Developers » AS2 tagging » JavaScript » Advanced features » Privacy 5.24.0
Privacy
Foreword
The Privacy plugin (to be activated from the Tag Composer interface) allows an editor to control the data collected within the audience measurement solution, according to the different legislations to which it refers. It offers you the possibility to adapt your tagging thanks to a precise management of the different measurement parameters (sent properties, trackers used, …), in the respect of the regulation in force.
Notion of authority
For its operation, the plugin relies by default on a configuration defining a set of processing rules to be applied according to the chosen authority.
Strictly speaking, an authority represents a control entity in charge of monitoring the application of a regulation relating to the protection of personal data. This is translated in the code by the presence of configuration objects of type authority including different visitorMode: a cnil authority for the application of a specific mode of exemption of consent (CNIL hybrid measure) and a default authority for all other cases defined by AT Internet.
An authority therefore contains different modes related to consent that can be activated through marking.
It is also possible to create custom authorities, which will contain visitor modes specific to your needs.
Each “visitor mode” contains an inclusion list of Tracker parameters that will act at the storage (cookies) or buffer (hits parameters) level. It is therefore possible to interact at different levels and keep complete control of the data to be transmitted.
The default authority allows the following standard modes to be activated:
optin: for a comprehensive post-consent measurement.optout: for a restricted and anonymized measurement with idclient set to “OPT-OUT”.no-consent: for a restricted measurement, without cookie deposit, anonymized thanks to the option “exclusion of non-cookie traffic” and with idclient set to “Consent-No”.random: for a restricted measurement with dynamic idclient changing at each load, before consent.
The “visitor modes”
optin,optoutandrandomare generic modes requiring additional intelligence linked to the complexity of the business, these modes have dedicated “helpers” for their activation. You should not use them with the methodsetVisitorMode
The cnil authority allows to activate the following standard mode:
exempt: for a Hybrid Measure with exclusion of data deemed not strictly necessary.
Details of our Hybrid Measure implementation can be found in our Privacy Center. If you want more information on marketing sources management, please check this article.
When a “visitor mode” is activated, a cookie named atauthority including the name of the authority and the visitor mode is saved for a duration of 397 configurable days, if the applied rules effectively allow this saving.
Activate a standard visitor mode
The Privacy plugin provides a set of methods (helpers) to implement the standard modes defined by AT Internet.
When a mode has been activated, the atauthority cookie is automatically created to keep the information (if no rule prevents writing in cookie).
When a page is loaded, the plugin checks the cookie. If it exists, the plugin automatically takes the last configuration. A test on the getAuthority() authority and the getVisitorMode() allows to choose at any time the behavior to adopt in terms of marking.
Activation of the “Opt-In” mode
Tagging method
setVisitorOptin()
Activate the “optin” mode.
Example
tag.privacy.setVisitorOptin();
Behavior
Activating the optin mode results in an exhaustive measurement by the tracker. All parameters are then stored and sent.
Example
var tag = new ATInternet.Tracker.Tag();
tag.privacy.setVisitorOptin();
tag.page.set({
name: 'pageName',
chapter1: 'chap1',
chapter2: 'chap2',
chapter3: 'chap3',
level2: '123',
});
tag.dispatch();
Activation of the “Opt-Out” mode
Tagging method
setVisitorOptout()
Activate the “optout” mode.
Example
tag.privacy.setVisitorOptout();
Behavior
Activating the optout mode results in a restricted measurement by the Tracker. The list of allowed parameters (default) is as follows:
{
"include": {
"storage": [
"atuserid",
"atauthority"
],
"buffer": [
"s",
"idclient",
"ts",
"vc",
"vm",
"click",
"type"
]
}
}
The hit parameter “idclient” (visitor ID) will be set to “OPT-OUT” and the generated traffic will be anonymized and rendered only within Explorer’s Privacy analysis.
Example
var tag = new ATInternet.Tracker.Tag();
tag.privacy.setVisitorOptout();
tag.page.set({
name: 'pageName', // will not be sent
chapter1: 'chap1', // will not be sent
chapter2: 'chap2', // will not be sent
chapter3: 'chap3', // will not be sent
level2: '123', // will not be sent
});
tag.dispatch();
Here, level 2 “123” will not be sent in the hit, as the parameter “s2” is not part of the allowed “buffer” list. The same applies to page information, as the “p” parameter is not allowed.
By default, the hits generated when the Opt-out mode is activated are sent. You can if you wish block these sends by overloading the Tracker configuration variable sendHitWhenOptOut, or from the “Privacy parameter” section of Tag Composer.
Example
var config = {
sendHitWhenOptOut: false // true by default
};
var tag = new ATInternet.Tracker.Tag(config);
Activate the “No-consent” mode.
