Support for Privacy APIs
The consentmanager CMP supports various international standards and specifications in order to allow users to determine the privacy settings in an alternative way (usually by using settings in their browser). consentmanager currently supports the following Privacy APIs:
DNT / Do-not-track HTTP header
If enabled in the CMP-settings, the CMP will recognize DNT signals sent by the browser. The settings can be found at Menu > CMPs > Edit > Other Settings > Privacy APIs > DNT. The setting can use one of the three options:
- Off - The CMP will ignore DNT headers (default)
- Disable all purposes - If the DNT signal is present, the CMP will disable all purposes that can be disabled (purposes that are not set to a state that results in an "always on")
- Disable selected purposes - If the DNT signal is present, the CMP will disable the selected purposes
In order to recognize the signal, the browser must send the following HTTP header:
DNT: 1Please note, that the CMP will disable the purposes entirely if the DNT signal is present. This means, that a user cannot re-activate them.
Please note, that the CMP will not show the consent layer if it finds that all purposes have a state that cannot be changed by the user (e.g. disabled or "always on").
GPC / GlobalPrivacyControl HTTP header
If enabled in the CMP-settings, the CMP will recognize GPC signals sent by the browser. The settings can be found at Menu > CMPs > Edit > Other Settings > Privacy APIs > GPC. The setting can use one of the three options:
- Off - The CMP will ignore GPC headers (default)
- Disable all purposes - If the GPC signal is present, the CMP will disable all purposes that can be disabled (purposes that are not set to a state that results in an "always on")
- Disable selected purposes - If the GPC signal is present, the CMP will disable the selected purposes
Support for GPC may be legally required if your website targets visitors from California/USA. More infomation on GPC can be found here: https://globalprivacycontrol.org/
In order to recognize the signal, the browser must send the following HTTP header:
Sec-GPC: 1Please note, that the CMP will disable the purposes entirely if the GPC signal is present. This means, that a user cannot re-activate them.
Please note, that the CMP will not show the consent layer if it finds that all purposes have a state that cannot be changed by the user (e.g. disabled or "always on").
ATT / Apple App Tracking Transparency
If enabled in the CMP-settings, the CMP will recognize ATT signals sent by the app. The settings can be found at Menu > CMPs > Edit > Other Settings > Privacy APIs > ATT. The setting can use one of the three options:
- Off - The CMP will ignore ATT headers (default)
- Disable all purposes - If the ATT signal is present, the CMP will disable all purposes that can be disabled (purposes that are not set to a state that results in an "always on")
- Disable selected purposes - If the ATT signal is present, the CMP will disable the selected purposes
Support for ATT may be required by Apple in order to be able to update your app in the Apple app store. Please ensure you are using the latest consentmanager iOS SDK in order to enable the signals.
If the SDK finds, that ATT was rejected by the user, the CMP will automatically disable the corresponding purposes when showing the consent layer.
If loading the CMP in an inApp WebView, the presence of ATT can be signaled by adding ?cmpatt=2 or #cmpatt=2 to the website URL.
Please note, that the CMP will disable the purposes entirely if the ATT signal is present. This means, that a user cannot re-activate them.
Please note, that the CMP will not show the consent layer if it finds that all purposes have a state that cannot be changed by the user (e.g. disabled or "always on").
ADPC / Advanced Data Protection Control
If enabled in the CMP-settings, the CMP will recognize ADPC signals sent by the browser. The settings can be found at Menu > CMPs > Edit > Other Settings > Privacy APIs > ADPC. The setting can use one of the three options:
- Off - The CMP will ignore ADPC headers (default)
- Disable all purposes - If the ADPC signal is present, the CMP will disable all purposes that can be disabled (purposes that are not set to a state that results in an "always on")
- Disable selected purposes - If the ADPC signal is present, the CMP will disable the selected purposes
If enabled, the CMP will check if the ADPC HTTP headers are sent. If the headers are not sent, the CMP will use the ADPC JavaScript API in order to fetch the consent information.
Please note: If enabled and if the CMP finds that the browser supports ADPC, the consent layer will not be shown. The ADPC consent therefore replaces the CMP consent layer.
