This article details how Osano’s Consent Manager supports Global Privacy Control.
The Global Privacy Control (GPC) is an initiative aiming to create a global web browser setting that allows users to control their online privacy. For users, activating GPC in their browser allows them to communicate their personal tracking preferences to participating websites. Specifically, the control indicates whether the user has consented to the sale of their personal data.
Enabling GPC Support for Consent Manager
Global Privacy Controls can be set for a consent manager configuration by enabling the "Support Global Privacy Control (GPC)" switch in the configuration settings.
Testing the GPC
To test Global Privacy Control, you will need an applicable browser or extension that supports the GPC. Once you have this, ensure the GPC is enabled in your browser settings or via your extension.
Navigate to or Refresh your Website. You can check to ensure the signal is being passed by opening your developer tools in your browser, navigating to the console, and entering:
The value should read true.
Disable GPC by turning off the GPC signal in your desired extension or browser.
Clear your Cookies and Cache and refresh the page. Open your developer tools in your browser, navigate to the console, and enter:
The value should now read false or undefined.
Testing the GPC and the Consent Manager
Osano’s Consent Manager (CMP) intercepts and respects GPC signals and records them within the Consent Object. When using Osano’s CMP, end-users can communicate their do not sell preferences, and Osano will record these preferences as well as update the users Do Not Sell preferences via the IAB CCPA framework.
To test, turn on your GPC in your browser or via your extension. Clear your Cookies and Cache and refresh the page. Navigate to the webpage where you have Osano installed.
If an end-user sends the GPC signal (by using a browser or browser extension that supports GPC), and:
- If the user is in the U.S.:
- Osano’s Consent Manager listens to the GPC signal that is communicated by the user's browser.
- The Consent Record will record an "Opt_Out." (An Opt-Out coincides with the Do Not Sell switch and Marketing category). (Opt_Out = 'Accept', Marketing = 'Deny'). See Consent Object below for details on verifying this value.
- The Do-Not-Sell toggle in the Storage Preferences drawer is disabled in the opt-in position, the Marketing category is disabled in the opt-out position, and the usprivacy string is sent via the U.S. IAB framework. See IAB Do Not Sell docs for details on verifying this value.
- If the user is NOT in the U.S.:
- The Consent Record will record an "Opt_Out." (An Opt-Out coincides with the Do Not Sell switch and no other categories). (Opt_Out = 'Accept')
- Unless the customer is listening for the OPT_OUT via the Osano API and Event Listeners, no other changes occur.
Verifying the GPC Signal is being passed
In order to verify if the GPC signal is being passed, you will need to access a site running Osano using a supported browser or extension (See GPC site for supported browsers/extensions).
Open your developer tools and navigate to "console."
Enter the following:
If GPC is being passed, you will see 'true' or 'false' based on your preference.
If the browser does not support GPC, this will read 'undefined.'
To view the Osano values based on the GPC signal, use the following call in the console to get the Consent Object:
This will return something like the following:
The Opt_Out value will change depending on the GPC preference of the individual user. If GPC is enabled, this will always read "accept." If not enabled or turned off, this value will read "deny", but could change in certain locations based on user preference (ex. in the US if Do Not Sell is activated).