Tagging method
setVisitorMode('default', 'no-consent')Enable the “no-consent” mode of the default authority.
Example
tag.privacy.setVisitorMode('default', 'no-consent'); Behavior
Activating the no-consent mode results in a restricted measurement by the Tracker. The list of allowed parameters (default) is as follows:
{
"include": {
"storage": [],
"buffer": [
"s",
"idclient",
"ts",
"vc",
"vm",
"click",
"type"
]
}
}
The hit parameter “idclient” (visitor ID) will be set to “Consent-NO” and the generated traffic should be anonymized using the “non-cookie traffic exclusion” option. The data will then be restored only within Explorer’s Privacy analysis
Example
var tag = new ATInternet.Tracker.Tag();
tag.privacy.setVisitorMode('default', 'no-consent');
tag.page.set({
name: 'pageName', // will not be sent
chapter1: 'chap1', // will not be sent
chapter2: 'chap2', // will not be sent
chapter3: 'chap3', // will not be sent
level2: '123', // will not be sent
});
tag.dispatch();
Here, level 2 “123” will not be sent in the hit, as the parameter “s2” is not part of the allowed “buffer” list. The same applies to page information, as the “p” parameter is not allowed.
Activate the “CNIL Exemption” mode
Tagging method
setVisitorMode('cnil', 'exempt')Activate the “exempt” mode of the “cnil” authority.
Example
tag.privacy.setVisitorMode('cnil', 'exempt'); Behavior
The activation of the hybrid mode exempt from the cnil authority allows a restricted measurement by the Tracker. Only parameters that are considered “strictly necessary” are collected. The list of authorized parameters (default) is the following:
{
"include": {
"storage": [
"atuserid",
"atauthority"
],
"buffer": [
"s",
"idclient",
"p",
"vtag",
"ptag",
"ts",
"vc",
"vm",
"click",
"type",
"olt",
"cn",
"mh",
"ref",
"pclick", // since 5.28.2
"s2click" // since 5.28.2
]
}
}
As with all other modes, the parameter inclusion list can be extended if necessary. For example, it is possible to add a custom variable to this list if it is considered that the data is strictly necessary, using the method extendIncludeBuffer(). The details of adding parameters can be found in the section “extending the parameters of a mode (storage and collected data)”.
Example
var tag = new ATInternet.Tracker.Tag();
tag.privacy.setVisitorMode('cnil', 'exempt');
tag.privacy.extendIncludeBuffer('x1'); // The site indicator "x1" is added to the inclusion list
tag.page.set({
name: 'pageName',
chapter1: 'chap1',
chapter2: 'chap2',
chapter3: 'chap3',
level2: '123', // will not be sent
});
tag.customVars.set({
site: {
1: '[site1]'
}
});
tag.dispatch();
Here, level 2 “123” will not be sent in the hit, as the parameter “s2” is not part of the allowed buffer list.
Activation of the “Random” mode
Tagging method
setVisitorRandomID()
Activate the “random” mode.
Example
tag.privacy.setVisitorRandomID();
Behavior
Activating the random mode of the default authority results in a restricted measurement by the Tracker. The list of allowed parameters (default) is as follows:
{
"include": {
"storage": [],
"buffer": [
"s",
"idclient",
"p",
"vtag",
"ptag",
"ts",
"vc",
"vm",
"ref",
"xto",
"click",
"type"
]
}
}
The hit parameter “idclient” (visitor ID) will take a value defined as a GUID, but this will not be kept to avoid reconciliation. Each page load will change the value of the visitor id.
Example
var tag = new ATInternet.Tracker.Tag();
tag.privacy.setVisitorRandomID();
tag.page.set({
name: 'pageName',
chapter1: 'chap1',
chapter2: 'chap2',
chapter3: 'chap3',
level2: '123', // will not be sent
});
tag.dispatch();
Here, level 2 “123” will not be sent in the hit, as the parameter “s2” is not part of the allowed buffer list.
Extend the parameters of a mode (storage and collected data)
Extend storage (cookies)
extendIncludeStorage(storageParam)
Add storage parameters to the include list of all modes.
| Param | Type | Description |
| storageParam | Object|string|array | Storage settings |
It is important to extend the storage before activating a mode if you want the added list to be taken into account.
