How to integrate TCF

In order for ExoClick and its clients to comply with GDPR and the ePrivacy Directive, ExoClick has implemented TCF.

What is TCF?

The IAB’s Transparency and Consent Framework is the most common communication standard for the ad tech industry when it comes to meeting some of the requirements of GDPR & the ePrivacy Directive. It comprises Policies, User Interface (Consent Management Platforms), a list of participants (Global Vendors List), and a technical framework.

What is a TC String?

Technically, TCF relies on the Transparency & Consent String (TC String). It contains all the user choices when it comes to accessing or storing information on their device and the use of their personal data as well as the publisher preferences when it comes to vendor use of data. In this way, it serves as a means of communication within the TCF.

The TC String can be communicated either via OpenRTB (e.g. in a bid request) or in the following URL parameters:

• gdpr: contains a flag (0,1) that informs if GDPR & ePrivacy applies.
• gdpr_consent: contains the TC String (base64 string).

What pieces of information are stored in the TC String?

• Metadata concerning the consent (version of the TC String, last update, version of the provider list, etc.)
• The purpose for which the providers may use the data.
• Which providers have received the user’s consent.

What are the purposes used by ExoClick?

The TCF Purposes that ExoClick uses are listed in section 3. e of its Privacy Policy.

Why use a CMP?

By using a Consent Management Platform (CMP), Publishers can collect the consents from their end users. Through the help of the CMP, the TC String is created and forwarded from the publisher’s side to ExoClick. Thereby the respective consent status is openly visible for all participants of the chain.