Assumed Consent is one of two methods of managing the data privacy settings of your users using APIs. In general, this method assumes that users consent to data collection unless they opt-out.
What Happens When Users Opt-Out?
- We do not delete their data, but we do stop collecting data about their interactions from the moment of the opt-out.
- They are also opted out of our trigger engine and will not receive triggered emails or push notifications. Consent state is effective for all sites in your account except for mobile apps, which are handled using the iOS and Android APIs.
- For opted out users you can only use targeting conditions based on session data such as URL, traffic source, weather, device type, location, etc. For example, if a campaign has two experiences targeting different countries, Dynamic Yield does recognize which country an opted-out user is coming from during their session; this data is not retained on our servers.
- No interactions of opted-out users are collected or included in any experience reports from the moment of their opt-out.
- The campaign’s frequency and stickiness settings are still supported for opted-out users as this is necessary for proper site functionality. Otherwise, poor experiences such as users being served the same popup on every page may result. This data is only stored in the browsers local storage. It is not stored in cookies nor on our servers.
- User Data may still be sent through your custom integrations. To prevent this, you need to use an additional API in the code of the Custom Integration.
If the user had opted out in the past, opting in will allow data collection moving forward.
Using the Assumed Consent APIs
You can use one of the following two methods depending on whether you are sending the API calls directly from your site, or via a third-party consent management tool.
Standard Method
Use these API calls when directly reporting user consent to Dynamic Yield. This method is not supported when using API only sites.
JavaScript (Web)
DY.API('consent_optout');
DY.API('consent_optin');
Objective-C (iOS)
[[DYApi getInstance] consentOptout];
[[DYApi getInstance] consentOptin];
Swift (iOS)
DYApi.getInstance().consentOptout();
DYApi.getInstance().consentOptin();
Java (Android)
DYApi.getInstance().consentOptout();
DYApi.getInstance().consentOptin();
- Opting out prevents future data collection from the current device/browser from all sections of the account, across all domains. This method overrides any past opt-in methods.
- If the user had opted out in the past, opting in will allow data collection moving forward.
Consent Management Tool Method
This method involves configuring a set of API calls as well as configuring a variable on the site instructing Dynamic Yield to wait for the management system to solicit user data collection preference before collecting and storing user data.
JavaScript API Methods
DY.API('consent_status_update', { status: true });
DY.API('consent_status_update', { status: false });
Variable Configuration
To tell Dynamic Yield to wait for the Advanced API methods, configure the variable DY.consentIntegrationActive to true before Dynamic Yield’s scripts are loaded.
DY.consentIntegrationActive = true;
Verifying That Data is Not Being Collected
If a user would like to verify that data is not being collected by Dynamic Yield, they should look for the strings px.dynamicyield.com and px-eu.dynamicyield.com in their network calls. These strings should not exist if data is not being collected.