diff --git a/app/templates/partials/google-analytics.html b/app/templates/partials/google-analytics.html
index ec5e3d02dc..d6bacd9832 100644
--- a/app/templates/partials/google-analytics.html
+++ b/app/templates/partials/google-analytics.html
@@ -1,17 +1,19 @@
-<!-- Global site tag (gtag.js) - Google Analytics -->
-<script
-  async
-  nonce="{{ request_nonce }}"
-  src="https://www.googletagmanager.com/gtag/js?id={{ google_analytics_id }}"
-></script>
-<script nonce="{{ request_nonce }}">
-  <!-- The data layer: https://developers.google.com/tag-platform/tag-manager/web/datalayer -->
-  window.dataLayer = window.dataLayer || []
+{% if config["NOTIFY_ENVIRONMENT"].lower() == 'production' and current_user.email_domain != 'cds-snc.ca' %}
+  <!-- Global site tag (gtag.js) - Google Analytics -->
+  <script
+    async
+    nonce="{{ request_nonce }}"
+    src="https://www.googletagmanager.com/gtag/js?id={{ google_analytics_id }}"
+  ></script>
+  <script nonce="{{ request_nonce }}">
+    <!-- The data layer: https://developers.google.com/tag-platform/tag-manager/web/datalayer -->
+    window.dataLayer = window.dataLayer || []
 
-  function gtag() {
-    dataLayer.push(arguments)
-  }
+    function gtag() {
+      dataLayer.push(arguments)
+    }
 
