Active Cookie Consent Mode for User Data Privacy Management

Follow

Active Cookie Consent mode allows you to manage the data privacy settings of your users. In this mode, users are not served personalized experiences unless they actively provide consent. Only users who gave their consent - will receive personalized experiences. Users can opt-in or out at any time, and can change their previous state without limitations.

What Happens When Users Have Not Provided Consent?

  • Reports and data are not collected at all.
  • Dynamic Yield cookies are not set in their browser (unless you use a JS code to create a cookie).
  • No variation stickiness (you can use the opt-out targeting condition to target variations to these users if you wish to avoid users getting multiple variations across session).
  • Custom Code, Visual Edit and Push Notification campaigns are not served.
  • Overlays and Notifications are served only to consenting users (default behavior, not configured in Active Consent Mode settings).
  • Targeting by "Who" conditions (such as user properties, session behavior) do not target these users. We will still track user conditions that are not personal such as Geo and browser targeting as these do not require tracking or data collection. 
  • Recommendations using personalized algorithms (such as affinity, deep learning) fallback to the closest non-personalized algorithm.
  • Consent for triggered email campaigns is not managed using Active Cookie Consent. To handle consent for these campaigns, see Enabling Triggered Emails
  • Dynamic Links, Display Ads, and Landing Pages may fail to attribute conversions.
  • Audiences: Users will not enter any audience report, but during a pageview will enter an audience (for example, a user with a mobile device might enter an audience condition of "Mobile Users"), but because every pageview resets the user identity, they do not remain in the same audiences across sessions.

Note: This also works in preview mode, as you preview the campaign and variation. 

Enabling Active Cookie Consent Mode

Do the following to enable Active Cookie Consent mode:

  1. Implement an API call on your <head> tag with the current consent preference of the user.
  2. Validate that the implementation is done properly.
  3. Preview how existing campaigns are served to users who did not provide consent, and make adjustments if needed.
  4. Contact Dynamic Yield Support to turn on the Active Cookie Consent mode.

Step 1: Implement Active Cookie Consent APIs

In this mode, you need to use an API call to let Dynamic Yield know - on every page and for every user - whether or not the user gave consent. This snippet should be implemented in the <head> tag of the page, after the page context.

Note: This is a necessary preliminary step for turning on the Active Consent mode, but it does not impact your visitors until Dynamic Yield Support activates it. 

If the user consents:

DY.userActiveConsent = { accepted: true }

If the user does not consent:

DY.userActiveConsent = { accepted: false}

Note: We recommend that  you explicitly add the API for users who did not give their consent as well. Once the Active Consent Mode is enabled (step 3 above), the user is considered "False" if consent is not given, and also if the API is not implement for any reason. Only users with explicit consent are served with personalized experiences.

However, using the API means that if a user changes their preferences, the change occurs immediately. Use the following API call:

DYO.ActiveConsent.updateConsentAcceptedStatus(true)

Use "false" to notify that the user moved from consent to no consent:

DYO.ActiveConsent.updateConsentAcceptedStatus(false)

If you use a custom analytics integration, use an additional API in the code of the Custom Integration to prevent private user data from being sent to a third party. 

Step 2: Validate the implementation of Active Cookie Consent APIs

It is crucial to validate that everything is implemented correctly. To do so:

  1. Check that the DY.UserActiveConsent is false
  2. Check that active consent is implemented in the head before the script (on three pages at least) - this is an example of a specific implementation, it can be different:
    Screen_Shot_2021-02-03_at_20.11.01.png
    Example of how code should look like

  3. Check that the status changes with:

    DYO.ActiveConsent.isUserOptOut() ? 'No Consent' : 'Consent'
  4. Check that there are no console errors related to Active Consent implementation.
  5. Check that the customer used the API to change status, by opening the developer console, clicking on the Elements tab and pressing control+F, and pasting “updateConsentAcceptedStatus” (for example, you should see something similar).

Step 3: Contact Dynamic Yield Support

If you completed and verified the implementation, and your campaigns are ready - contact Dynamic Yield Support to turn on the Active Cookie Consent mode.

After the Active Cookie Consent mode is enabled, it is recommended that you verify that data is indeed not collected for users who did not provide consent. Look for the strings px.dynamicyield.com and px-eu.dynamicyield.com in their network calls. These strings should not exist if data is not being collected.

Step 4: Preview an existing campaign 

You might want to check how users that did not provide consent experience your site. Remember, these users will not be served with experiences that have personalized targeting, in addition to some other limitations. See more details above.

To preview how users who did not provide consent experience your site:

  1. Go to Settings › General Settings › Active Cookie Consent and click Preview Site.
    Screen_Shot_2021-02-03_at_19.47.14.png
  2. Visit your site, and see which campaigns are served in what are the experiences that you're served with.

What's Next? 

Because users who did not provide consent are served with limited Dynamic Yield experiences, you might want to edit some of your campaigns. 

  • If all the experiences in a campaign use a targeting condition from the "who" category, the campaign will not be served to users who did not provide consent. You might want to create another experience for these users without using these conditions.
  • If you have a test with multiple variations, remember that users who did not provide consent will not have variation stickiness. This means that they might see different variations on every pageview. If you want to avoid this, you can exclude them from the experience targeting by using the "Active Consent" targeting condition.  

How Can I Target Users Who Have Not Given Consent with Unique Experiences?

Dynamic Yield provides a targeting condition designed to target users who have not given consent when  Active Cookie Consent is enabled. For example, if you have a personalized experience on your homepage, you might want to create an alternative experience for the users who will not be served with the personalized experience.

To do this, create an experience that is targeted only to users who have not consented using the targeting condition Active Consent

active_consent_target_cond.png