Universal Vendor List
The consent that is managed in the individual Privacy Manager configurations is accessible in the Universal Privacy Manager API. This makes the integration of Privacy Manager for the conditional firing of tags a lot easier. Consent data attributes like purposes, data categories, and vendors from the “local” Privacy Managers are mapped to universal purposes and vendors. This section provides insight into the mappings.
Universal Purposes Mapping
The table below shows all Privacy Manager purposes mapped to the universal purposes.
Note
The Global Privacy Manager uses the universal purposes, so no mapping is used.
ID | Name |
---|---|
10000 | Store and/or access information on a device |
10001 | Strictly Necessary |
10002 | Functional |
10003 | Analytics |
10004 | Marketing |
10005 | Personalization |
10006 | Social Media |
CCPA Mapping
The table below shows the CCPA purposes and data categories mapped to the universal purposes.
ID | Name | CCPA - Purposes | CCPA - Data Category |
---|---|---|---|
10000 | Store and/or access information on a device | 8 | 1,2,3,4,5,6,7,8,9,10 |
10001 | Strictly Necessary | 2,3,5,7 | 1 |
10002 | Functional | 4,5,7 | 1,4,5,9 |
10003 | Analytics | 1,6,9 | 1 |
10004 | Marketing | 8,10,9 | 1,5,8 |
10005 | Personalization | 8,9, 10 | 1,5,8 |
10006 | Social Media | 8,10 | 1 |
Example: If the user opted out of CCPA purpose “9”, then Universal Privacy Manager API will return “false” for purposes “10003” and “10004”.
CCPA - Purposes and Data Categories
The tables below show an overview of all purposes and data categories on the CCPA vendor list.
CCPA - Purposes
ID | Name | Description |
---|---|---|
1 | Auditing Interactions with Consumers | Auditing includes counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and other compliance auditing with regard to concurrent transactions. |
2 | Security | Security involves detecting security incidents, protecting against malicious or fraudulent activity, and prosecuting offenders |
3 | Debugging/Repair | Debugging relates to the identification and repair of impairments to intended, existing functionality. |
4 | Certain Short-term Uses | Short-term, transient uses are a business purpose provided that the personal information is not disclosed to another third party, not used to build a profile about a consumer, or alter an individual’s experience outside the current transaction (including contextual ads as part of the same interaction). |
5 | Performing Services | The services performed may be either by the business or a service provider. These services include “maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services. |
6 | Internal Research for Tech Development | Allows for research into technological development and demonstration. |
7 | Quality and Safety Maintenance and Verification | The quality and safety business purpose includes activities related to the improvement, upgrade or enhancement of the service or device owned, manufactured, manufactured for, or controlled by the business. It also includes the verification or maintenance of the quality or safety of a service or device. |
8 | Selling | Selling means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating personal information for monetary or other valuable consideration. |
9 | Operating our Website(s) | To track your use of our websites and tailor your web experience. To monitor and improve our website and services. |
10 | To market our products and services to you |
|
CCPA - Data Categories
ID | Name | Description |
---|---|---|
1 | Identifiers | Such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers. |
2 | Biometric data | Such as fingerprints and facial recognition data. |
3 | Internet or network activity data | Such as IP addresses, browsing history, search history, and interactions with online sites, apps or advertisements. |
4 | Commercial information | Including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
5 | Geolocation data | Information that can be used to identify an electronic device's (historic) physical location. |
6 | Professional or employment-related information. | Information about an individual’s educational or professional career job titles, salary, work history, school attended, employees, employment history, evaluations, references, interviews, certifications, disciplinary actions, etc. |
7 | Education information | Information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99). |
8 | Inferences | Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
9 | Categories from CA Civil Code 1798.80 | Name, address, telephone number, employment, credit card number, debit card number, or any other financial information |
GDPR Mapping
The table below shows the GDPR purposes (both TCF and Custom) mapped to the universal purposes.
ID | Name | GDPR - Purpose | GDPR - Special Feature |
---|---|---|---|
10000 | Store and/or access information on a device | 1 | |
10001 | Strictly Necessary | 25 | |
10002 | Functional | 26 | 1 |
10003 | Analytics | 7,8,9,10,27 | |
10004 | Marketing | 2,3,4,5,6,7,28,30 | 1,2 |
10005 | Personalization | 3,4,5,6,29,31 | 1,2 |
10006 | Social Media | 29 |
Example: If the user opted out of GDPR purpose “7” then Universal Privacy Manager API will return “false” for purposes “10003” and “10004”.
GDPR Purposes and Special Features
The tables below show an overview of all GDPR purposes and special features (both TCF and Custom).
GDPR - Purposes
ID | Name | Type | Description |
---|---|---|---|
1 | Store and/or access information on a device | TCF | Vendors can:
|
2 | Select basic ads | TCF | To do basic ad selection, vendors can:
|
3 | Create a personalized ads profile | TCF | To create a personalized ads profile vendors can:
|
4 | Select personalized ads | TCF | To select personalized ads vendors can:
|
5 | Create a personalized content profile | TCF | To create a personalized content profile vendors can:
|
6 | Select personalized content | TCF | To select personalized content vendors can:
|
7 | Measure ad performance | TCF | To measure ad performance vendors can:
Vendors cannot:
|
8 | Measure content performance | TCF | To measure content performance vendors can:
Vendors cannot:
|
9 | Apply market research to generate audience insights | TCF | To apply market research to generate audience insights vendors can:
Vendors cannot:
|
10 | Develop and improve products | TCF | To develop new products and improve products vendors can:
|
25 | Strictly Necessary Cookies | Custom | These cookies are necessary for the website to function and do not store personally identifiable information. They are usually set in response to user actions to enable key features like setting and maintaining logins or privacy preferences. These cookies typically can’t be switched off, however, certain browsers can block or alert you about these cookies. Be aware that blocking these cookies will affect site functionality. |
26 | Functional | Custom | These cookies enable a better user experience via enhanced features such as personalization. If these cookies are disabled, some or all of these features may be adversely affected. |
27 | Analytics | Custom | These cookies collect anonymous, aggregated data and enable us to identify our most popular pages and content to improve our site and the experience we offer visitors. Disallowing these cookies negatively affects our ability to improve our products and services. |
28 | Advertising | Custom | These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. |
29 | Social Media | Custom | These cookies enable visitors to share our content with their friends and social networks. They may track activities across websites to build a user profile to offer more relevant content on other sites visited. |
30 | Direct Marketing | Custom | Direct Marketing cookies allow us to combine email addresses with other available information to enable advertisers to reach users via an email newsletter. This provides us greater control over the information available to advertisers and allows us to set clear expectations around these emails. Consenting to this purpose helps us fight spam. |
31 | Data Sharing | Custom | Sharing of segment data and modeling information with selected vendors. The vendor can combine data segment and modeling information with their own data to reach the target groups that are likely to be interested in the products or services offered by the vendor. An individual cannot be directly identified from this data. Data are stored only for a short period of time to execute the campaign. |
GDPR - Special Features
ID | Name | Type | Description |
---|---|---|---|
1 | Use precise geolocation data | TCF | Vendors can:
|
2 | Actively scan device characteristics for identification | TCF | Vendors can:
|