Treasure Data's SDK enables compliance with many common requirements of the EU's GDPR laws. Several methods have been enabled to help you comply with newer and more stringent data privacy policies:
blockEvents/unblockEvents- non-argument methods to shut down or re-enable all sending of events to Treasure Data. No messages will be sent, no calls will be cached. Default is for events to be unblocked. See these methods:blockEvents,unblockEvents,[areEventsBlocked](<https://github.com/treasure-data/td-js-sdk#treasureareeventsblocked>).setSignedMode- non-argument method to enter "Signed Mode", where some PII may be collected automatically by the SDK. The data sent to Treasure Data will includetd_ip,td_client_id, andtd_global_id, if specified. See this method:[setSignedMode](<https://github.com/treasure-data/td-js-sdk#treasuresetsignedmode>).setAnonymousMode- non-argument method to enter "Anonymous Mode", where PII will not be collected automatically by the SDK. These data will specifically omittd_ip,td_client_id, andtd_global_id, if specified. This is the default behavior. See this method:[setAnonymousMode](<https://github.com/treasure-data/td-js-sdk#treasuresetanonymousmode>).resetUUID- method to reset thetd_client_idvalue. This will overwrite the original value stored on the user's cookie, and will likely appear in your data as a brand-new user. It's possible to specify a client ID while resetting, as well as custom expiration times by passing appropriate values. See this method:[resetUUID](<https://github.com/treasure-data/td-js-sdk#treasureresetuuid>).
A new configuration property has also been added: config.startInSignedMode. This configuration option tells the SDK that, if no express decision has been made on whether the user wants to be in Signed or Anonymous modes, it should default into Signed Mode. The default behavior is to default the user into Anonymous Mode.
Suppose a user accesses your site, and you need to know if they have agreed to web tracking for marketing purposes. You have a contract with a Consent Management Vendor to maintain this information and once you know their consent information you want to set web tracking.
var foo = new Treasure({
database: 'foo',
writeKey: 'your_write_only_key'
});
td.trackClicks()
var successConsentCallback = function (consented) {
if (consented) {
td.setSignedMode()
} else {
td.setAnonymousMode()
}
}
var failureConsentCallback = function () {
// error occurred, consent unknown
td.setAnonymousMode()
}ConsentManagementVendor.getConsent(userId, successConsentCallback, failureConsentCallback)
The Consent Management Vendor returns a true or false value in the callback based on whether or not the user associated with the userId has consented to their Personally identifiable information (PII) being used for marketing purposes. Non-PII data may still be collected.
Additionally, suppose your Consent Management Vendor provides strings based on the consent level: MARKETING, NON-MARKETING, REFUSED, for "Consented to PII being used for marketing purposes", "Consented to data being collected for non-marketing purposes", and "Refused all data collection". There's only a minor change to make in the successConsentCallback:
var successConsentCallback = function (consented) {
if (consented === 'MARKETING') {
td.unblockEvents()
td.setSignedMode()
} else if (consented === 'NON-MARKETING') {
td.unblockEvents()
td.setAnonymousMode()
} else if (consented === 'REFUSED') {
td.blockEvents()
}
}The code, when written this way, for Signed or Anonymous mode, you collect data in Treasure Data. If the customer has refused all tracking, their events are blocked, and this status is persisted across page refreshes.