Permission: Vendor List - Global Enterprise
Global Enterprise vendor lists are configurable registries of opt-in and opt-out privacy choices and authorized third-party vendors that are surfaced to your end-users in supported regions. In order to guide your organization through the configuration process, we will walk you through the various pages of the Global Enterprise vendor list wizard.
- Name and Properties
- Choices Selection
- Language & Translations
- Region Mapping
- Vendor Management
- Opt In/Opt Out Hooks
- Advanced Settings
To start, select Vendor Management from the left-hand rail and click Global Enterprise from the menu.
From the Global Enterprise vendor list page, click + New Regulation in the upper-right hand corner.
Name and Properties
From the Name & Properties page of the wizard, your organization will give your Global Enterprise vendor list a name, define the the properties and/or property groups that should be associated with the vendor list, and how consent can be shared across properties.
| Field | Description |
| Regulation Name | The internal name of your vendor list. |
| Property Selection |
Properties associated with a vendor list will inherit the vendors, privacy choices, etc... configured for the vendor list. This information will be surfaced in messages configured for the property. Click here for more information. Note: While properties can be added to multiple inactive vendor lists, a property can only be associated with a single active vendor list. Click here to learn more about active statuses for vendor lists. |
| Consent Scope |
|
Choices Selection
The privacy choices added to your Global Enterprise vendor list reflect the data processing activities that your company engages in and, for which, you are requesting an opt-in or opt-out decision by your end-users. These privacy choices are divided into two categories:
Click Add Choice to add either of these privacy choices to your vendor list.
Inline with each privacy choice added to your venodr list will be that privacy choice's:
| Field | Description |
| Privacy Choice ID | A unique ID associated to privacy choices that is specific to this vendor list. |
| System ID |
A global ID that remains the same across all vendor lists for Sourcepoint-supplied privacy choices. Custom privacy choices do not have system IDs because they vary for each vendor list. Note: The following Sourcepoint-supplied privacy choices will not have a System ID:
|
Sourcepoint-supplied privacy choices
Leveraging Sourcepoint's extensive experience working with clients across the globe, we have supplied a number of privacy choices that your organization can utilize when building a Global Enterprise vendor list.
Select any of the Sourcepoint supplied privacy choices from the main page of the modal by clicking the checkbox to the left of the privacy choice name. Click Add selected choices when finished.
The Sourcepoint-supplied privacy choices will be added to your Choice Selection list.
Client-supplied privacy choices
To create a custom privacy choice supplied by your organization, click + New in the main page of the modal.
A new field will be added under the Additional Options header. Use the provided field to input a new name for your privacy choice and click the check icon when finished.
Click Add selected choices when finished. The client-supplied privacy choices will be added to your Choice Selection list.
Language & Translations
Vendor list information is surfaced to your end-user via a first layer message and/or privacy manager. From the Language & Translations page, your organization can add translations (including the default language) to your vendor list so that it is translated in first layer messages and privacy managers according to an end-user's browser language preference.
Add supported languages
Before configuring translations, your organization must set the languages you plan to support within your vendor list and messages. Use the Supported Language(s) dropdown menu to select all languages your organization plans to support. English will always be selected and act as the default language.
Edit Privacy Choice Translations
Once your supported languages are selected, translations for these supported languages will appear for the your Standard privacy choice's Description and Choice Text fields.
Note: Sourcepoint does not provide copy or translations for every privacy choice text
| Field | Description |
| Description | The description of a privacy choice is presented to end-users in the message ahead of the opt in or out toggle of the data processing activities listed. It should give users transparency and clarity into how your business is using the data you collect and give them information on how to exercise their choices. |
| Choice Text | The choice text of a privacy choice is the text that directs the user to make a choice for a specific data processing activity. For the Processing of Sensitive Personal Information privacy choice, this includes the individual categories of sensitive personal information that are included in the privacy choice. |
Edit a translation by selecting whether to edit a Description or a Choice Text and then clicking a privacy choice from the left-hand side of the panel.
Once a privacy choice is selected, the translations for each supported language (including the default language) will populate in the right-hand side of the panel.
Click the Edit icon inline with the provided translations.
Input your translation and click the checkbox to confirm the edit. Repeat as necessary for each supported language.
Region Mapping
The region mapping page provides a matrix of regions your organization supports and the consent option for each privacy choice in your Global Enterprise vendor list. Using this matrix your organization can set different consent options on a per region basis if necessary.
Configure region support
To add, remove, or edit the regions supported through a Global Enterprise vendor list, select Add Regions on the Region Mapping page.
From the subsequent modal, use the left-hand pane to select the regions you plan to support using this vendor list. Individual states/provinces/countries can be selected by expanding a region and individually selecting those entities.
All selected states/provinces/countries will populate in the right-hand pane nested under their region.
Click Add when finished. Selected regions will be added to the region mapping matrix so that your organization can configure the consent option for each privacy choice.
