Skip to main content

FAQs for Privacy Manager for GDPR

With the use of our geo-targeting feature, you are able to create different consent screens for the different EU regions that may require additional changes. In order to facilitate this, we recommend that you create a new configuration script for each region that you need.

Both with templating or with the bulk-editing feature you can create swiftly new, already configured CMP scripts that need minimum tweaking.

After you’ve created a configuration for a specific EU country, you’re able to make sure that the configuration is only shown for users from that EU country through the geo-targeting feature in the admin section of the configuration.

In accordance with the new TCF v2.0 guidelines, customisation to the notice has been limited. As LiveRamp is required to ensure that any CMP implementation is IAB compliant, customisation can only be done within those constraints.

We understand the need for using your own notice, and in accordance with the new TCF guidelines we’ve made it possible for our clients to use their own notice in conjunction with a Private CMP ID.

The process of implementing your Private CMP can be done in several steps:

  • Disable the notice by ensuring that you’re using CMP ID 0, which can be set through the admin → TCF compliance section of the CMP configuration.


    Note that using the CMP ID 0 means the CMP is invalid. Therefore, only use it for the CMP configuration implemented on a testing environment.

  • Develop your own (compliant) notice and integrate it with our back-end throughout the different api’s.

  • Request your (private) CMP ID through this link.


    Note that the IAB will create a sub "" domain for you, but is nonessential to your configuration.

  • After validation you’ll receive your own CMP ID from the IAB, ensure in your CMP configuration that you input your CMP ID in the admin → TCF compliance section.

  • Migrate your compliant CMP from your testing to production environment.

A registered Private CMP ID will be charged by the IAB Europe on a yearly basis. The cost is approximately €1,200 per year for the CMP license.

‘Google Advertising Products’ is now part of TCF 2.0 Global Vendor List of the IAB. In order to make sure Google is working correctly with Privacy Manager, you need to follow these steps:

  1. Select Google as a TCF 2.0 Vendor (TCF GVL Vendor ID 755).

  2. Make sure purpose 1 is disclosed in order to pass its value as true in the TC string.

  3. Make sure to migrate your ATP vendor list in the ADmanager UI to the vendor configuration in LiveRamp Console, which will allow you to use the Additional Consent Mode.


If you configured the CMP to not disclose purpose 1 “Store and/or access information on a device“ from the parties section, it may result in an error with regards to the Specific Jurisdiction Disclosures and its validity for the country in which your business entity is established.

For more information on Google Errors related to TCF V2.0, please refer to this help article.

For more information, you can also check Google’s help center.

Conditional firing is a method to manually control firing of third-party vendors on page or in your mobile application. In essence it is a script or a logic that takes care of those third-party resources and forces them to obey the CMP signals.

You need to set up conditional firing logic in two cases:

  • If you are using (advertising) vendors or other resources that do not participate in the IAB Europe Transparency and Consent Framework. The benefit of the TCF is that it puts a contractual obligation on the advertising vendors to wait for the consent signal of the CMP that is present on the page before they can pass the bid request. This means that the vendors that do not participate in the TCF, do not have such restrictions and can just release their assets on page load. In order to prevent this from happening, website owners should use conditional firing: a technical means to make those third parties respect the CMP and listen to its signals.

  • Sometimes even the Transparency and Consent Framework’s vendors can drop cookies without consent. For example, some of them skip the ePrivacy compliance and focus on GDPR, claiming legitimate interest for their data processing activities. This is why we recommend you to check if this approach works for you and what is the extent of your liability. Conditional firing is a simple way to control the TCF vendors on your sites and enforce ePrivacy compliance.

For more information on how to set up conditional firing see the following articles:


Information on conditional firing for CCPA is coming soon)

Implementing LiveRamp Privacy Manager in Google Tag Manager (GTM) may add additional latency before the CMP is displayed. The total amount of latency depends on the amount of tags present in GTM and the set time-outs by yourself and/or your used vendors.

