First-party · server-side · consent-first
omatag is the tracking layer Omarosa runs for every client — a first-party edge that collects events on your own domain and forwards them server-side to 50+ platforms: deduplicated, consent-gated and matched. omatag este stratul de tracking pe care Omarosa îl rulează pentru fiecare client — un edge first-party care colectează evenimente pe domeniul tău și le trimite server-side către 50+ platforme: deduplicate, cu gate de consimțământ și cu match maxim.
The premise
Browsers cap third-party cookies at seven days. Ad-blockers erase a third of your pixels. iOS strips the identifiers your platforms need to match. The conversions still happen — your tools just stop seeing them. Browserele taie cookie-urile third-party la șapte zile. Ad-blockerele șterg o treime din pixeli. iOS elimină identificatorii de care platformele au nevoie ca să facă match. Conversiile se întâmplă în continuare — doar că uneltele tale nu le mai văd.
The omatag premise
How it works
01 · Collect
Events fire to a first-party subdomain on your own site — a CNAME to edge.omatag.io via Cloudflare, with auto SSL. A 396-day first-party cookie replaces the pixel browsers throttle. Evenimentele pleacă spre un subdomeniu first-party de pe site-ul tău — un CNAME către edge.omatag.io prin Cloudflare, cu SSL automat. Un cookie first-party de 396 de zile înlocuiește pixelul pe care browserele îl blochează.
02 · Resolve
Identity stitching links anonymous visitors to known customers. Each event is consent-gated, deduplicated against the browser pixel and scored for match quality (EMQ). Identity stitching leagă vizitatorii anonimi de clienți cunoscuți. Fiecare eveniment e filtrat pe consimțământ, deduplicat față de pixelul din browser și scorat pentru match quality (EMQ).
03 · Fan out
The event is forwarded server-side to every destination — Meta CAPI, Google, TikTok and 45+ more — with retries and per-delivery verdicts. Attribution ties it back to revenue. Evenimentul e trimis server-side către fiecare destinație — Meta CAPI, Google, TikTok și 45+ — cu retry și verdict per livrare. Atribuirea îl leagă înapoi de venit.
First-party cookie lifetime — versus the ~7 days Safari ITP grants a third-party pixel.
Server-side destinations — Meta CAPI, Google, GA4, TikTok and 45+ more, from one event.
Attribution models computed every pass — first-touch, last-touch, linear, time-decay.
Capabilities
Collection on your own domain — nothing for ad-blockers to block.
Per-client subdomain CNAME'd to edge.omatag.io via Cloudflare for SaaS, auto DV SSL, a 396-day first-party cookie, and the oma.js SDK with batching and offline retry.
One event, delivered to 50+ platforms — deduplicated against the pixel.
Conversions API / server events to Meta, Google, GA4, TikTok, Pinterest, LinkedIn and 45+ more. SHA-256 hashed identifiers, shared event_id dedup, EMQ match-quality scoring, retries with backoff.
Anonymous visitors linked to known customers — deterministically.
Stitches email, phone, anon id, CRM and store customer into one person per client. Audited merges, no false joins on shared numbers, GDPR delete and un-merge.
Consent-first by design — the gate is at fan-out, never at collection.
Reads Cookiebot, IAB TCF v2.2 and GPC. Per-destination consent categories, Consent Mode v2 modeled pings, IP truncation, PII confined to one store, documented sub-processors.
Revenue-true attribution — the numbers behind the budget decisions.
Multi-touch across four models, conversions anchored on real orders, an ad-spend join into ROAS / MER / CPA, and an 'Attribution Time Machine' that reprocesses history on demand.
Integrations
Ad platforms, CAPIs, email & SMS, CRMs, DSPs and CDPs — 51 server-side connectors, manifest-driven, each with its own consent category.
Under the hood
One edge worker per client. Blast radius = one.
Cloudflare Workers for Platforms gives every client an isolated worker with KV-scoped config. A bad deploy can't touch another client's traffic.
No event dropped between the edge and the platform.
A Cloudflare Queue buffers, a Redis stream de-couples, and every raw event lands in an R2 lake for replay. Failed deliveries retry with backoff and a dead-letter queue.
Marks bots, never blocks paid traffic.
Mark-only bot classification tags invalid traffic without ever blocking a platform's review crawler — so your ad accounts don't get flagged. Hard blocks only on non-paid click flows.
PII stays in one place. IPs get truncated.
A pseudonymized event store with a 396-day TTL, IP consumed for geo then dropped, clear PII confined to a single control-plane database, GDPR delete, a DPA clause and a sub-processor list.
A 30-minute tracking audit with Omarosa: we map where your signal leaks today, then show what first-party, server-side collection recovers — on your real account, in your numbers.