Salesforce

Configuring Geolocation Rules

Printable View
« Go Back
Information
Configuring Geolocation Rules
UUID-2229ff55-895a-11da-1b5f-79e1785b6e02
Article Content

Using Cookie Consent, you can configure geolocation rules that determine the consent model, behaviors, and content that will be shown to site visitors from certain locations. This is done by leveraging Cloudflare to perform a reverse IP lookup that will return the general location of the user (approximately at the city level). The location is not stored and is only used to determine the applicable rule.

From Cloudflare's IP geolocation documentation:

Cloudflare can include the country code of the visitor's IP address (in ISO 3166-1 Alpha 2 format) with each request between Cloudflare and the upstream origin web server. This allows site administrators to capture their visitor's IP location in server logging and/or application logic. Besides ISO country codes, Cloudflare uses the following special country codes:

  • XX - Used for clients without country code data.

  • T1 - Used for clients using the Tor network.

To set up geolocation rules, you first have to set up a geolocation rule group. This will allow you to group geolocation rules in a way that complies with applicable privacy laws. You must have a default geolocation rule group and a default geolocation rule within each geolocation rule group to define the behaviors to use when no other rules apply.

When a script is published, the template and geolocation rule will change to Active. If any changes are made to the geolocation or template, they will revert to Draft. Scripts will either be Draft if unpublished or Published after publishing.

Tip

If you have configured your Company Profile in Athena, the geolocation rule groups will be populated with recommended settings. For more information, see Athena Company Profile.

To add a geolocation rule group

  1. On the Cookie Consent menu, select Geolocation Rules. The Geolocation Rule Groups screen appears.

  2. Click the Create New button. The Create New Rule Group modal appears.

  3. Complete the Rule Group Name, Organization, and optional Description field.

    create_new_geo_rule.png

  4. Click the Create button.

To add a geolocation rule

  1. On the Cookie Consent menu, select Geolocation Rules. The Geolocation Rule Groups screen appears.

  2. Click on the name of the Geolocation Rule Group. The Geolocation Rule Group Details screen appears.

  3. Click the Add Rule button. A new rule is added.

  4. Complete the fields. For more information, see Geolocation Rule Configuration Screen Reference.

  5. Click the Save button.

Geolocation Rule Configuration Screen Reference

geo_rule_1.png
geo_rule_2.png
geo_rule_3.png
geo_rule_4.png

Field

Description

Rule Name

Enter a name for the rule.

Use Audience Logic

Note

The setting requires the Consent Rate Optimization add-on.

For more information, contact OneTrust Support or your account representative.

Select the checkbox to enable Audience Logic.

For more information, see Configuring Audience Logic Using Geolocation Rules.

Select the regions to which you want to assign this policy.

Select the geo-locations in which the rule should be applied. This can be regions, countries, or states.

Show Banner

Select this check box to show the banner on the domain for site visitors originating the applicable locations.

Template

Use the text box to search for the Template name. Select a Template to use for the rule.

IAB Purposes (IAB templates only)

Use this section to configure settings for IAB purposes. See the configuration fields below.

Consent Model

Select the consent model you would like to use. For more information, see Consent Models.

consent_model.png

Status

Select the default status for each category or purpose (IAB templates). For more information, see Category Statuses

Do Not Track

Select this check box to enable cookies or purposes (IAB templates) in the category to respond to Do Not Track requests sent by the browser.

Global Privacy Control

Select this check box to enable cookies in the category to respond to Global Privacy Control signals sent by the browser.

Google Consent Mode

Enable this setting to configure how Google tags behave based on the consent status of your users. You can define a storage type for each category.

GCM_categories.png

Microsoft Consent Mode

Caution

Public Preview Notice

This functionality is currently under Public Preview. Please contact your account representative or OneTrust Support to request early access.

Enable this setting to adjust how Microsoft tags behave based on the consent status of your users. You can indicate whether consent has been granted for Ads cookies. Microsoft's tags will dynamically adapt, only utilizing measurement tools when consent has been given by the user.

