The EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) require users to provide consent before their personal data is collected or processed. Publishers can use a consent management provider (CMP) (or a proprietary solution) to collect and store site visitor’s consent. The IX Library supports the automatic retrieval of this consent information from the site.
To easily integrate the IX Library with a CMP, we recommend selecting a CMP (or a proprietary solution) that's compliant with the following IAB Frameworks: CCPA Compliance Framework for Publishers & Technology Companies, and the Transparency & Consent Framework (TCF) v1.1 as well as v2.0.
To learn more, see:
When privacy settings are enabled in the IX Library, the IX Library attempts to connect with the CMP as soon as it loads on the publisher’s page. Once connected, the IX Library waits to receive one of two signals:
- An encoded string, representing the site visitor's consent from the CMP
- The privacy settings timeout, set in the IX app
When it receives one of these signals, the IX Library makes the consent information available to certified adapters and the header auction begins.
If the IX Library fails to connect with the CMP or the privacy settings timeout elapses, it continues with the header auction. However, instead of making the consent information available, it shares empty consent strings with the adapters to indicate unknown consent.
GDPR stipulates that Data Subjects located in the European Economic Area (EEA) must provide consent before their Personal Data is collected or processed. A consent management provider (CMP) requests consent from Data Subjects to process their Personal Data, then passes the response to the IX Library.
Implementing a CMP is critical to maintaining your advertising revenue, while adhering to GDPR.
We validate all CMPs that our clients are working with to ensure they are implemented correctly and operate successfully with our products. After you’ve selected a CMP, complete the following steps to configure it with the IX solution(s) you use:
- Contact your IX Representative. Indicate which CMP vendor you’ve selected and forward all technical documentation you’ve received.
- Enable the Privacy Settings section in the IX app:
- Log in to the IX app.
- Go to Controls > Inventory > IX Library.
- Locate your IX Library configuration and click the Edit icon.
- Scroll down to the Privacy Settings section and switch the toggle ON.
- Configure the Timeout (ms) field. This tells the IX Library to wait (for a specified amount of time) while the user is interacting with the CMP. It’s separate from your existing IX Library timeout, and any time entered here is added on to the Global Timeout.
To check the IX Library timeout, scroll up to the New Configuration section and check the Global Timeout (ms) field.
- Configure the GDPR applies by default? field. Select Yes if GDPR is applicable to all of your site visitor’s. Your choice saved here is shared with the adapters only if your CMP fails to share this information with the IX Library.
- Save the settings in the IX app:
- Scroll down to the bottom of the page and click Save.
- (Optional) Click Launch Staging to test the changes.
- Click Launch Production.
We recommend the following best practices when selecting and implementing a CMP:
- Place the Stub and the CMP script above the IX Library in the
<head>section of your site.
Implementing a CMP that hasn't already been validated? Once you've completed the implementation, we start the validation process. Here's what it looks like at a high level:
Now let's dive into some more detail:
- Contact us. Once you've installed the CMP, contact your IX Representative to kickstart the validation workflow.
- Validation Cycle. We run through a checklist (which includes items such as whether the CMP follows the IAB standard) to validate the CMP. If we're able to complete the checklist successfully on the first pass, we mark the CMP as validated. Otherwise, we start the following review cycle to resolve issues with the CMP:
- We send feedback to you (for implementation issues) or our internal engineering teams (if custom functions are required).
- When the feedback is resolved, we run the checklist (and start the review cycle) again.
- Validated! Once we've successfully completed the checklist, the CMP is considered validated. (And let's be honest: who doesn't love a little validation now and then?)
We validate all Consent Management Providers (CMPs) that our clients are working with to ensure they are implemented correctly, and operate successfully with our products. The following CMPs are already validated with our products:
- Evidon (Crown Peak)*
- Oath CMP
- Quantcast CMP
- Sourcepoint Technologies Inc.
- SOVRN CMP
*IAB compliant version
We recommend considering one of the CMPs listed above if you have not yet selected one. Choosing a validated vendor can mean a quicker implementation.
Was this page helpful?
You are invited to take a 1-minute survey to help us improve this site.