Examples
tag.privacy.extendIncludeStorage('atidvisitor'); // entire atidvisitor storage
tag.privacy.extendIncludeStorage({'atidvisitor': ['an', 'ac']}); // only 'an' and 'ac' from atidvisitor
tag.privacy.extendIncludeStorage([{'atidvisitor': ['an', 'ac']}, {'atredir'}]); // 'an' and 'ac' from atidvisitor and entire atredir
tag.privacy.extendIncludeStorage([{'atidvisitor': ['an', 'ac'], 'atredir': ['an', 'ac']}]); // 'an' and 'ac' from atidvisitor and atredir
Expand buffer (hit parameters)
extendIncludeBuffer(bufferParam)
Add buffer parameters to the include list of all modes.
| Param | Type | Description |
| bufferParam | Object|string|array | Paramètres de buffer |
It is important to extend the buffer after activating a mode if you want the added list to be taken into account.
Syntax for adding parameters
Different formats are allowed to add your parameters, depending on the version of your library.
SmartTag < version 5.28.0
an: adds the parameter of the querystringanto the include list of all modes["ref", "s2", "x1"]: adds the three parameters of the querystring to the include list of all modes{"stc":["device", "medium"]}: adds thedeviceandmediumkeys of thestcobject to the include list of all modes{"events":["name","data_medium"]}: adds the name of the event (name) and properties that start withmediumto the include list of all modes._is used to define a sub-object
Version 5.28.0 of the SmartTag corrects some behaviors related to the use of the Privacy plugin, and simplifies the nomenclature for extending the parameters of a mode.
We recommend that you update your tagging.
Example
tag.privacy.extendIncludeBuffer('an'); // buffer parameter 'an'
tag.privacy.extendIncludeBuffer(['an', 'ac']); // buffer parameters 'an' and 'ac'
tag.privacy.extendIncludeBuffer({"stc":["custom1","custom2"]}); // buffer parameter 'stc', keys 'custom1' and 'custom2'
SmartTag >= version 5.28.0
As of v5.28.0 and on Tag Composer, the following formats are accepted:
an: adds the parameter of the querystringanto the include list of all modes (in the case of a typed property, it will be necessary to integrate the prefix)stc/custom_key: adds thecustom_keykey of thestcobject to the include list of all modes./is used to define a sub-object (format valid only for thestcparameter)events_name: adds the event name (name) to the include list of all modes._is used to define a sub-object (format valid only foreventsandcontextparameters – necessary to allow events)events_data_medium: adds the eventmediumproperty to the include list of all modes._is used to define a sub-object (format valid only foreventsandcontextparameters)
exempt#an : you can extend the include list for a specific mode by prefixing the item with [mode]# to limit it to that mode only.
Example
tag.privacy.extendIncludeBuffer('an'); // buffer parameter 'an'
tag.privacy.extendIncludeBuffer(['an', 'ac', 'b:is_premium']); // buffer parameters 'an', 'ac' and 'b:is_premium'
tag.privacy.extendIncludeBuffer('exempt#stc/my_key'); // buffer parameter 'stc', key 'my_key' for exempt mode
tag.privacy.extendIncludeBuffer(['exempt#stc/my_key', 'an']); // buffer parameter 'stc', key 'my_key' for exempt mode + buffer parameter an for all modes
tag.privacy.extendIncludeBuffer(['events_name', 'events_data_prop1', 'events_data_prop2']); // allow properties "prop1" and "prop2" for events. In this case, "events_name" is required
To help you choose the right syntax to use, an article is available in our Privacy Center.
In this same article, you will see how to add parameters from Tag Composer directly, instead of markers. Be careful, an overload of markers has priority over the configuration made from Tag Composer.
updateStorageDuration
updateStorageDuration(storageDuration)
Update the storage duration of the “atauthority” cookie.
