Consent Integrations

The new Consent Enforcement Framework is a core feature of Tealium iQ Consent Integration that enables robust and reliable enforcement of consent signals captured outside of Tealium iQ Tag Management. This feature blocks tracking when customer consent is not given or is ambiguous.

Tealium iQ Consent Integrations provides the option for both opt-in (GDPR-style) and opt-out (CCPA-style) enforcement patterns for the supported consent management platforms (CMPs). Integrations can be written in the form of templates to support most CMPs or custom solutions.

Tealium iQ Consent Integrations has a dependency on the latest utag version 4.49. To enable support in previous versions, edit the uTag Loader template and add ##UTCM## under the ##UTGEN##publish engine flag.

The following terms are related to the consent integrations framework:

• Purpose - A specific data use purpose to which your website users can consent (or withhold consent).
• Purpose Group - A list of purposes. A representation of an enforcement policy in the form of a group of consent purposes to which tags are assigned.
• Exemption - A case where no enforcement is necessary and no tags need to be blocked based on consent decisions. Enforcement exemptions differ from the behavior when no consent integration enforcement rules apply. Unless there’s an explicit exemption, or matching consent integration and the appropriate consent decision, no tags are allowed to fire.
• Enforcement Rule - Rules that determine when to enforce a consent integration or exemption.
• Consent Decision - An array of purposes that have been consented to. Consent Decision is determined with a type attribute and is either implicit or explicit, depending on whether the user has made an active decision (implicit) or not (explicit).
• Implicit decision - A decision inferred from a user’s behavior. By visiting a site, a user consents to the necessary tags as described in the site’s privacy policy. A user can object to the sale of their data, but by default this is enabled (there is an implicit ‘it’s OK, to share/sell my data’ decision).
• Explicit decision - A clear and precise consent decision by a user about what tracking they consent to.
• Integration A set of features and configurations (pre-loaded or custom) that capture a consent decision from a specified CMP. An integration is associated with a purpose group.

How it works

Tealium iQ Consent Integrations enables you to integrate with supported non-Tealium consent management platforms. Your CMP prompts end-users for purpose-based consent as needed, and then captures and stores those user consent decisions. When an integration is active, tags must be assigned to purposes within a purpose group before they can be triggered. A purpose must be consented to before tags assigned to that purpose can be triggered.

Each consent integration instructs the underlying framework how to communicate with a single CMP. Only one integration may be active simultaneously. However, you can use Enforcement Rules to conditionally apply multiple active integrations without conflict, if needed.

Note that tags that inject CMPs into the page are not compatible with Tealium iQ Consent Integration. Integrations require a signal from the CMP before tags are loaded. To integrate your CMP with Consent Integrations, use a Preloader or DOM Ready extension, or add the CMP to the page outside of Tealium iQ.

You can set up an integration with a supported CMP in the Tealium iQ dashboard, or create a custom integration by editing the Custom template.

Supported integrations

See Supported Vendor Integrations for a full list of currently supported integrations.

Manage integrations

In the Tealium iQ dashboard, the Consent Integrations screen provides the ability to add and configure consent integrations.

Add an integration

Follow the steps below to add an integration:

1. Go to iQ Tag Management > Consent Integrations.
2. Click + Add Integration to open the integration configuration modals.

Step 1: Configure integrations

1. In the Configure Integrations tab, enter a descriptive name for your integration.
2. Select a vendor from the Vendor list. Depending on your vendor selection, additional fields may be required, usually an identifier for the CMP configuration you want to integrate with.
3. Enter a description.
4. Click Next.

Step 2: Enforcement Rules

Use the dropdown list to create a new rule, or select an existing rule. This rule determines when to enforce a consent integration.

To create a new rule:

1. Click + New Rule.
2. In the Add Rule dialog, add a Title for the load rule, and optional Notes if needed.
3. Use the drop-down lists to select a Variable and an Operator, then enter a Value.
4. To add another condition using AND logic, do one of the following:
   1. Click + next to the default conditional statement.
   2. To create a copy of a conditional statement using AND logic by clicking the row menu and selecting Duplicate Row.
      The duplicate conditional statement can be edited as needed.
5. To add another condition using OR logic, do one of the following:
   1. Click +OR.
   2. Create a copy of a condition using OR logic by clicking the condition menu and selecting Duplicate. The duplicate condition can be edited to create a new condition.
6. To remove a conditional statement from a condition, click the row menu and select Remove Row.
7. Click Done.

Step 3: Publish locations

1. Select the environments where you want this integration’s enforcement to apply.
2. Click Next.

Step 4: Purpose group

1. Select a purpose group for your integration from the Purpose Group drop down list. If you opted to configure your integration with the default vendor categories in step 4, complete the following steps and continue with step 9:
   1. Select <Vendor> Default from the list.
2. If you did not opt to configure your integration with the default vendor categories in step 4:
   1. Select + New Purpose Group from the drop down list.
   2. In the New Purpose Group modal, click Create Purpose Group. This redirects you to the Purpose Group wizard. Your progress in the Add Integration wizard is saved and you will be redirected back after configuring your purpose group.
   3. In the Purpose Group wizard, complete steps 4 to 13 of the Add a Purpose Group Section.
   4. In the Add Integration wizard, select your purpose group from the Purpose Group drop down list.
3. Click Save to create your new Integration.

If you are using OneTrust default vendor categories for the first time, after creating your integration, follow the steps in edit purpose group to assign tags to the Default purpose group.

