Usercentrics CMP can be implemented in a variety methods, for example via plugins, tag management systems, and by directly adding the script(s) to the source code of your website.
This guide will focus on the latter method and will also show you how to modify scripts to ensure that the corresponding data processing service only loads when a visitor has consented to its use.
Adding the Web Consent Management Platform
To add the script which will service a consent banner and control whether services can run based on a visitor's choices you can copy the snippet from the Usercentrics Admin Interface. You can find it by selecting Implementation from the main menu, on the Script Tag tab.
It should look similar to this:
<script
id="usercentrics-cmp"
data-settings-id="XxxXXXxx"
src="https://web.cmp.usercentrics.eu/ui/loader.js"
async
></script>
This script can then by added to your website's header template, preferably right below the opening <head> tag.
Important
If you intend to use the auto-blocking feature, you must ensure that the CMP script loads before any other scripts!
Controlling Data Processing Services
One of the core features of the CMP is preventing data processing services from executing prior consent. To achieve this you can utilize the auto-blocking feature or you modify scripts in such a way that they can't load prior consent and can be identified and enabled by the CMP once consent has been given.
To ensure that the auto-blocking feature is available to the main CMP script you should ensure it loads before the main CMP script.
Here's how that looks:
Modifying scripts to ensure "consent awareness"
Unless you enable the auto-blocking feature, scripts need to be modified in order for them to not load without consent. Failure to apply these modifications without enabling auto-blocking may result in data processing occurring without consent.
Please note
If you enable auto-blocking, you can disregard the next portion, as the script modifications described below will be performed by the auto-blocking feature.
The modification consists of two parts; Setting the type to "text/plain", and adding the data-usercentrics attribute with the exact name of the data processing service as it's added in the Usercentrics Admin Interface that is loaded using this script.
Changing the type tricks the browser into seeing the script as a text file, which prevents the script from executing. So this turns the script "off" by default and failure to make this change will cause the script to execute as it normally would.
The data-usercentrics attribute is used to assess whether the service should be turned "on". Omitting this attribute would cause the script to never be executed, even if consent is given.
Please note
The auto-blocking feature and manually adjusting scripts are not mutually exclusive. If you manually adjust a script, the auto-blocking feature will respect your adjustments and will not try to override them.
An example of enabling consent awareness
Here's a fictional data processing service, aptly named "Data Processing Service". In its current state, nothing prevents it from loading, so it will load even if a visitor doesn't consent to the use of this service.
Currently the type is not set, which will apply the default for script elements, which is type="text/javascript".
<script src="https://dataprocessingservice.com/resource/service.js"></script>
To ensure that our fictional service respects our visitors' choices, we need to apply some changes as described above:
<script
src="https://dataprocessingservice.com/resource/service.js"
type="text/plain"
data-usercentrics="Data Processing Service"
></script>
Comments
0 comments
Please sign in to leave a comment.