Seeking User Consent

In this article

A guide to user consent in Permutive, how to receive consent, and allow users to opt-out of tracking. 

Default Consent

By default, Permutive assumes the data controller has consent to track their users’ data, which we call consent-by-default. In this configuration mode, collection of user data starts the first time Permutive’s SDK loads without requiring a consent token be passed by the controller for the user.

Consent-by-token

As a data controller, you may need to receive consent from the user before tracking data against them.

Permutive offers data processors a consent mechanism for this use-case, which we call consent-by-token. In this configuration mode, no user data is collected until the data controller has received consent from the user and passed the user’s consent token to the Permutive SDK. Once the Permutive SDK has been granted consent for this user, the SDK will start collecting user data from this moment on. The user can revoke this consent at any point.

To configure your Permutive SDK in consent-by-token mode, set the consentRequired configuration field to true:

<script>
  !function(n,e,o,r,i){ ... }(document, window.permutive, PROJECT_ID, API_KEY, { "consentRequired": true });
  permutive.addon("web", { page: {
    // ...
  }});
</script>

No user data will be tracked by the SDK until it receives a consent token for the user. 

Once you have obtained consent for the user, consent can be passed to Permutive by calling the SDK consent method with the consent token as below. From this point on, the SDK will track user event data — or until the user wishes to opt out.

permutive.consent({ "opt_in": true, "token": "YOUR_CONSENT_TOKEN_HERE" });

The consent token can have any value. Generally, this is used if an ID gets generated when the user gives consent via a Consent Management Platform to provide some transparency, but the actual value has no meaning to Permutive. As long the opt_in is true and the token is not null, we consider the consent to be given.

Some of our customers set a fixed value ie:  {"opt_in":true,"token":"CONSENT_CAPTURED"}

Opt-out

You may choose or be required to offer users the option to opt out of tracking. All future tracking is then disabled for the user until the point they opt back in.

Whether the SDK is configured in consent-by-default or consent-by-token mode, a user can be opted out by setting the consent opt-in field to false:

permutive.consent({ "opt_in": false });

 Note: Read more about Permutive and user privacy here: Privacy and Compliance

If you have any questions, please contact customer support by emailing support@permutive.com or chat to the Customer Operations Team via the LiveChat icon in the bottom right corner of your screen.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request