Client-side Global Privacy Control (GPC)
This article describes Tealium’s client-side support for Global Privacy Control (GPC), a proposed browser standard that allows users to opt out of the sale or sharing of their personal data.
Global Privacy Control (GPC) provides a global way to opt out of the sale or sharing of personal data at the browser level. For more information about GPC, see About Global Privacy Control.
The needs and requirements of our customers vary widely, so we intend to provide a flexible foundation for our customers to build upon.
This article describes Tealium’s client-side support for GPC. For information on server-side support, see Server-side Global Privacy Control
Client-side support
Since the GPC signal is a simple Boolean, CCPA and similar opt-out type regulations are the most relevant and accepted applications today (see About Global Privacy Control for more detail).
A strict interpretation might lead to a decision that Tealium iQ shouldn’t load at all if the GPC signal is set to true. If all the tags implemented in Tealium iQ sell or share data, this might be the right choice.
That can be implemented with a Pre Loader JavaScript extension:
if (navigator.globalPrivacyControl === true) {
// Tealium iQ not loaded due to Global Privacy Control out-out signal
window.utag_cfg_ovrd = window.utag_cfg_ovrd || {};
window.utag_cfg_ovrd.noload = true;
}
Opt-in models (like GDPR)
The GPC signal is designed for opt-out models (like CCPA/CPRA), not opt-in models (like GDPR). Tealium Opt-In Consent Management modules (the Explicit Consent Prompt Manager and the Consent Preferences Manager ) do not contain GPC-related opt-out logic out of the box.
Customer needs vary widely, and our Consent Management modules are intended to be customized so that tailored GPC logic can be added as needed to support your organization’s needs and interpretations.
Opt-out models (like CCPA/CPRA)
Tealium iQ Consent Integrations - Opt-out Cookie + GPC Integration
For customers with an already active opt-out form who need cookie-based enforcement that includes GPC support.
Tealium iQ Consent Integration provides support for simple opt-out models as required by CCPA/CPRA.
This integration assumes that a user has opted out when the GPC opt-out signal or a customer-specified opt-out cookie is found. For more information on how the Tealium iQ Consent Integration supports GPC, see the documentation.
Tealium iQ Consent Integrations - CMPs with GPC Support
For customers with an already active Consent Management Platform (CMP) with GPC support who only need enforcement.
Tealium iQ Consent Integration provides support for a growing list of CMPs. These CMPs typically provide GPC support as part of their decision capture, which is then enforced by Tealium iQ through the consent integration, with no additional logic or interpretation required. If your CMP isn’t supported yet, custom integrations are also available.
Tealium iQ Consent Management - Opt-out Privacy Banner and Popup
For customers who want to fully implement their consent management in Tealium iQ.
As of the release of cmDoNotSell v1.2.0, the logical flow from the diagram below is implemented in the Opt-out Privacy Banner and Popup.
This behavior serves as a starting point for building a consent management solution that meets the needs of your users and your business, and the specific behavior should be discussed with your legal team and clearly explained to your users. You can change or remove this behavior by editing the cmDoNotSell template.
This page was last updated: February 28, 2024