Once enabled, select a category to assign to ad_storage using the Assign Category dropdown.

ms_consent_mode_setting.png

For more information, see Microsoft's documentation on setting up UET for consent mode.

IAB Tech Lab - Global Privacy Platform (GPP)

Enable this setting to leverage the IAB Tech Lab Global Privacy Platform (GPP). You can indicate which categories can be mapped to additional purposes specified as part of GPP or you can choose to not assign a category at all.

For more information, see Configuring the Global Privacy Platform Settings.

Behaviors - Close Banner

Select the check boxes for the actions (On Click, Scroll, Next page) site visitors can use to close the banner.

Behaviors - Accept All Cookies

Select the check boxes for the actions (On Click, Scroll, Next page) that site visitors can use to accept all cookies.

Reconsent will occur after

Select the amount and unit of time after which end users should be prompted to reconsent.

Enable IAB Europe transparency and consent framework (IAB 2.2 template only)

Enable this setting to include support for IAB Transparency and Consent Framework vendors and purposes.

Vendor Version List (IAB 2.2 template only)

Select the vendor list you want to use.

Vendor List Consent Model (IAB 2.2 template only)

Select the consent model for the vendor list.

Set Global EU Consent

Enable this setting to set the EU 3rd party cookie that allows other CMPs to read the preferences set by the site visitor.

Capture Records of Consent

Enable this setting to log records of consent.

Advanced Analytics

Note

Only applicable if Capture Records of Consent is enabled.

Select a category or purpose for which you want to send the browser type, device type, and country where the user consented.

You can only select one processing purpose for Advanced Analytics per geolocation rule. This information will be shown in the dashboard.

Note

Consent sources (URLs) are automatically added to receipts if users consent to Advanced Analytics.

For more information, see Enabling Consent Logging and the Cookie Consent Dashboard.

Require Authentication for known users

Note

Only applicable if Capture Records of Consent is enabled.

The setting requires the Consent Rate Optimization add-on and is currently available as a preview feature.

For more information, contact OneTrust Support or your account representative.

Enable this setting to create receipts for known users only when accompanied by an authorization token. This requires you to store your public key in Consent Settings.

Create Data Subject Profiles for Known Users

Note

Only applicable if Capture Records of Consent is enabled.

The setting requires both a Cookie Consent license and a Consent & Preference Management license.

Enable this setting to create data subject profiles for known users. When an identifier is provided, consent receipts will create and update data subject profiles in Universal Consent & Preference Management. Ensure your licensing allows for the number of new data subjects that are expected to be created.

Current license usage

Displays the current number of data subjects / total available licenses.

Default identifier type

Select the identifier type that should be used for known users when an identifier type is not provided.

Trigger integration events

Enable this setting to allow consent receipts to trigger Data Subject Profile Updated events. Ensure that your integration workflows account for additional events generated by known users before enabling this setting.

Consent strings

If leveraging the Unified Consent feature with a TCF template, the consent string will now populate in the receipt. For a GPP-enabled template, the GPP string will be sent instead of the TC String. This same string will be stored on the data subject profile in UCPM.

For more information, see Connecting CMP Preferences with Universal Consent & Preference Management Profiles.

Enable Android Advertisement ID permission

Enable this setting for Android apps to log consent records for the Android Advertisement Permission. Note that an Android app must be assigned to this Geolocation Rule to use enable this permission.

Enable Collection Point Events

Enable this setting to send Mobile Consent transactions to the Universal Consent Module and expose them within Integration workflows.

Use this consent model if site visitor's IP address is unknown.

Enable this setting to make the Geolocation Rule the default rule. If changed, you will need to republish the script for the changes to take effect.