-  gtag("js", new Date())
-  gtag("config", "{{ google_analytics_id }}", {anonymize_ip: true})
-</script>
+    gtag("js", new Date())
+    gtag("config", "{{ google_analytics_id }}", {anonymize_ip: true})
+  </script>
+{% endif %}
diff --git a/app/templates/partials/google-tag-manager-body.html b/app/templates/partials/google-tag-manager-body.html
index caba670f76..f7230a191a 100644
--- a/app/templates/partials/google-tag-manager-body.html
+++ b/app/templates/partials/google-tag-manager-body.html
@@ -1,4 +1,6 @@
-<!-- Google Tag Manager (noscript) -->
-<noscript><iframe src="https://www.googletagmanager.com/ns.html?id={{ google_tag_manager_id }}"
-height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>
-<!-- End Google Tag Manager (noscript) -->
\ No newline at end of file
+{% if config["NOTIFY_ENVIRONMENT"].lower() == 'production' and current_user.email_domain != 'cds-snc.ca' %}
+    <!-- Google Tag Manager (noscript) -->
+    <noscript><iframe src="https://www.googletagmanager.com/ns.html?id={{ google_tag_manager_id }}"
+    height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>
+    <!-- End Google Tag Manager (noscript) -->
+{% endif %}
diff --git a/app/templates/partials/google-tag-manager-head.html b/app/templates/partials/google-tag-manager-head.html
index 638a2cf3cb..aee4304003 100644
--- a/app/templates/partials/google-tag-manager-head.html
+++ b/app/templates/partials/google-tag-manager-head.html
@@ -1,8 +1,10 @@
-<!-- Google Tag Manager -->
-<script nonce='{{ request_nonce }}'>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
-new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
-j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
-'https://www.googletagmanager.com/gtm.js?id='+i+dl;var n=d.querySelector('[nonce]');
-n&&j.setAttribute('nonce',n.nonce||n.getAttribute('nonce'));f.parentNode.insertBefore(j,f);
-})(window,document,'script','dataLayer','{{ google_tag_manager_id }}');</script>
-<!-- End Google Tag Manager -->
\ No newline at end of file
+{% if config["NOTIFY_ENVIRONMENT"].lower() == 'production' and current_user.email_domain != 'cds-snc.ca' %}
+    <!-- Google Tag Manager -->
+    <script nonce='{{ request_nonce }}'>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
+    new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
+    j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
+    'https://www.googletagmanager.com/gtm.js?id='+i+dl;var n=d.querySelector('[nonce]');
+    n&&j.setAttribute('nonce',n.nonce||n.getAttribute('nonce'));f.parentNode.insertBefore(j,f);
+    })(window,document,'script','dataLayer','{{ google_tag_manager_id }}');</script>
+    <!-- End Google Tag Manager -->
+{% endif %}
diff --git a/tests/app/main/views/test_google_analytics.py b/tests/app/main/views/test_google_analytics.py
new file mode 100644
index 0000000000..e19cd52863
--- /dev/null
+++ b/tests/app/main/views/test_google_analytics.py
@@ -0,0 +1,61 @@
+from tests.conftest import set_config
+
+
+def test_google_analytics_logged_in_staging(client_request, active_cds_user_with_permissions, active_user_with_permissions, app_):
+    with set_config(app_, "NOTIFY_ENVIRONMENT", "staging"):
+        # Ensure GA scripts ARE NOT loaded for cds users
+        client_request.login(active_cds_user_with_permissions)
+        page = client_request.get("main.welcome")
+        assert "googletagmanager" not in str(page.contents)
+
+        # Ensure GA scripts ARE NOT loaded for non-cds users
+        client_request.login(active_user_with_permissions)
+        page = client_request.get("main.welcome")
+        assert "googletagmanager" not in str(page.contents)
+
+
+def test_google_analytics_logged_out_staging(
+    client_request, active_cds_user_with_permissions, active_user_with_permissions, app_
+):
+    with set_config(app_, "NOTIFY_ENVIRONMENT", "staging"):
+        # Ensure GA scripts ARE NOT loaded for logged out users
+        client_request.login(active_cds_user_with_permissions)
+        client_request.logout()
+        page = client_request.get("main.sign_in")
+        assert "googletagmanager" not in str(page.contents)
+
+        client_request.login(active_user_with_permissions)
+        client_request.logout()
+        page = client_request.get("main.sign_in")
+        assert "googletagmanager" not in str(page.contents)
+
+
+def test_google_analytics_logged_in_production(
+    client_request, active_cds_user_with_permissions, active_user_with_permissions, app_
+):
+    with set_config(app_, "NOTIFY_ENVIRONMENT", "production"):
+        # Ensure GA scripts ARE NOT loaded for cds users
+        client_request.login(active_cds_user_with_permissions)
+        page = client_request.get("main.welcome")
+        assert "googletagmanager" not in str(page.contents)
+
+        # Ensure GA scripts ARE loaded for non-cds users
+        client_request.login(active_user_with_permissions)
+        page = client_request.get("main.welcome")
+        assert "googletagmanager" in str(page.contents)
+
+
+def test_google_analytics_logged_out_production(
+    client_request, active_cds_user_with_permissions, active_user_with_permissions, app_
+):
+    with set_config(app_, "NOTIFY_ENVIRONMENT", "production"):
+        # Ensure GA scripts are loaded for logged out users
+        client_request.login(active_cds_user_with_permissions)
+        client_request.logout()
+        page = client_request.get("main.sign_in")
+        assert "googletagmanager" in str(page.contents)
+
+        client_request.login(active_user_with_permissions)
+        client_request.logout()
+        page = client_request.get("main.sign_in")
+        assert "googletagmanager" in str(page.contents)
diff --git a/tests/conftest.py b/tests/conftest.py
index e9f8dd9676..303f6c82ad 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -1445,6 +1445,39 @@ def active_user_with_permissions(fake_uuid):
     return user_data
 
 
+@pytest.fixture(scope="function")
+def active_cds_user_with_permissions(fake_uuid):
+    user_data = {
+        "id": fake_uuid,
+        "name": "Test User",
+        "password": "somepassword",
+        "password_changed_at": str(datetime.utcnow()),
+        "email_address": "test@cds-snc.ca",
+        "mobile_number": "6502532222",
+        "blocked": False,
+        "state": "active",
+        "failed_login_count": 0,
+        "permissions": {
+            SERVICE_ONE_ID: [
+                "send_texts",
+                "send_emails",
+                "send_letters",
+                "manage_users",
+                "manage_templates",
+                "manage_settings",
+                "manage_api_keys",
+                "view_activity",
+            ]
+        },
+        "platform_admin": False,
+        "auth_type": "sms_auth",
+        "organisations": [ORGANISATION_ID],
+        "services": [SERVICE_ONE_ID],
+        "current_session_id": None,
+    }
+    return user_data
+
+
 @pytest.fixture(scope="function")
 def active_user_with_permission_to_two_services(fake_uuid):
     permissions = [
