Vendor list wizard (GDPR Standard)

   Permission: Vendor list - GDPR

Vendor lists are configurable registries of authorized third-party vendors who can be authorized to process user data, access users' devices, and/or use the data stored on those devices for specific purposes. In order to guide your organization through the configuration process In this article, we will cover how to do the following: 

Create vendor list with vendor list wizard

To start, click Vendor Management on the left-hand navigation and select GDPR Standard from the panel.


The subsequent page will list all existing vendor lists for the GDPR Standard regulatory framework. Click New

Screenshot 2023-08-01 at 10.49.56 AM.png

When creating a new vendor list, you will automatically activate the vendor list wizard to guide you through the configuration process.

  Note: In order to confirm the configurations made in the wizard you will need to select Save and Close from the wizard modal or the Dismiss icon in the upper-right hand corner of the wizard. If Cancel is selected in the wizard, your configurations since the last save point will be lost.

Regardless of the actions taken within the vendor list wizard, you will need to click Save in vendor list builder to save your overall configuration. 

In the following sections we will cover the various configurations that are made in each tab:

Select properties and scope


Field Description
Name The internal name for your vendor list.
GDPR Applies Scope  Determines the geographic regions where Sourcepoint will provide consent strings. When a user is identified as being in the geographic area defined in the vendor list, the consent strings that our system generates will include all preferences.‌
Consent Scope

Determines how an end-user's consent preferences are shared across different properties within and outside your organization.

When an end-user selects their consent preferences on your property, the privacy manager will utilize the consent scope for the associated vendor list to share or not share the preferences.

  • Single Site: An end-user's consent preferences will only be set for the property where the end-user provided their consent.
  • Shared Site: An end-user's consent preferences will be shared across a defined group of sites within your Sourcepoint account. Selecting this option requires that your organization has configured authenticated consent on your properties.

Properties associated with a vendor list will inherit the vendors, purposes, and legal bases configured for the vendor list. This information will be surfaced in privacy managers, OTT messages, and/or first layer messages configured for the property.

  Note: While properties can be added to multiple inactive vendor lists, a property can only be associated with a single active vendor list. Click here to learn more about active statuses for vendor lists.

Consent Cookie Expiration The length of time (in days) before a consent cookie is considered expired.

Custom purposes settings

A custom purpose is a configurable purpose created by your organization and can be applied to vendors on your vendor list. From the Custom Purpose Setting tab, you can either create a custom purpose using an entirely manual workflow or leverage a Sourcepoint-provided custom purpose that you can edit. 

First, select all languages that you will support in your messaging experience.


With the languages selected, either click Add New to add a single new custom purpose or use the Select Preset field to select one of more recommended custom purposes and click Apply


Your custom purpose(s) will be added to the list to input/edit a name, description and default legal basis. You will be required to provide translations for the name and description for each added custom purpose in the languages you have selected.

Click Save to confirm the name, description, legal basis, and translations for your added custom purpose(s).


Add vendors

Vendors can be added to your vendor list either through a vendor scan (if enabled for your organization) or manually. 

When viewing the Vendor Scan Results tab, the data populated in the table is dependent on the type of scanning your organization utilizes for its properties. Please refer to the table below for more information:

Scanning feature Available Data
DIAGNOSE The vendor scan results table will populate vendors and vendor insights found on your property via the scan.  
No Scanning feature The vendor scan results table will not populate any vendors.

Select vendors from the table(s) and click Add to selected vendors. These selected vendors will appear by clicking the View Selected Vendors button.


Known Vendors are vendors recognized by Sourcepoint and relevant information about the vendor are stored in our systems.

Unknown Vendors are vendors not recognized by Sourcepoint, no information about the vendor are stored in our systems at the present time though should be added in the future. This happens for example if a vendor is new.

Furthermore, you can manually add a vendor to your vendor list by clicking All System Vendors.

Select vendors from the table and click Add to selected vendors. These selected vendors will appear by clicking the View Selected Vendors button.


Add cookies

Click below for detailed information about managing cookie disclosures:

 Additional Resource

Cookie disclosures (GDPR Standard)

Edit vendor list with vendor list wizard

While the vendor list wizard can be used to create a new GDPR Standard vendor list, it can also be used to update/edit that vendor list as well. To re-access the vendor list wizard, navigate to an existing GDPR Standard vendor list and click the   icon.


Use the vendor list wizard to edit your GDPR Standard vendor list.

Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.