Osano and GDPR

  • Updated

For a walkthrough of GDPR and the various requirements for compliance, please view Osano’s GDPR Guide or refer to the full text HERE. 


Osano Features that Support GDPR Compliance 

Osano Consent Manager - Osano provides a consent manager that both notifies users of their rights at or before the time of collection and allows them to exercise their opt-out rights.

'Processing personal data is generally prohibited, unless it is expressly allowed by law, or the data subject has consented to the processing.' - GDPR.

  • IAB TCF 2.2 - In order to support vendors, publishers, and advertisers in meeting the consent and transparency requirements laid out by GDPR and the ePrivacy Directive, the Interactive Advertising Bureau, or IAB, has created an industry standard called the Transparency and Consent Framework (TFC v2.2)
  • First Layer Categories - UI adjustment. When enabled, users accessing from the EU (and other select regions) will see a popup with all cookie categories listed on the first layer. Users can navigate to the second layer at any time to make changes to their initial consent. 
  • Cookie Disclosures - This feature allows organizations to reveal details about the cookies on their site, providing 'Informed and Specific’ Consent. 


Data Subject Rights Management - Osano provides web forms and associated workflows for the management of Data Subject Rights requests so that users can execute their data rights under GDPR

'The controller shall take appropriate measures to provide any information referred to in Articles 13 and 14 and any communication under Articles 15 to 22 and 34 relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language...' - GDPR.


Vendor Risk Monitoring - Osano allows organizations to monitor vendors with whom customer information is shared to monitor and assess the potential risk of sharing this information.


Privacy Law Monitoring - Osano allows organizations to follow regions in which they do business to receive alerts when there are changes in the privacy landscape of those locations. This allows for proactive and up-to-date monitoring.