or a specific event trigger.
     • This tag will send data from your server to GA4.
   • Example: Facebook Conversions API (CAPI) Tag:
     • In your GTM Server Container, go to “Tags.”
     • Click “New” and choose the “Facebook Conversions API” tag template (you might need to import this from the Community Template Gallery).
     • Configure the required parameters (e.g., Facebook Pixel ID, Access Token, Event Name, User Data).
     • Set the “Triggering” based on your conversion events (e.g., “purchase,” “lead”).
     • This tag will send conversion data directly to Facebook.
   • Repeat this process for other platforms (e.g., TikTok, LinkedIn, Pinterest) by adding their respective server-side tag templates and configuring them accordingly.
6. Implement Data Transformations (Optional but Recommended):
   • In your GTM Server Container, you can use “Variables” and “Transformations” to modify data before it’s sent.
   • Anonymization: Hash user IDs or remove sensitive data.
   • Enrichment: Add first-party data (e.g., CRM data) to events.
   • Filtering: Exclude specific data points from being sent to certain vendors.
   • This is done using “Transformation” rules within your tags or custom templates.
7. Test and Debug:
   • In your GTM Server Container, click “Preview” (top right). This opens the debug console.
   • In a separate browser tab, navigate to your website or app.
   • Perform actions that trigger your tracking events (e.g., page views, add to cart, purchases).
   • Observe the incoming requests and outgoing tag fires in the GTM Server Container debug console.
   • Verify that all data parameters are correct and that tags are firing as expected.
   • Use browser developer tools (Network tab) to confirm that data is being sent to your server container URL.
8. Publish and Monitor:
   • Once testing is complete and you’re confident in your setup, click “Publish” in your GTM Server Container.
   • Regularly monitor your data streams in your analytics and ad platforms for accuracy and consistency.
   • Monitor your cloud provider’s billing and resource usage to optimize costs.
   • Stay updated on GTM Server Container features and privacy regulations to adapt your setup as needed.

Challenges and Key Considerations 

While server-side tracking (SST) offers significant advantages, its implementation comes with specific challenges.

Attribute	Challenge	What You Can Do
Technical Complexity	You need to understand backend development like cloud infrastructure, server environments, and API integrations.	Regularly review your cloud provider’s billing dashboards and usage reports . Consider configuring auto-scaling for your server to handle varying data volumes, especially during peak traffic seasons. Research and opt for cloud servers that offer the best combination of cost and performance without compromising your budget (and leaving room for scalability). Set up alerts for budgets in your cloud account to stay informed about approaching spending limits.
Cost Management	Hosting a server in the cloud often incurs costs for compute resources, storage, and data transfer. The price increases during unexpected traffic spikes, resulting in higher bills if not properly managed.	Regularly review your cloud provider’s billing dashboards and usage reports. Consider configuring auto-scaling for your server to handle varying data volume,s especially during peak traffic seasons. Research and opt for cloud servers that offer the best combination of cost and performance without compromising your budget (and leaving room for scalability). Set up alerts for budgets in your cloud account to stay informed about approaching spending limits.
Data Governance and Privacy Compliance	Ensure that all data processing complies with relevant regulations, such as GDPR and CCPA, among others. Proper anonymization, pseudonymization, and consent management are critical.	Define clear rules for what data is collected, processed, and shared. Use your server container to hash, filter, or remove Personally Identifiable Information (PII) before it is sent from your server. Periodically review your data flows and configurations to ensure ongoing compliance with relevant regulations. Seek expert legal advice to navigate complex data privacy landscapes, especially for global operations.
Integration with Existing Systems	SST needs to integrate with your current marketing, analytics, and CRM systems. Connecting data from various sources (e.g., websites, mobile apps, and offline sales) into a unified view can be a complex task.	Map out all data sources and destinations. Understand how data will flow between them. Leverage robust APIs provided by your platforms (e.g., Facebook CAPI, GA4 Measurement Protocol) for direct, secure data transfer. For highly complex environments, explore customer data platforms (CDPs) or integration platforms as a service (iPaaS) to streamline data orchestration.
Maintaining Client-Side Interactions	While SST handles much of the heavy lifting, some data points are inherently client-side (e.g., scroll depth, video play progress, form field interactions). These require JavaScript to capture accurately in the browser.	Combine SST for core conversions and sensitive data with minimal client-side tracking for specific browser-dependent interactions. Ensure your data layer is designed to capture all necessary client-side events before they are sent to your server. Define which data points are handled client-side and which are server-side to avoid duplication or gaps.
Vendor Support and Ecosystem Maturity	Not all marketing and analytics vendors have mature or well-documented server-side APIs. The ecosystem is still evolving, and support resources can vary.	When evaluating new tools, inquire about their server-side integration capabilities. Participate in online forums and communities (e.g., GTM communities, cloud provider forums) to learn from others’ experiences. Always conduct comprehensive testing for each vendor integration to ensure data is received correctly and consistently.

Concluding Thoughts

Server-side tracking is beneficial for your brand, especially if you want to maintain control over your data. The benefits are endless – your page loading time reduces, you get accurate data, and your data is safe today and in the future as well. 

If you need assistance in setting up your server-side tracking, at ScaleX, we offer end-to-end help in implementation. We have in-house pro team members who can help you set up server-side tracking smoothly (like a cakewalk). Connect with us ASAP and let us help you get things up and running right away.