Our CMP script includes a stub code which, when loaded, will tell all IAB TFC participants that there is a CMP present. For TCF vendors this means that they have to wait for user input.

To ensure that the vendors are not waiting for something that doesn't exist, the IAB allows vendors to set a time limit. If no signal is sent to the TCF vendors then they'll act as if no consent is given.

Placing the CMP script in GTM will add latency, and more importantly, latency to our stub script that is vital in the communication to the vendors of the IAB TFC.

When scripts have added time-outs in GTM this will also affect the overall loading time in GTM and therefore create additional latency to the loading of the CMP.

Even if the stub sends a signal to all IAB TCF participants after the time limit, the user is still treated as if there is no consent even if they accepted all purposes.

If the user continues to browse the website after giving consent, the IAB TCF will still treat it as a non-consent given user, this is because the IAB TCF will always first look if a CMP is present before checking if the user has a consent string.

To summarize, if you implement the CMP in your (Google) Tag manager, you might be non-compliant because you might load vendors that did require consent and you lose at least your 1st pageview after consent for monetization.

Helpful links

Transparency and Consent Framework's documentation specifying the the "CMP present" and "CMP loaded" commands:

How can callers determine if there is a CMP present?

How can callers determine if the CMP script is loaded yet?

Prebid uses the consent information collected by IAB compliant CMPs through the standard CMP JS API. The Consent Information is then passed to the Bidders and Vendors that are registered with the IAB.

In order to enable CMP to support Prebid, follow these steps:

  1. Add the consent management module to Prebid.

  2. Make sure that the consentManagement module is being added to your Pre Bid build by downloading a build that includes the GDPR ConsentManagement module from


    Make sure to download v3.14 or higher Prebid.js script for the Web Platform in order to be supported by IAB TCF v2.0.

Alternatively, you can build your own Prebid from source and include the GDPR ConsentManagement module.

Please view TCF v2.0 Examples with reference to the documentation from Prebid which describes how to add a cmpAPI: “IAB”

Example 1: IAB CMP using custom timeout and setting GDPR in-scope by default

var pbjs = pbjs || {};
pbjs.que = pbjs.que || [];
pbjs.que.push(function() {
consentManagement: {
gdpr: {
cmpApi: 'iab',
timeout: 8000,
defaultGdprScope: true

GDPR Enforcement Module

The GDPR enforcement module will ensure that the Prebid and Third Parties listen to the TC String. This means that this module will enforce the End Users' choices. For details about this module , we recommend you review

Cookie name:


Expiration date:


Cookie name for additional vendor consent.

395 days


Cookie name for global consent string of the IAB Transparency Consent Framework.

395 days


Cookie name for consent string of Google Additional Consent Mode.

395 days


An Audit ID that publishers and consumers can reference to retrieve historical consent.

395 days


Configuration version number used by the CMP.

395 days


Value to report on last active user session.

395 days


True/false for user to be registered as 'daily active user' for reporting purposes.

24 hours


True/false for logs to be sent to back-end for reporting purposes.

24 hours


Geo location of the end-user during last active session for reporting purposes.

24 hours

LiveRamp Privacy Manager uses a SaaS model based on the monthly sum of Daily Active Users (DAUs), i.e. the total number of unique users on a given day. For example, if a user visits the same site five times in three days, they would be counted three times within the sum of DAUs that month—once for each day they visited the site.

See "Calculate Daily Active Users in Google Analytics" for instructions.

Google Analytics (from the GTAG.js script) supports the Transparency and Consent Framework v2. For Google Analytics to comply with TCF you will need to implement window['gtag_enable_tcf_support'] = true before any calls to gtag() are made.

More information can be found here.

Place the following string in any topic description text to link to the purpose overview or vendor overview screen:

${openTab(1, 'Link text')}.

The first argument, 1 is for the vendors overview , 0 is for purposes.