To assign a geolocation rule group to a domain

  1. On the Cookie Consent menu, select Geolocation Rules. The Geolocation Rule Groups screen appears.

  2. Click on the name of the rule group you want to assign. The Geolocation Rule Group Details screen appears.

  3. Go to the Assigned Domains tab.

  4. Click the Assign to Domains button. The Assign to Domains modal appears.

    assign_to_domains.png

  5. Select the check boxes for the domains you want to assign.

  6. Click the Assign button. The next time you publish the script for your domain, it will adhere to the rules configured in the policy. For more information on publish the script see Publishing and Implementing Cookie Consent Scripts

To view geolocation rule versions

New versions of geolocation rules are created when an existing geolocation rule is edited and saved.

  1. On the Cookie Consent menu, select Geolocation Rules. The Geolocation Rule Groups screen appears.

  2. Click on the name of the Geolocation Rule Group. The Geolocation Rule Group Details screen appears.

  3. Select a geolocation rule from the list. The geolocation rule configuration appears in the editor.

  4. Click the Show Version History button in the header. The Geolocation Versions pane appears.

  5. View the version history for the geolocation rule.

    geolocation_history.png

To delete a geolocation rule group

  1. On the Cookie Consent menu, select Geolocation Rules. The Geolocation Rule Groups screen appears.

  2. Click the Context Menu icon context_menu_icon_v2.png on the row for the group you want to delete. The Context menu appears.

  3. Select Delete. A confirmation modal appears.

  4. Click the Submit button.

To delete a geolocation rule

Note

You cannot delete the default Geolocation Rule.

  1. On the Cookie Consent menu, select Geolocation Rules. The Geolocation Rule Groups screen appears.

  2. Click on the name of the rule group you want to delete. The Geolocation Rule Group Details screen appears.

  3. Click the Edit icon for the rule. All editable fields display.

  4. Click the Context menu icon. The Context menu appears.

  5. Select Remove Rule. A confirmation modal appears.

  6. Click the Remove button.

Consent Models

Notice Only. If you select Notice Only as the default consent model, all cookie categories will set and cannot be disabled by website visitors. A banner informing the visitor that the website uses cookies will be displayed on the landing page of the website.

Opt-out. If you select Opt-out, all cookie categories (besides Strictly Necessary) will be set to require opt-out. These cookies will be automatically enabled when the visitor lands on the website. The website visitor can disable the non-Strictly Necessary cookies in the preference center.

Opt-in. If you select Opt-in, all cookie categories (besides Strictly Necessary) will be set to opt-in. These cookies will not be set on the visitor's device unless they are enabled in the preference center.

Implied Consent. If you select Implied Consent, all cookie categories (besides Strictly Necessary) will be set to implied consent. These cookies are not set until the website visitor clicks the Accept button or engages in another implied consent behavior. The website visitor can disable cookie categories in the Preference Center.

Always Inactive. If you select Always Inactive, all cookie categories (besides Strictly Necessary) will set to inactive and cannot be enabled by website visitors. A banner informing the visitor that the website uses cookies will be displayed on the landing page of the website.

Custom. If you select this option, you can set a different default status for each category of cookie on your site. You can customize the consent model to suit your organization's needs and can set the Do Not Track status for each category of cookie.

Category Statuses

For rules that use the Custom consent model, you can select the default status for each category of cookies or vendors. The status indicates the behavior of category and the conditions under which the cookies will be set. The statuses align with the consent models with which they share their names.

Notice Only. Cookies in a Notice Only category are automatically set and will be shown in the preference center, but cannot be disabled by the site visitors. Cookies in a Notice Only category cannot rely on Consent as the legal basis for processing data.

Opt-out. Cookies in an Opt-out category are automatically set and can be disabled by the site visitor in the preference center.

Opt-in. Cookies in an Opt-in category are not set by default and must be proactively selected by the site visitor in the preference center. Opt-in allows for the explicit consent of the site visitor.

Implied Consent. Cookies in an Implied Consent category are set when a site visitor engages in designated implied consent behaviors such acknowledging the banner, scrolling, clicking, or navigating to a new page.

Always Inactive. Cookies in an Always Inactive category are automatically set and cannot be enabled by website visitors. A banner informing the visitor that the website uses cookies will be displayed on the landing page of the website.
 
Article Visibility
63,943
Translation
English
Checked
Powered by