| Param | Type | Description |
| storageDuration | number | Storage duration in days (397 by default) |
Example
tag.privacy.updateStorageDuration(90);
Creation and activation of a custom mode
Declaration of a personalized authority
You can, if necessary, add a custom authority if the rules already present do not meet your needs. To do this, you need to know the structure of an authority object (change the values between [ ]):
// Declaration of authority
var authority = {
"name": "[authorityName]", // Mandatory
"[visitorModeName]": {
"name": "[visitorModeName]", // Mandatory
"storageDuration": 397, // Mandatory
"trackerSettings": {
"disableStorage": false,
"disableCookie": false
},
"add": { // Parameters to add
"buffer": {
"visitorConsent": { // Mandatory
"param": "vc",
"value": false // true|false
},
"visitorMode": { // Mandatory
"param": "vm",
"value": "[visitorModeName]"
}
}
},
"include": { // Parameters to include
"storage": [],
"buffer": []
}
}
};
tag.privacy.addAuthority(authority); // Adding custom authority
tag.privacy.setVisitorMode('[authorityName]', '[visitorModeName]'); // Activation of the custom visitor mode
Example of tagging a custom authority
// Declaration of custom authority
var customAuthority = {
"name": "customAuthority",
"customMode": {
"name": "customMode",
"storageDuration": 397,
"add": {
"buffer": {
"visitorConsent": {
"param": "vc",
"value": false
},
"visitorMode": {
"param": "vm",
"value": "customMode"
}
}
},
"include": {
"storage": [
{
"atidvisitor": ["an"] // "an" parameter will be allowed in storage (identified visitor)
},
{
"atredir": ["an"] // "an" parameter will be allowed for redirections (identified visitor)
}
],
"buffer": [
"an", // "an" parameter will be allowed in buffer (identified visitor)
"x1", // "x1" parameter will be allowed in buffer"
{
"events": [
"name", // The event property "name" will be allowed in buffer
"data_av_author" // The event property "data_av_author" will be allowed in buffer
],
"stc": "author" // The "stc" property "author" will be allowed in buffer
}
]
}
}
};
var tag = new ATInternet.Tracker.Tag();
tag.privacy.addAuthority(customAuthority); // Adding custom authority
tag.privacy.setVisitorMode('customAuthority', 'customMode'); // Activation of the custom visitor mode "customMode" of the custom authority "customAuthority"
tag.page.set({
name: 'pageName',
chapter1: 'chap1',
chapter2: 'chap2',
chapter3: 'chap3',
level2: '123',
});
tag.dispatch();
Activation of a custom mode
setVisitorMode(authority, visitorMode)
Activate a specific mode of an authority.
| Param | Type | Description |
| authority | string | Authority name |
| visitorMode | string | Visitor mode name |
Example
tag.privacy.setVisitorMode('customAuthority', 'customMode');
As indicated in the “Authority” section, the “visitor mode”
optin,optoutandrandomare generic modes requiring additional intelligence linked to the complexity of the business, they have dedicated “helpers” for their activation. You should not use them with the methodsetVisitorMode
Retrieve of authority and mode
getAuthority
getAuthority() ⇒ ObjectRetrieve the current authority.
Example
var authority = tag.privacy.getAuthority();
Example of object returned for a custom authority:
var authority = {
"name": "custom", // Name of the authority
"exempt": { // Visitor mode
"name": "exempt", // Name of the visitor mode
"storageDuration": 397, // Cookie retention time in days
"trackerSettings": { // Tracker settings to apply
"disableStorage": false,
"disableCookie": false
},
"add": { // Parameters to add
"buffer": {
"visitorConsent": {
"param": "vc",
"value": false
}, // Addition of the parameter "vc"
"visitorMode": {
"param": "vm",
"value": "exempt"
} // Addition of the parameter "vm"
}
},
"include": { // Parameters to include
"storage": [
"atidvisitor", // "atidvisitor" parameter will be allowed in storage (identified visitor)
{
"atredir": [
"at",
"an"
] // "at" and "an" parameters will be allowed for redirections (identified visitor)
}
],
"buffer": [
"an",
"at",
"ac",
"anc",
"vrn"
] // "an", "at", "ac", "anc" and "vrn" parameters will be allowed in buffer (identified visitor)
}
}
};
getVisitorMode
getVisitorMode() ⇒ ObjectRetrieve the current visitor mode.
Example
var visitorMode = tag.privacy.getVisitorMode();
Example of object returned for the “exempt” mode of a custom authority:
var visitorMode = {
"name": "exempt", // Name of the visitor mode
"storageDuration": 397, // Cookie retention time in days
"trackerSettings": { // Tracker settings to apply
"disableStorage": false,
"disableCookie": false
},
"add": { // Parameters to add
"buffer": {
"visitorConsent": {
"param": "vc",
"value": false
}, // Addition of the parameter "vc"
"visitorMode": {
"param": "vm",
"value": "exempt"
} // Addition of the parameter "vm"
}
},
"include": { // Parameters to include
"storage": [
"atidvisitor", // "atidvisitor" parameter will be allowed in storage (identified visitor)
{
"atredir": [
"at",
"an"
] // "at" and "an" parameters will be allowed for redirections (identified visitor)
}
],
"buffer": [
"an",
"at",
"ac",
"anc",
"vrn"
] // "an", "at", "ac", "anc" and "vrn" parameters will be allowed in buffer (identified visitor)
}
};
Advanced tagging
ACPM certification (OJD)
If your site/app is certified by the ACPM (OJD), you must allow the stc/device or s2 parameter in your buffer:
tag.privacy.extendIncludeBuffer("stc/device");
tag.privacy.extendIncludeBuffer("s2"); Priority management
It is important to condition a call according to your marking needs and not to execute it systematically. A test on the getAuthority() authority and the getVisitorMode() will allow you to choose the best behavior to adopt in terms of marking.