Active Cookie Consent Method for Privacy Management

In this mode, users aren't served personalized experiences unless they actively provide consent. Users can opt in or out at any time, and can change their status without limitations.

Note that as soon as a user opts in, all of the current page data is saved, including the cookie referral data.

Step 1: Implement an Active Cookie Consent snippet and APIs

Implement a field in your <head> tag (after the page context) with the current consent preference of the user, and use an API call to notify Dynamic Yield when a user changes their consent preference.

📌

This is a necessary preliminary step for turning on Active Cookie Consent mode, but it doesn't affect your visitors until Dynamic Yield Support activates it.

If the user consents:

DY.userActiveConsent = { accepted: true }

If the user does not consent:

DY.userActiveConsent = { accepted: false}

If you're using the API means that if a user changes their preferences, the change occurs immediately.

Use the following API call to notify that the user has given consent:

DYO.ActiveConsent.updateConsentAcceptedStatus(true)

Use "false" to notify that the user moved from consent to no consent:

DYO.ActiveConsent.updateConsentAcceptedStatus(false)

📌

Remember to update the snippet in the <head> tag of the page to match the data sent in this API call.

🚧

If you use a custom analytics integration, use an additional API in the code of the custom integration to prevent private user data from being sent to a third party.

Step 2: Validate the implementation of Active Cookie Consent APIs

It is crucial to validate that everything is implemented correctly. To do so:

  1. Check that the value of DY.UserActiveConsent is false.
  2. Check that active consent is implemented in the head before the script (check at least three pages). Here is an example of a specific implementation, though yours might be different:
const setOptanonCookie = (val) => {
	DY.userActiveConsent = {
		accepted: val
	};
	DYO.ActiveConsent.updateConsentAcceptedStatus(val);

	try {
		window.localStorage.setItem("userActiveConsent", val);
	}
	catch (e) {
		console.error("We couldn't save the value of the consent, 
	}
};
  1. Check that the status changes with:
DYO.ActiveConsent.isUserOptOut() ? 'No Consent' : 'Consent'
  1. Check that there are no console errors related to Active Cookie Consent implementation.
  2. To verify that the status was changed by API:
    1. Open the developer console (Option+⌘+C (Mac) or Cmd+Shift+J (PC)).
    2. Go to the Elements tab and search for the term “updateConsentAcceptedStatus” (press ⌘+F or CTRL+F and paste the term). You'll find the results described in Step 1.

Step 3: Preview an existing campaign 

To preview how users who did not provide consent experience your site:

  1. In Experience OS, go to Settings › General Settings › Active Cookie Consent and click Preview Site.
  2. In the browser tab that opens, look at your site and see which campaigns and experiences are served.

Step 4: Contact Dynamic Yield Support

After you complete and verify the implementation, and your campaigns are ready, contact Dynamic Yield Support to turn on Active Cookie Consent mode.

👍

Additional validation

We recommend that you verify that data is indeed not collected for users who did not provide consent. Look for the strings px.dynamicyield.com and px-eu.dynamicyield.com in their network calls. These strings don't exist if data isn't being collected.

Enabling API campaigns with Active Cookie Consent 

API campaigns behave similarly to web personalization campaigns. This means that a user is considered to be opted out until they actively opt in, and you need to notify Dynamic Yield when a user opts in (or opts out). User consent data must be sent in every API call, such as Choose, Engagement, Events, and so on.

To indicate the user’s preference, add the active_consent_accepted parameter. If you send requests without this parameter, or with an incorrect value, Dynamic Yield assumes that the visitor has not opted in (value of false).

Param

"user": {  
    "dyid": "-4350463893986789401",  
    "dyid_server": "-4350463893986789401"  
    "active_consent_accepted" :  // true or false  
}

How it works:

  1. For first-time users, you don't send the user ID and session ID to Dynamic Yield.
  2. Dynamic Yield sets and returns the user ID and session ID in a cookie in the response.
  3. After Active Cookie Consent is turned on, Dynamic Yield can't return valid cookies unless the user has consented.
  4. If the user has opted out or not consented, Dynamic Yield sends a cookie with the user ID and session ID with a TTL (maxAge) of -1 (that is, the cookie is not saved, and if there was a cookie before, it's deleted). This way, you don't need to change your implementation, as the cookie expires immediately.