Automated · Reads

dataLayer hygiene without guessing.

Audit the dataLayer pushes firing on your site, catch PII leakage, identify custom-event naming drift, and surface the variables GTM is already consuming.

By hand

3–6 hours per property

With the audit

60 seconds

Run My Free Audit See a sample audit

Why it's painful

The dataLayer is the substrate every tag reads from, and it's usually the least-documented part of an analytics stack. Two years in, nobody remembers which pushes are still used, which variables feed which tags, or whether the e-commerce object still matches the ecommerce schema GA4 expects. Worse: developers regularly push PII into the dataLayer — email addresses in a `user_email` field, hashed-but-not-really user IDs, phone numbers in query parameters — and GTM dutifully ships it into GA4, creating a compliance problem nobody flagged.

How the audit handles it

Inventories every variable the GTM container reads from dataLayer — including custom Data Layer Variables and built-in variables with dataLayer dependencies.
Flags the PII-risk pattern: variables that read fields matching email/phone/full-name patterns, or URL parameters commonly used for auth redirects.
Cross-checks your e-commerce dataLayer structure against the GA4 enhanced e-commerce schema. Identifies schema drift (camelCase vs snake_case, array-of-products vs single-object) that silently breaks purchase tracking.
Lists every custom event name pushed to dataLayer and flags naming inconsistencies (mix of snake_case and camelCase events is the #1 source of drift).
Identifies orphan dataLayer pushes — events no GTM trigger listens for — so you can clean up dead instrumentation.

Real audit checks

Every check below is a real rule in our audit engine — not a marketing bullet.

GTM-VAR-01Data Layer Variable inventory

GTM-VAR-03PII-risk variable patterns

GA4-PRV-01PII in URL parameters scan

GA4-MSR-09Custom event naming consistency

GA4-ECM-02Enhanced ecommerce schema conformance

Sample finding

What a real audit report looks like for this chore.

Critical

Data Layer Variable `user_email` reads an email address into GTM scope

Business impact

Personal data (email) is being made available to every tag in the container via a standard Data Layer Variable. Any tag — including third-party marketing pixels you may not have reviewed — can read and exfiltrate this. This is a GDPR Art. 6 violation waiting to be found by an auditor. Severity: critical regardless of which tags currently use it.

Recommendation

Two fixes. (1) Stop pushing raw email to dataLayer at the source — hash it in JavaScript before push, using SHA-256. (2) Rename the variable to make intent clear (`user_email_hash`) and add a check constant to reject non-hashed values. The audit surfaces every tag currently reading this variable so you know the blast radius.

Related chores

Reads + Writes

Conversion tracking

Catch duplicate purchase events, drifted measurement IDs, and tags that send revenue to the wrong property. The bugs a GA4 report will never show you.

Reads

GA4 audit

The 58-check audit a senior consultant would run on day one — Foundation, Data Accuracy, Measurement, Privacy & Security, Optimization. Delivered in 60 seconds instead of two weeks.

Reads + Writes

Consent Mode v2

Verify your consent wiring against every tag, catch the gaps Google warns about in Ads, and stage the fixes — without waiting on a developer ticket.

Hire a web analyst. Or install one.

dataLayer hygiene is one of 6 high-stakes chores the audit covers end-to-end. Your first audit is free, takes 60 seconds, and catches what your setup has been quietly getting wrong.

Run My Free Audit See every chore →

Automated · Reads

dataLayer hygiene without guessing.

Audit the dataLayer pushes firing on your site, catch PII leakage, identify custom-event naming drift, and surface the variables GTM is already consuming.

By hand

3–6 hours per property

With the audit

60 seconds

Run My Free Audit See a sample audit

Why it's painful

How the audit handles it

Inventories every variable the GTM container reads from dataLayer — including custom Data Layer Variables and built-in variables with dataLayer dependencies.
Flags the PII-risk pattern: variables that read fields matching email/phone/full-name patterns, or URL parameters commonly used for auth redirects.
Cross-checks your e-commerce dataLayer structure against the GA4 enhanced e-commerce schema. Identifies schema drift (camelCase vs snake_case, array-of-products vs single-object) that silently breaks purchase tracking.
Lists every custom event name pushed to dataLayer and flags naming inconsistencies (mix of snake_case and camelCase events is the #1 source of drift).
Identifies orphan dataLayer pushes — events no GTM trigger listens for — so you can clean up dead instrumentation.

Real audit checks

Every check below is a real rule in our audit engine — not a marketing bullet.

GTM-VAR-01Data Layer Variable inventory

GTM-VAR-03PII-risk variable patterns

GA4-PRV-01PII in URL parameters scan

GA4-MSR-09Custom event naming consistency

GA4-ECM-02Enhanced ecommerce schema conformance

Sample finding

What a real audit report looks like for this chore.

Critical

Data Layer Variable `user_email` reads an email address into GTM scope

Business impact

Recommendation

Related chores

Reads + Writes

Conversion tracking

Catch duplicate purchase events, drifted measurement IDs, and tags that send revenue to the wrong property. The bugs a GA4 report will never show you.

Reads

GA4 audit

The 58-check audit a senior consultant would run on day one — Foundation, Data Accuracy, Measurement, Privacy & Security, Optimization. Delivered in 60 seconds instead of two weeks.

Reads + Writes

Consent Mode v2

Verify your consent wiring against every tag, catch the gaps Google warns about in Ads, and stage the fixes — without waiting on a developer ticket.

Hire a web analyst. Or install one.

dataLayer hygiene is one of 6 high-stakes chores the audit covers end-to-end. Your first audit is free, takes 60 seconds, and catches what your setup has been quietly getting wrong.

Run My Free Audit See every chore →