Our partners can receive TCF 2.0 GDPR consent parameters in their ID syncs with us. The following is the logic used to populate those consent parameters. (If you are an AAM partner and you wish to update your ID sync to receive those parameters, follow the instructions in this article.)
Adobe is a data processor and the AAM customer is responsible for collecting consent and passing it to AAM by enabling IAB collection in the ECID SDK (that's the Adobe ID SDK that customers add to their websites/mobile apps).
When customers enable this, Adobe will check for the gdpr applies flag and pull in the consent string. If consent is present, Adobe:
- Conveys consent to third parties in ID syncs (by passing gdpr and the consent string as gdpr_consent on ID sync calls).
- Evaluates and honors consent passed from ad server pixels.
- Honors partner-initiated ID syncs.
When consent is not present, Adobe:
- Does not store any new user data in the customer's instance. This includes partner IDs, signals, traits, or pixel data.
- Does not initiate 3rd party ID syncs.
- Does not honor partner-initiated ID syncs.
- Opts out the user from further data collection.
When the AAM customer has not turned on their IAB collection, Adobe:
- Will still collect the consent parameters (gdpr and gdpr_consent) when present
- Will evaluate the consent string and update the consent strings in the id sync urls
- Will not initiate ID syncs if consent is not present
When there is no CMP present:
- Adobe will evaluate whether the IP address is from EU when possible and update the gpdr value = 1
- Since no consent string exists, it will not have any value