IAB TCF v2.2 Compliance with CookieYes
Last updated on October 16, 2024
The IAB’s Transparency and Consent Framework (TCF) is a standardized framework designed to ensure transparency and compliance in digital advertising practices explicitly addressing GDPR requirements. It provides guidelines and technical specifications for Consent Management Platforms (CMPs) to manage user consent and preferences regarding data processing activities.
In alignment with this industry standard, CookieYes has registered and obtained certification with the IAB as a CMP. Now, it offers this framework, providing an additional level of credibility, which proves beneficial for the platform.
Starting July 31, 2024, to comply with the EU User Consent Policy, websites utilizing Google publisher products (such as AdSense, Ad Manager, or AdMob) must implement a certified CMP that integrates with the TCF to serve ads to users in the EEA, UK, and Switzerland. CookieYes is a Google-certified CMP for compliance with IAB TCF version 2.2.
Implementation of CookieYes IAB Consent Framework
This feature is only available on the Pro and Ultimate plan.
To implement the IAB consent framework, follow the below steps:
- Log in to your CookieYes account.
- Navigate to Dashboard > Cookie Banner.
- In the General tab, select GDPR as the Consent Template.
- Now, toggle the button (to the right) labelled āSupport IAB TCF v2.2ā.
- Click Publish Changes.
Once you publish the changes, your site will automatically deliver the TCF-compliant consent banner to users who access it from the applicable regions.
After implementing IAB TCF v2.2 the user must :
- Initiate a page scan because of the additional cookie.
- Make appropriate changes to the Privacy policy.
A user’s consent information includes their choices or preferences regarding vendors, purposes, and special features defined within the TCF framework. Once enabled, IAB TCF sends consent signals to vendors through the Consent Management Platform (CMP) when the user interacts with the website. These signals indicate the user’s consent preferences for each vendor and purpose. These signals help vendors determine whether they have the user’s consent to process their data for specific purposes.
In the case of the cookie banner, you will notice a lengthened text in the first and second layers of the cookie banner, which is non-editable as IAB TCF v2.2 enforces strict policies on the wordings used to ensure clear and concise information for users about the collection and processing of their data.
IAB Europe has approved the consent banner text for CookieYes, and we do not enable the alteration of IAB TCF text to ensure TCF compliance.
How to Restrict Vendors and Google Ad Tech Providers?
Restrict Vendors
You can control which Vendors you allow access to your website users by configuring and adding the following code snippet before the CookieYes script within the head tag:
<script> window.iabConfig = { allowedVendors: [vendorId1,vendorId2,vendorId3] } </script>
You can obtain the Vendor Id (numeric value) either from the Standard Vendor List or IAB’s TCF Vendor List.
The below example illustrates the configuration of a website that allows access to the vendors “Vendor_A“, “Vendor_B” and “Vendor_C” with Vendor Id 8, 27 and 53.
<script> window.iabConfig = { allowedVendors: [8,27,53 ] } </script>
Restrict Google Ad Tech Providers
To control access for Consent Provider on your website, you can configure and add the following code snippet before the CookieYes script within the head tag. This will enable you to manage and customize publisher permissions according to your preferences.
<script> window.iabConfig = { allowedGoogleVendors: ['google_id1', 'google_id2', 'google_id3'] } </script>
The google_id will be a numeric value, which can be obtained either from the Google Ad Tech Providers List.
The below example illustrates the configuration of a website that allows access to the Google Ad Tech Providers “google_D“, “google_E” and “google_F” with Google Ids 46, 70 and 159.
<script> window.iabConfig = { allowedGoogleVendors: [46,70,159] } </script>
Restrict Vendors and Google Ad Tech Providers
If you wish to control both the Vendor list and Google Ad Tech Provider list concurrently, you can simply configure and add the following code snippet before the CookieYes script within the head tag:
<script> window.iabConfig = { allowedVendors: ['vendor_id1', 'vendor_id2', 'vendor_id3'], allowedGoogleVendors: ['google_provider_id1', 'google_provider_id2', 'google_provider_id3'] } </script>
The below example illustrates the configuration of a website that allows access to the vendors “Vendor_A“, “Vendor_B” and “Vendor_C” with Vendor Ids 8, 27 and 53 as well as Google Ad Tech Providers “google_D“, “google_E” and “google_F” with google Ids 46, 70 and 159.
<script> window.iabConfig = { allowedVendors: [8,27,53 ], allowedGoogleVendors: [46,70,159] } </script>
Googleās Additional Consent Mode
In addition to IAB TCF v2.2, CookieYes also supports Google’s Additional Consent Mode. With this feature, websites can obtain user consent for Google’s Ad technology providers that may not be registered on the IAB Europe Global vendor list. This ensures explicit user consent is obtained before data collection or tracking related to Google’s Ad technology providers occurs.
To enable this feature, flip (to the right) the switch labelled Support Googleās Additional Consent Mode in the General tab of your Cookie Banner configuration and click the Publish Change button.
Once enabled, you can notice the following changes in the first and second layers of the Cookie Banner: