English (US) Français 日本語
Contact support Sign in
English (US) Français 日本語
  1. Piano Support
  2. Legacy - Privacy Centre
  3. Compliance
See all articles

No consent by default

Ariane Hervier
  • Updated
-->

Definition

Consent is requested.

Until consent is given (opt-in), visitors have opt-out status, excluded from general traffic (via option), anonymised and visible only in the Privacy analysis under the ‘no consent’ category. Once opt-in status is obtained (consent), all data may be transmitted.

The visitor’s cookie IDs shall not be placed until the user has consented. Once consent is given, the cookie value will change to a unique value corresponding to the visitor ID.

 

Advantages

The ‘no-consent by default’ setting implies that visitors are not duplicated prior to consent.

Contrary to the ‘opt-out by default’ method, this method separates visitors refusing consent from visitors expressly requesting opt-out in the Privacy analysis.

 

Risks

The ‘no-consent by default’ setting implies that visitors are not measured prior to consent, and thus the first pages visited or bounce visits are not taken into account.

As the visit source is contained in the first event, you will not be able to collect this data for the first visits on the site (until opt-in).

This may imply that a lot of visits will be classified as direct access source.

 

 

Action

Ask the support centre to activate the ‘non-cookied’ traffic exclusion option, to exclude non-consented traffic from the Privacy analysis

If you do not activate this option, we will use fingerprinting (IP+UA), which is considered to be a tracker under French law (see our article on consent management) and is thus prohibited prior to explicit consent.

 

Expected behaviour

To comply with your users’ wishes, you must be able to modify the state of consent at any time of the visit.

Step Description

Arrival on the site
NO-CONSENT

Visitor identification is defined as ‘no-consent’ without cookie placement.
Personal data and user ID may not be transmitted.
Via option, data is anonymised and excluded from general traffic. It feeds the Privacy analysis under the ‘no-consent’ category.

Visitor chooses
OPT-IN

Visitor identification is authorised and dedicated cookies may be placed (idrxvr,atidx,atid or atuserid)
All your business data may be sent, provided that it is specified in your purposes.

Visitor chooses
OPT-OUT

All cookies are defined with the OPT-OUT value.
Data is anonymised and excluded from general traffic. It feeds the Privacy analysis under the ‘opt-out’ category.
It is also possible not to send data via a dedicated setting in the tag, or via an option in Tag Composer.

 

Tag configuration

The ‘no-consent by default’ method will use the Tag Composer Privacy plug-in available in the Javascript 5.24.0 version.

Note

This plug-in and its methods will apply solely to client-side visitor identification, it will impact first-party cookies only.

 

Tagging

To handle visitor consent in the marking of the configuration, you simply need to add a line to the beginning of your SmartTag marking.

Then, just move from one state to another depending on the consent expressed by the visitor.

For more details, please read our article on developer documentation.

 

No-consent

var tag = new ATInternet.Tracker.Tag();
tag.privacy.setVisitorMode('default', 'no-consent'); // Visitor set under no-consent
tag.page.set({
    name: 'pageName',
});
tag.dispatch();

Only these hit parameters will be filled in:

s idclient vm vc ts type click
site number visitor identifier visitor mode visitor consent hit timestamp type de hit type de clic

 

These parameters will feed the AT Internet Privacy analysis, allowing you to get an anonymous and quantitative view of your traffic generated by users refusing tracker deposit. More details in our developer documentation.

 

Opt-In

var tag = new ATInternet.Tracker.Tag();
tag.privacy.setVisitorOptin(); // Visitor set under Opt-In
tag.page.set({
    name: 'pageName',
});
tag.dispatch();

 

Opt-Out

var tag = new ATInternet.Tracker.Tag();
tag.privacy.setVisitorOptout(); //  Visitor set under Opt-Out 
tag.page.set({
    name: 'pageName',
});
tag.dispatch();

It is possible not to send information by using the false setting of Tracker sendHitWhenOptOut.

Only these hit parameters will be filled in:

s idclient vm vc ts type click
site number visitor identifier visitor mode visitor consent hit timestamp hit type click type

 

These parameters will feed the AT Internet Privacy analysis, allowing you to get an anonymous and quantitative view of your traffic generated by users refusing tracker deposit. More details in our developer documentation.

 

Properties

The ‘opt-in by default’ setting uses two dedicated consent properties:

  • Consent properties 

    The new Privacy plug-in methods add 2 properties to your hits:

    • Visitor mode : visitor_privacy_mode / &vm to filter events based on the consent status (optin/optout)
    • Consentement visiteur : visitor_privacy_consent / &vc to directly identify consented traffic when ‘true’

mceclip0.png

 

Explorer

Once the marking is implemented and the properties have been added to the hits, you will be able to add to your Explorer analyses with the ‘Combine’ button above each table. You will then be able to filter property values (visitor mode: opt-in, visitor consent: true). 

2020-06-16_11h05_26.png

 

Privacy analysis

In Explorer you can reach Audience > General Traffic > Privacy to see the number of events considered as excluded under ‘no-consent’.

2020-06-16_14h49_57.png

 

Data Query / Data Flow

You may add the Visitor mode and Visitor consent properties to your data sets.

You will be able to analyse opt-in visitor mode only, given that opt-out and no-consent events (with option) feed the Privacy analysis exclusively

Image1.png

Articles in this section