Consent scope
For each region in the region mapping matrix, your organization can select whether the consent scope for each individual state/province/country is set at the Group Level or Individual Level. Please refer to the table below for more information on how consent is captured and shared for these different consent scopes.
| Consent scope | Description |
| Group Level | Consent is captured, saved and shared across all states/provinces/countries within the region group. |
| Individual Level | Consent is captured, saved and handled only for the specified state/province/country. |
Example
In the above example, Alaska and Arkansas belong to the Group Level consent scope for the United States region and will have the same consent options configured for all 3 privacy choices. An end-user who makes consent decisons in either of these states will have their selections persist when moving between these states.
However, since Alabama belongs to an Individual Level consent scope for the United States region, your organization can select different consent options for the 3 privacy choices. An end-user who makes consent decisions in Alabama will only have a consent profile for that specific state.
To edit the Consent scope for a particular state/province/country in a region, expand a region by selecting the + icon inline with a region group.
Navigate to the Consent scope field inline with a state/province/country name and use the dropdown menu to select the consent scope.
Note: Be aware that changing the consent scope for a state/province/country later will mean that any existing end-user for whom you already have a consent profile will be treated as a new user in that respective state/province/country on a subsequent visit.
Edit consent options for region
Using the provided table your organization can set on a per-region/state/province/country basis whether a privacy choice should be an opt-in, opt-out, or not applicable choice.
| Consent Option | Description |
| Opt-In | The privacy choice will be presented as an opt-in choice for end-users in the region (i.e. end-users will need to opt into the data processing/terms of the privacy choice) |
| Opt-Out | The privacy choice will be presented as an opt-out choice for end-users in the region (i.e. end-users will need to opt out of the data processing/terms of the privacy choice) |
| Disclosure Only | The privacy choice will be presented to the end-user for informational purposes and will not have any toggles that enable the end-user to opt in or opt out. |
| Not Applicable | The privacy choice will not be presented for end-users. |
For your convenience, Sourcepoint has configured the default consent option for each region based on the latest legislation.
Editing the consent option for a region will depend on whether the state/province/country belongs to the Group Level consent scope or an Individual Level consent scope. See below for more information:
All privacy choice consent options will be the same for states/provinces/countries with a Group Level consent scope in the same region. Editing the consent options is performed by selecting the dropdown menus for each privacy choice inline with the Region name.
These selections will propagate to each state/province/country within the region who share a Group Level consent scope.
Editing the consent options for a state/province/country with an Individual Level consent scope is performed by selecting the dropdown menus for each privacy choice inline with state/province/country name.
Vendor Management
Add new vendors to your Global Enterprise vendor list by clicking + Add Vendors in the upper right-hand corner.
In the subsequent modal, select the System Vendors tab and navigate to your desired vendor.
Click the checkbox to the left of the vendor name and use the provided Privacy Choice field to map the vendor to your configured privacy choices.
Note: By default, added vendors will be mapped to all configured privacy choices unless otherwise edited.
Click Add Selected Vendors when finished.
Note: Click here for more information on how to import vendors from a different vendor list into your Multi-State Privacy vendor list.
Opt In/Opt Out Hooks
Opt in/Opt out hooks allow you to set up custom actions for a vendor or privacy choice within a vendor list.
- An opt in hook is eligible to be fired if the vendor or privacy choice has been opted into by the end-user.
- An opt out hook is eligible to be fired if the vendor or privacy choice has been opted out of by the end-user.
Select whether to configure a hook for a Vendor or a Privacy Choice from the page.
Click + Add Hook.
Select a vendor or privacy choice from the provided dropdown menu in the subsequent modal.
Select either Opt In Hooks or Opt Out Hooks tab and configure the hook.
Click Apply changes when finished. Click here to learn more about each aspect of the configuration modal.
The hook will be added to your vendor list and added to the table on the Vendor or Privacy Choice tab.
Advanced Settings
The Advanced Settings tab of the Global Enterprise vendor list builder is where your organization can configure how the signal is set and shared across your subdomains.
| Advanced Setting | Description |
| Write 1st party cookies to root domain |
Toggling this setting ensures that the signal will be stored/persist across both the property's root domain (e.g. test.com) and subdomains (e.g. finance.test.com). In practice, this will ensure that users won't see the same message when moving from root to subdomain or vice versa. |
| Write 1st party cookies from the server to the property |
When enabled, the 1st-party cookie will be set by the server by passing a cookie from the server back to your site instead of using the on-site code to set the cookie. This setting should be enabled if your organization has set up a CNAME subdomain. |
| Privacy Choice Expiration |
When a user visits one of your properties the state of their privacy choices (e.g. opted in, opted out) is stored within a cookie for reference on future visits. Your organization can set the expiration of this cookie via the Privacy Choice Expiration. Input the expiration date for the privacy choice cookie (up to 36135 days/ 99 years). |
Enable either of the advanced settings by clicking the toggle to the left of the setting name so that it is purple.
Comments
0 comments