Using , you can add General Vendors outside of the IAB Global Vendor Lists. General vendors enable you to add any vendor you wish to disclose to your OneTrust CMP.
Specifically, you can disclose vendors that may use tracking technologies other than cookies to your users. Users can then configure their preferences regardless of what tracking technology (e.g., pixels, web beacons) the vendor deploys.
You can also use general vendors to disclose third-party vendors alongside all the services and technologies they deploy on your site.
-
On the menu, select . The Vendor List screen appears.
-
Click the Add General Vendor button. The General Information tab appears.
-
Complete the fields.
-
Click the Next button. The Apply to Websites page appears.
-
Select the websites to which the vendor applies.
-
Click Next button. The Regions screen appears.
-
Select the regions in which the vendor is active.
-
Click the Next button. The Select Categories screen appears.
-
Select the categories and purposes that apply to the vendor.
-
Click the Next button. The Cookies and Hosts screen appears.
-
Select the cookies and hosts used by the vendor (optional). You can edit cookies and hosts after the vendor is created.
-
Click the Add Vendor button.
Managing Consent Outside of the IAB Global Framework
You can add vendors that are not part of the IAB Global Framework to the General Vendors list in . General vendors can read users' consent on the page provided by the consent management platform and update if they are active or inactive on the page.
Vendors read users' consent by (1) reading the OnetrustActiveGroups data layer variable or (2) the OptanonConsent cookie, which is set by the OTSDKstub.js file on the page.
Option 1: OnetrustActiveGroups
-
If OnetrustActiveGroups exists and contains the vendor ID, the vendor can be active on the page.
Note
It is the site owner's responsibility to communicate to vendors what their vendor ID is and how to read the OnetrustActiveGroups data layer variable.
-
If OnetrustActiveGroups does not exist or does not contain the vendor ID, then the vendor is not able to be active on the page.
Note
It is the site owner's responsibility to communicate to vendors what their vendor ID is and how to read the OnetrustActiveGroups data layer variable.
Option 2: OptanonConsent
In addition to the OneTrustActiveGroups data layer variable, the OTSDKstub.js file also sets the first party cookie, OptanonConsent, to capture user consent. When decoding the value of the OptanonConsent cookie as a string URI component, the current consent can be read.
Original string:
isGpcEnabled=0&datestamp=Wed+May+19+2021+15%3A31%3A46+GMT-0400+(Eastern+Daylight+Time)&version=6.18.0&isIABGlobal=false&hosts=&landingPath=http%3A%2F%2Fonetoso.com%2FPSOTesting%2FSamantha%2FTestSite%2FIAB%2520and%2520General%2520Vendors.html&groups=C0001%3A1%2CC0003%3A0%2CC0005%3A0%2CC0004%3A0%2CC0002%3A0%2CC0007%3A0%2CC0009%3A0%2CSTACK42%3A0
Decoded string:
isGpcEnabled=0&datestamp=Wed May 19 2021 15:31:46 GMT-0400 (Eastern DaylightTime)&version=6.18.0&isIABGlobal=false&hosts=&landingPath=http://onetoso.com/PSOTesting/Samantha/TestSite/IAB%20and%20General%20Vendors.html&groups=C0001:1,C0003:0,C0005:0,C0004:0,C0002:0,C0007:0,C0009:0,STACK42:0
Note
The value after the colon next to a cookie category ID or vendor ID indicates if a user has consented (i.e,. 1 = consented to, 0 = not consented to). As such, the vendor can read the OptanonConsent cookie to determine if their vendor ID has been consented to and is therefore active or inactive on the page. It is the vendor's responsibility to read the consent and determine if they can be active or inactive on the page.
