The IAB's Transparency and Consent Framework (TCF) was created in order to help digital advertising ecosystem comply with obligations under the GDPR and ePrivacy Directive. While Sourcepoint supports an implementation for organization's who wish to comply with the TCF, we also enable your organization to implement and manage end-user consent without having to sign on to the IAB TCF framework.
In this article, we will cover how to implement a GDPR Standard web implementation so that your organization can create a consent experience that complies with your interpretation of GDPR that is not bound by the IAB TCF policy requirements.
- GDPR Standard web implementation overview
- Optional implementation parameters
- GDPR Standard web implementation example
GDPR Standard web implementation overview
The GDPR Standard web implementation is comprised of two scripts that are added to a property:
Note: Unlike Sourcepoint's GDPR TCF web implementation, the Standard web implementation does not use the IAB stub file.
Client configuration code snippet
The first code snippet that should be added to your implementation contains your organization's specific account configuration parameters. This code snippet includes the necessary and optional parameters for your property to communicate with the Sourcepoint messaging platform and consent service libraries.
<script>
window._sp_ = {
config: {
accountId: 22,
baseEndpoint: 'https://cdn.privacy-mgmt.com',
}
}
</script>
Currently, there are two required parameters to successfully deliver an end-user notification:
Required parameter | Description |
accountId |
The accountId value associates the property with your organization's Sourcepoint account. Your organization's accountId can be retrieved by contacting your Sourcepoint Account Manager or via the My Account page in your Sourcepoint account. |
baseEndpoint |
https://cdn.privacy-mgmt.com is a single server endpoint that serves the GDPR messaging experience. The |
Note: While editing the baseEndpoint
domain is optional, Sourcepoint highly recommends that it is edited by your organization. More information can be found at configuring a subdomain with a CNAME DNS Record.
URL to Sourcepoint JavaScript
The second code snippet is a URL that points to the Sourcepoint JavaScript SDK for a GDPR Standard web implementation. The URL for a GDPR Standard web implementation is as follows:
Note: If your organization has edited the baseEndpoint with a CNAME DNS record you will also need to edit the URL for this code snippet to reflect the edit. Please follow the following format if necessary:
- https://client.domain.com/messagingNoTcfApi.js
<script src="https://cdn.privacy-mgmt.com/messagingNoTcfApi.js" async></script>
Optional implementation parameters
In the table below are all the parameters that can be included in your client configuration code snippet:
Optional parameter | Description |
authId |
Allows your organization to pass a consent identifier to Sourcepoint to be used with authenticated consent. Click here to learn more. |
consentLanguage |
Used to ensure that the purposes or stack names listed in a consent message remain in the same language regardless of an end-user's browser language setting. A list of two-letter codes is available here. If this parameter is not present, stacks and purposes will appear according to the end-user's preferred browser language setting.
|
events |
Click here for all optional event callbacks that are supported by Sourcepoint for GDPR Standard web implementations. |
groupPMId |
Allows your organization to use the Privacy Manager ID for a property group's Privacy Manager ID. Note: Call |
isSPA |
When set to true, will confirm the implementation for a single page application and will show a message only when Note: |
joinHref |
When set to Note: The |
propertyId |
Maps the message to a specific property (website, app, OTT) as set up in the Sourcepoint account dashboard. |
propertyHref |
Maps the implementation to a specific URL as set up in the Sourcepoint account dashboard. Note: Use the |
targetingParams |
Targeting params allow a developer to set arbitrary key/value pairs. These key/value pairs are sent to Sourcepoint servers where they can be used to take a decision within the scenario builder. targetingParams: { |
GDPR Standard web implementation example
<script>
window._sp_ = {
config: {
accountId: ACCOUNT_ID_HERE,
baseEndpoint: 'https://cdn.privacy-mgmt.com',
events: {
onMessageReady: function () {
console.log('onMessageReady')
},
onMessageChoiceSelect: function (choice_id, choice_type_id) {
console.log('onMessageChoiceSelect choice_id: ', choice_id);
console.log('onMessageChoiceSelect choice_id: ', choice_type_id);
},
onPrivacyManagerAction: function (pmData) {
console.log('onPrivacyManagerAction', pmData)
},
onMessageChoiceError: function (err) {
console.log('onMessageChoiceError', err)
},
onConsentReady: function (consentUUID, euconsent) {
console.log('onConsentReady')
console.log('consentUUID', consentUUID)
console.log('euconsent', euconsent)
},
onPMCancel: function () {
console.log('onPMCancel')
},
onMessageReceiveData: function (data) {
console.log('onMessageReceiveData', data)
console.log(JSON.stringify(data));
},
onSPPMObjectReady: function () {
console.log('onSPPMObjectReady')
}
},
targetingParams: {
test: 1
}
}
}
</script>
<script src="https://cdn.privacy-mgmt.com/messagingNoTcfApi.js" async></script>
Comments
0 comments