Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Elevar is a Shopify focused server side conversion tracking and data layer platform that helps direct to consumer brands restore the conversion accuracy lost to ITP and ad blockers. The product enriches the Shopify event stream and forwards conversions to Google Ads, Meta CAPI, TikTok Events API, Pinterest, Klaviyo and Snapchat through a server side Google Tag Manager container. Because Elevar systematically pushes customer data to US based advertising destinations, EU deployments require granular consent and careful transfer documentation.
Elevar is a server side data layer and conversion tracking platform built specifically for Shopify. Direct to consumer brands deploy it to recover the conversion accuracy lost to ITP, ad blockers and the deprecation of third party cookies. The product layers a hardened data layer on top of Shopify, runs a server side Google Tag Manager container hosted by Elevar and forwards conversions to Google Ads, Meta CAPI, TikTok Events API, Pinterest, Klaviyo and Snapchat.
Elevar processes the Shopify customer email (hashed when sent to advertising destinations), the order details, the cart line items, the visitor IP address, the user agent, browsing events on the storefront and identifiers from Google Ads, Meta and other platforms. The Elevar managed first party cookie persists a visitor identifier and links anonymous browsing to authenticated checkout when consent is provided.
The Elevar managed cookies fall under Article 5(3) ePrivacy. The forwarding of identified customer data to advertising destinations falls under Article 6(1)(a) GDPR and is one of the most heavily scrutinised processing flows in the post Schrems II era. Server side tracking does not remove the consent requirement; the trigger is whether information is stored on or read from the device, which it still is.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Elevar must be tag blocked until granular opt in consent is collected, with separate categories for analytics, advertising and personalisation. The CMP must forward consent state to Elevar so that the server side container only fans out to destinations the visitor approved. Google Consent Mode v2 should be configured upstream when working with Google Ads.
Elevar, Inc. is a US company. The server side container can be deployed in EU regions, but billing, support and product telemetry remain in the United States. Most fan out destinations (Google Ads, Meta, TikTok, Pinterest) also process data in the United States. EU customers must rely on the EU/US Data Privacy Framework certifications, Standard Contractual Clauses and a documented transfer impact assessment.
Sign the Elevar DPA, deploy the server side container in an EU region, integrate the Shopify CMP with the Elevar data layer so that consent state is honoured per destination, document a transfer impact assessment for each downstream advertising platform, configure Google Consent Mode v2, list Elevar and each downstream advertising vendor in the privacy and cookie policies and re assess after each Elevar release.
Websites using Elevar must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is recommended for Elevar deployments because the platform systematically forwards identified customer data to US advertising vendors, builds cross channel profiles and links Shopify customer records with browsing identifiers. The DPIA should evaluate every advertising destination separately.
Sample consent text
We use Elevar to share conversion events with our advertising partners (Google Ads, Meta, TikTok, Pinterest). Elevar processes your activity in the US and forwards it to those partners using server side tracking. We only enable Elevar after you click Accept. You can withdraw your consent at any time.
Third-party domains contacted
getelevar.comapp.getelevar.comshopify-gtm-suite.getelevar.comserver.gtm-elevar.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| _elevar_visitor_id | persistent | 13 months | Persistent first party identifier set by Elevar to link anonymous browsing on the Shopify store with the authenticated checkout for conversion attribution. |
| _elevar_session | session | Session | Session level identifier used by the Elevar data layer to group events that belong to the same visit. |
| _ev_consent | persistent | 6 months | Stores the consent state forwarded to Elevar so that the server side container only fans out events to allowed destinations. |
Elevar collects user analytics data — you legally need a consent banner. Try FlowConsent free.
Elevar sets the first party cookies _elevar_visitor_id, _elevar_session and _ev_consent on the customer storefront, plus the cookies of the underlying advertising destinations (Google Ads, Meta CAPI helper cookies, TikTok). They identify a unique browser and link checkout to upstream advertising clicks.
Yes. Elevar sets first party cookies (Article 5(3) ePrivacy) and forwards identified customer data to advertising destinations (Article 6(1)(a) GDPR). Server side tracking does not remove the consent requirement.
Consent for the cookies and the advertising destinations. Contract performance (Art. 6(1)(b) GDPR) can support order processing within Shopify itself, but not the fan out to advertising vendors. Legitimate interest is not admissible for that fan out.
Yes. Elevar, Inc. is a US company. Even with EU server side container hosting, billing, support and product telemetry remain in the US. The advertising destinations Elevar fans out to are also predominantly in the US. Transfers rely on the EU/US Data Privacy Framework, SCC and a transfer impact assessment.
Yes. Systematic forwarding of identified customer data to advertising vendors, persistent identifiers, US transfers and cross channel profile building meet the DPIA criteria of WP248 and the EDPB threshold guidance.
Sign the Elevar DPA, deploy the server side container in an EU region, integrate the CMP with the Elevar data layer, configure Google Consent Mode v2, document a transfer impact assessment for each advertising destination, list Elevar and each downstream vendor in the privacy and cookie policies and re assess after each release.
Alternative server side conversion tracking options for Shopify include Stape (EU regions for Server Side GTM), Addingwell (France), Taggrs, Servside.io, EU based custom Server Side GTM hosted on Cloudflare Workers, and the native Shopify Web Pixel API combined with Meta CAPI / Google Ads enhanced conversions.
List Elevar with the operator (Elevar, Inc., United States), the purpose (server side conversion tracking), the cookies (_elevar_visitor_id, _elevar_session, _ev_consent), the legal basis (consent), the transfer destination (United States), the safeguards (DPF, SCC, TIA), and each advertising destination Elevar forwards data to (Google Ads, Meta, TikTok, Pinterest, Klaviyo, Snapchat).