Consent Manager Data Flow

  • Updated

Osano’s CMP architecture is designed to keep protected end-user data safe and keep Osano’s customers within legal compliance with various regulations, such as CCPA, GDPR, LGPD, etc. To this end, we process all Consent Manager-related data in AWS region “EU-west-1”, located in Ireland.  From here, all data is encrypted before storage in our central AWS region, “us-east-1”.  We process information in Ireland to keep within the European Union (EU) regulations regarding protected information data transfers outside the EU.


The CMP data flow can be described as:


Data Exchanged

Osano.js CM Script Delivery

Customer tracker rules, user interface, language translations.

CM Script Consent Recording

User consent info delivered to Osano assets in EU-west-1via encrypted SSL.

Consent Record Processing

User consent info processed, encrypted, and sent for storage to us-east-1.

Consent Record Storage

User consent info is stored for reporting and querying in a cryptographically verifiable, immutable journaling database.


Below is a simplified architectural + data flow diagram describing the interactions between the various pieces of the Consent Management system.

Customer-Facing Consent Manager Interactions