Criteo OneTag: The Setup
Retargeting lives on product context. OneTag in the browser stays the default path; server-to-server is the exception.
Event setup at a glance
- Browser tag
- Criteo OneTag
- Server-side API
- Events API (server-to-server)
- Recommended path
- Browser tag only
- Deduplication
- No
Identifiers
Recommended for match qualityemail (SHA-256)customer_id
Event mapping
E-commerce
viewItemviewListaddToCarttrackTransaction
Consent constraints
- Retargeting without marketing consent is a non-starter; OneTag hangs entirely on the CMP signal.
- Hashed emails for identity matching need the same consent basis.
Consent-aware routing assumed. Privacy fit depends on the concrete setup; the legal assessment stays with your privacy team (legal review required).
Implementation methods
- OneTag via GTM Web with product IDs from the dataLayer
- Feed and events have to speak the same product IDs
Debugging checklist
- Criteo OneTag Verifier
- GTM preview mode
Common mistakes
- Product IDs in the event do not match the feed, retargeting runs on the wrong items.
- trackTransaction without a dedup concept on page reloads.
Runs on (our setups)
A fit when
- Retargeting with a large product catalog and a maintained feed.
- E-commerce with clear product IDs in the dataLayer.
Not a fit when
- The product feed is unmaintained; retargeting then only amplifies errors.
- Consent rates are so low that retargeting reach barely materialises.
What this destination is about
Criteo is the feed platform on this list: what decides the outcome is not event volume but whether product IDs in events and catalog feed line up. A clean OneTag setup in the browser beats a half-finished server path here.
Where Criteo sits against the other platforms is on the ad platform hub.
For a self-run QA pass: the Consent Mode audit checklist, the CMP QA template, and the consent mapping worksheet.
Sources
- Criteo help center (accessed 2026-07-03)
Related services
Topical context
- Criteo OneTag setup
- Criteo retargeting tracking
- Criteo GDPR
Do your conversions actually arrive in the ads platforms? The Paid Media Tracking Audit settles it.
Request a Paid Media Audit →Why no hybrid path for Criteo?
Because the payoff is smaller here: Criteo lives on product context in the browser, and the S2S path without a validated dedup concept adds more risk than signal. We re-check that per project.
More integrations we work with
- Ads & Conversion APIsOutbrainNative ads with postback logic. Server-to-server over the click ID is the sturdier path here, not the exception.
- AnalyticsGoogle Analytics 4 (GA4)The web analytics standard with a huge ecosystem. Free including BigQuery export, but consent-dependent and US cloud.
- AnalyticsPiwik PROEU-hosted analytics platform. GDPR-compliant by default, enterprise-ready, and the go-to GA4 migration target for consent-critical setups.
- AnalyticsPlausible Community EditionSelf-hosted, cookieless web analytics. GDPR-compliant without a consent banner, full data ownership. This very site runs on it.
- AnalyticsPostHogOpen-source product analytics, feature flags, and experimentation in one. EU self-hosting possible, usable as an assignment layer for server-side experiments.
- AnalyticsMatomoOpen-source classic, darling of the DACH public sector. 100% data ownership, UI a bit dated.