Cookie Mapping¶
For GDPR compliance purposes, Yahoo is adding new parameters to its Cookie Mapping Service (CMS), as part of our Cookie Sync pixel for our providers to share data consent from EU users. Please read below for instructions on how to implement the new parameters.
These new parameters will be gdpr and euconsent. It will be the publisher’s responsibility to acquire the consent information and pass it to Yahoo via these parameters.
Parameter Names¶
gdpr
- use to pass EU user consent:
true - Europe audience data. Data provider indicates that the data is subject to GDPR regulations.
false - Rest of the world. Data provider indicates that the data is not subject to GDPR regulations.
empty - DataX will handle the jurisdiction flag as ‘true’ and process data applying GDPR regulations.
euconsent
- use to include user consent attributes (using IAB Purpose bit descriptions):
Storage and Access of Information - the storage of information, or access to information that is already stored, on user device such as accessing advertising identifiers and/or other device identifiers, and/or using cookies or similar technologies.
Personalization - the collection and processing of information about user of a site to subsequently personalise advertising for them in other contexts, i.e., on other sites or apps, over time. Typically, the content of the site or app is used to make inferences about user interests, which inform future selections.
CMS Pixel Implementation¶
Current CMS Pixel:
http://cms.analytics.yahoo.com/cms?partner_id=[partner_id]
CMS Pixel with GDPR flags - gdpr=true
:
http(s)://cms.analytics.yahoo.com/cms?partner_id=[partner_id]&gdpr=true&euconsent=<base64-encoded-consent-string>
Note
Yahoo will do the decoding.
CMS Pixel with GDPR flags - gdpr=false
(‘euconsent’ parameter is not required):
http(s)://cms.analytics.yahoo.com/cms?partner_id=[partner_id]&gdpr=false
Read more about IAB Transparency & Consent Framework Bits.
Notes
- The
gdpr
value must be included (true or false) at the time of the pixel fire.
false - data provider indicates that the data is not subject to GDPR regulations.
true - data provider indicates that the data is subject to GDPR regulations.
empty - CMS will decide user’s jurisdiction based on the user’s IP address and stored profile.
euconsent
parameter MUST be included and contain the following values: (base64-encoded-consent-string) when gdpr is set totrue
otherwise CMS could ignore all records.Parameter values are case insensitive
- If
gdpr
andeuconsent
parameters ARE NOT included as part of the CMS pixel
Yahoo will look at user’s IP address and stored profile to retrieve jurisdiction and consent status.
Yahoo will drop all EU based identified users and process all others.