Depending on the country you or your users are located in, and the applicable data privacy regulations, you, as the Data Controller, might have a duty to obtain consent and demonstrate that valid consent has been given by users.
To support your compliance with applicable data privacy regulations, we provide you with the option to implement the Active Cookie Consent mode, which enables you to demonstrate that valid consent has been provided by enabling us to obtain information in real time about users’ cookie consent preferences.
With the Active Cookie Consent mode, users are not served personalized experiences unless they actively provide consent. Only users who gave their consent receive personalized experiences. Users can opt in and change their opt-in status at any time, without limitations.
What happens when users have not provided consent?
- Data is not collected at all, so there are no reports for these users.
- Dynamic Yield cookies are not set in their browser (unless you use JavaScript code to create a cookie). In such instances, the information gathered through the JavaScript code remains in your possession.
- No variation stickiness occurs. Every time the user is eligible for an experience, the system selects a variation regardless of previous selections (you can use the opt-out targeting condition to target variations to these users if you want to avoid users getting multiple variations across sessions).
- The client-side implementation campaigns Custom Code, Visual Edit, Push Notification campaigns, and Overlays and Notifications are served only to opted-in users (this is the default behavior and is not configured in Active Consent mode settings).
-
Targeting by "Who" conditions (such as user properties or session behavior) does not target these users. If Active Cookie Consent mode has been activated and the user has not provided their consent, no user personal data is processed for personalization purposes, except for data stemming from strictly necessary cookies, as those are not subject to consent. More specifically, we only collect contextual information that is essential for the website to function properly and is limited to the first 2 octets of IP addresses.
Note: Targeting users by lack of activity (for example, 0 pageviews) will target these users. If you want to restrict non-consenting users from being targeted by the experience, use the Active Consent targeting condition. - Recommendations using personalized algorithms (such as affinity or deep learning) fall back to the closest non-personalized algorithm.
- Landing Pages might fail to attribute conversions.
- Audiences: Users are not added to any audience report. However, during a visit to a web page (pageview) they are temporarily entered into an audience based on specific conditions (for example, a user with a mobile device might match an audience condition of "Mobile Users"). Despite this, as every pageview resets the user identity, they do not remain in the same audiences across sessions.
Notes:
- These conditions are also true in preview mode, as you preview the campaign and variation.
- Consent for triggered message campaigns is not managed using Active Cookie Consent. To handle consent for these campaigns, see the Managing Opted-in Users section in Getting Started with Reconnect.
Enabling Active Cookie Consent mode
See our Developer Docs for detailed instructions on implementing Active Cookie Consent.
Manage campaigns for users who have not provided consent
Because users who did not provide consent are served with limited Dynamic Yield experiences, you might want to edit some of your existing campaigns as follows:
- If all the experiences in a campaign use a targeting condition from the "who" category, the campaign will not be served to users who did not provide consent. So, you might want to create another experience for these users without using these conditions.
- If you have a test with multiple variations, remember that users who did not provide consent will not have variation stickiness. This means that they might see a different variation upon each pageview. If you want to avoid this, you can exclude them from the experience targeting by using the Active Cookie Consent targeting condition.
How can I target users who have not given consent with unique experiences?
Dynamic Yield provides a targeting condition designed to target users who have not given consent when Active Cookie Consent is enabled. For example, if you have a personalized experience on your homepage, you might want to create an alternative experience for the users who will not be served with the personalized experience.
To do this, create an experience that is targeted only to users who have not consented using the targeting condition Active Cookie Consent. Supported campaign types include recommendations and dynamic content.
Handling Assumed Consent
If you don't require your users to opt-in for cookies, and instead you allow them to opt-out (also known as Assumed Consent or Implied Consent), you can use use the Dynamic Yield's Active Cookie Consent capability by reporting the existing state of consent of the user, as you maintain it in your consent management tool, in <head> tag of every page, before the Dynamic Yield script.
See our Developer Docs for more information.