Manage purpose groups

To manage your purpose groups, navigate to iQ Tag Management > Consent Integrations > Purpose Groups tab.

Add a purpose group

Follow the steps below to add a purpose group:

1. Click + Add Purpose Group to open the purpose group configuration modals.

Step 1: Purpose group

1. Enter a name and description.
2. Click Next.

Step 2: Purposes

1. Enter purpose name and description. Each purpose name must match the name of a consent category for the vendor you are integrating with.
2. You can create multiple purposes in a purpose group. To add more purposes to your purpose group, click + Add Purpose
3. Click Next.

Step 3: Tealium iQ purpose

1. Select a purpose to map to Tealium iQ from the Tealium Tag Purpose. Tealium iQ controls all tag operations and must be mapped to a purpose for any tags to function.
2. Click Next.

Step 4: Map tags

All tags must be mapped to a purpose before they can be triggered.

1. To map your tags to the newly created purposes, for each tag, click Assign/Map and select the purpose you want to map that tag with from the drop down list.
2. To enable or disable tag refire for each tag, toggle the OFF/ON button under the Tag Refire column. For more information about tag refire, see the Tag refire section.
3. Click Save to create your new purpose group.

Edit a purpose group

Follow the steps below to edit a purpose group:

1. Click the options icon beside the Purpose Group you want to edit.
2. Click Edit to open the purpose group configuration.
3. Click the tab for the section you want to edit. To map tags to a new default purpose group, click Map Tags.
4. Click Save to save your changes.

Tag refire

Each tag has a Tag Refire switch in the Map Tags screen:

If you enable this option, the tag can be triggered up to twice for each user action (once with the implicit decision and once with the explicit decision). Note that no tags are triggered if the mapped purposes are not consented to.

Most tags don’t need to be triggered again if they have consent in each of these cases. Triggering tags again may result in double tracking in some cases, which should be avoided.

Customer Data Hub customers (especially EventStream customers) can benefit from refiring the Collect tag and using the purposes_with_consent_unprocessed attribute for the server-side activation logic to ensure that no server-side activation is refired for the same event. Using the purposes_with_consent_unprocessed attribute allows server-side activations to be triggered as quickly as possible without triggering twice for the same event.

Access the consent decision within Tealium iQ

​Consent decisions (ConsentDecision) are provided in the b object for each event in the following attributes, which can be used in tags and are automatically sent by the Collect tag, but are not available for extensions.

• tci.consent_type - The ConsentDecision’s type attribute ( implicit or explicit ).
• tci.purposes_with_consent_all - The full ConsentDecision array, all permitted purposes.
• tci.purposes_with_consent_processed - The array of processed consented purposes.
• tci.purposes_with_consent_unprocessed - The array of unprocessed consented purposes.

Access the consent decision from extensions

tealiumCmpIntegration.GetCurrentConsentDecision() returns the current consent decision and can be used to access consent decisions from extensions.

The following command adds the current consent decision to the b object for all subsequent extensions and passes it to tags along with the tci.* attributes:

b.currentConsentDecision = tealiumCmpIntegration.getCurrentConsentDecision()

Using the JavaScript console

When active, you can interact with a consent integration in the JavaScript console on pages where utag.js (Tealium iQ) is implemented. Using the JavaScript console allows you to get the current consent decision that is retrieved from the CMP on every event. The consent decision is never cached by Tealium to ensure it is always up to date.

For more details, see the related debugging documentation.

Server-side attributes - using Collect with Consent Integrations

Tealium Collect, like all other tags, must be mapped to a consented purpose. However, the refiringAllowed option allows tags to be refired on new decisions. This process indicates that the tag is being used for a variety of server-side purposes, and available server-side filters and logic are used to ensure that the signal is only processed appropriately while allowing it to refire.

Depending on which server-side tools you use, the Collect tag is triggered with the following event-level attributes for each event:

• tci.purposes_with_consent_unprocessed (with refiring)
• tci.purposes_with_consent_all (without refiring)

Opt-in model

Tealium iQ will not fire tags or set cookies until a consent decision is received from the CMP. If the expected CMP is not active on the page or Tealium iQ has not been consented, Tealium iQ will not run and no tags will be fired.

If no consent decision is found when Tealium iQ loads, Tealium iQ consent integration polls until one is found.

Until a consent decision is received from the CMP, all events are queued to be processed once a decision is found. If no consent decision is received, no events are processed.

If a consent decision ( implicit or explicit ) is available from the CMP, the following takes place:

• Tealium iQ consent integration first checks if Tealium iQ is allowed to run (since it sets cookies).
• If Tealium iQ is allowed to run, it checks if each tag can run
• If the tags can run, it then triggers the tags according to consent for all queued events.

If the consent decision is implicit, the events go into a different queue after implicitly consented tags are fired so that they can be reprocessed for newly consented tags when the user makes an explicit decision. The solution searches for an explicit decision until one is found.

If the consent decision is explicit, all queues are emptied and polling stops. Tags fired on an implicit consent are not re-fired when the explicit consent decision is processed unless tag refire is enabled and there are new consent purposes to process.

When a user reopens the interactive CMP layer and makes a new explicit consent decision, previous events are not reprocessed with the new consent decision.

For new events processed after Tealium iQ is first loaded, the new consent decision is retrieved from the CMP as each event is processed by Tealium iQ to ensure that the CMP is treated as a universal source of truth.

Opt-out model

The opt-out model is similar to the Opt-in model, but explicit decision is not polled as it is more restrictive than the default setting (CCPA/CPRA style) in the Opt-out model.