For Consent Management Platform. The CMP is a dedicated technological platform specifically to the collection, recording, return and proof of consents given by Internet users / mobile users in the field of personal data, on the various digital platforms (websites, applications, TV connected, etc). It also ensures the transmission of consent parameters from end users to all partners wishing to use this collected data and for which the authorization request has been submitted.
Designates any manifestation of will, free, specific, enlightened and unambiguous by which the person concerned accepts, by a declaration or a clear positive act, that personal data concerning them are processed, as defined by the Personal Data Regulations. The latter must be obtained before deposit and reading of cookies or tracers on the digital platform used by the Internet user / mobile user. Consent is not a new concept, since it was already included in the Data Protection Act then in the ePrivacy directive. However, theGDPR completes its definition and clarifies this concept on certain aspects, in order to allow data subjects to exercise real and effective control over the processing of their data. Consent is one of the 6 legal bases provided for by the GDPR authorizing the implementation of personal data processing with legal obligation, contract, the public interest mission, the protection of vital interests and the legitimate interest.
Data collected on the user's device for which there is no need for system permission. This data is basic and non-intrusive. Examples: manufacturer, OS, version, etc...
It is any information relating to a natural person likely to be identified or identifiable, directly (example: surname or first name) or indirectly (example: a number identifier, biometric data, voice or image). Identification of a person can be produced from a single data (for example: a name, a fingerprint, a postal address, email address, telephone number, social security number, etc) or from a crossing of a set of data (example: a man having such profession, living at such address and born on such day).
This is the name we give to the consent collection window that is displayed on all digital platforms (websites, applications, connected TV, etc.), collecting personal data. This window informs and requests consent to file cookies / trackers on the user's computer / phone / TV (etc.). Via this notice, the user is able to make his choices in an informed way by knowing the whole the partners and the purposes for which these cookies or tracers are placed. This window must meet the requirements of the GDPR, the ePrivacy directive as well as theCNIL guidelines and recommendations. For example: the presence of the “All accept ”,“ Refuse all ”and“ Personalize my choices ”.
Publishers provide capacity and inventory, in their applications or websites, which allow advertisers to serve advertisements. They are the ones who must directly obtain the consent of their visitors. In the IAB Framework, publishers are digital media that publishInternet content or mobile applications. The editors represent the first part, that is, the website or application that the user has sought to access.
what is more generally known as a cookie, i.e. the reading and/or writing of information on a user terminal, whether on a computer's browser, a smartphone, a voice assistant, a connected TV, or any other connected object.
The tracers are for example :
the result of the calculation of a unique fingerprint of the terminal in the case of fingerprinting (calculation of a unique identifier of the terminal based on elements of its configuration for tracing purposes),
invisible pixels or web bugs,
any other identifier generated by a software or operating system (serial number, MAC address, Unique Terminal Identifier (UTI)), or any data set that is used to calculate a unique terminal fingerprint (e.g. via a "fingerprinting" method).
The "Commission Nationale de l'Informatique et des Libertés"(CNIL) was created by the French Data Protection Act of January 6, 1978. It is responsible for ensuring the protection of personal data contained in computer files and processing or paper, both public and private. Thus, it is responsible for ensuring that information technology is at the service of the citizen and that it does not infringe on human identity, human rights, privacy, or individual or public freedoms. The CNIL is an independent administrative authority (AAI), i.e. a public body that acts on behalf of the State, without being placed under the authority of the government or a minister. It is composed of 18 elected or appointed members and is supported by services. Its role is to warn, advise and inform the public at large, but it also has the power to control and sanction.
European Directive of 12 July 2002 on the protection of privacy in the electronic communications (2002/58). This European directive aims to specifically protect life private on the Internet. It was transposed and integrated into the Data Protection Act in 2004.
Created in 1978, modified in 2004 then in 2019 to integrate the ePrivacy directive then theGDPR. It regulates all the processing of personal data. It applies therefore to all sectors that use personal data as part of their activities. Several provisions are included in this law, namely:
The obligation to declare files containing personal data to the CNIL,
The prohibition of collect sensitive data, i.e. relating to religion, health,policy, etc. (with exceptions),
The principle of fair data collection,
The obligation ensure the security of all data collected,
The obligation to inform individuals concerned with the collection of their data,
The right to access, modify and deletion of the data in question
The acronym GDPR stands for " General Data Protection Regulation ". The GDPR regulates the processing of personal data on the territory of the European Union, since May 2018. The context legal adapts to follow the evolutions of technologies and our societies (uses increased digital, development of online commerce, etc.). This new regulation European law is a continuation of the French Data Protection Act of 1978 and strengthens the control by European citizens of the use that can be made of data concerning them. It harmonizes the rules in Europe by providing a legal framework unique to professionals. It allows them to develop their digital activities within the EU based on the trust of users. Any organization, whatever its size, its country of establishment and its activity may be concerned. Indeed, the GDPR applies to any organization, public and private, which processes personal data on its behalf or not, therefore:
that it is established on the territory of the European Union,
or that its activity directly targets European residents
For Accelerated Mobile Pages, is a publishing format created by Google to accelerate the display of pages on mobile devices.
On iOS, user consent for ad tracking is managed by the AppTrackingTransparency (ATT) system. App developers will now be required to use the AppTrackingTransparency framework if their app collects user data and shares it with third parties for tracking purposes between apps and websites. If the user does not actively accept ATT, IDFA will not be available and app tracking across websites and apps will be prohibited.
For Monthly Active Users / Unique users. This is the monthly number of active users.
For Service Level Agreement, is a contract or part of a contract by which an IT provider undertakes to provide a set of services to one or more clients. In other words, it is a contractual clause that defines the precise objectives and the level of service that a customer is entitled to expect from the signatory service provider.
For Key Performance Indicator, is an encrypted element that must be determined before launching an action, in order to assess its impact and determine the ROI (return on investment). The analysis takes into account several KPIs to estimate, for example, the number of clicks to calculate the open rate of an e-mailing in digital marketing or the rate of subscription to a product.
Through AppConsent, the customer can create customer-specific and non-IAB purposes to be included in the consent form or not, in the latter case they will be called floating purposes.
Through AppConsent, customers can add their non-IAB partners to the IAB by linking them with IAB or non-IAB purposes.
For Global Vendors List, corresponds to the register of vendors participating in the framework of the TCF. All sellers, including sell-side platforms (SSP), demand-side platforms (DSP), ad servers, and data management platforms used on a publisher's site can apply to be part of the GVL.
For Interactive Advertising Bureau is an international association created in 1998, bringing together Internet advertising players and whose mission is threefold: to structure the digital advertising market, promote its use and optimize its efficiency.
An IAB purpose is one of the 12 collection purposes defined by the IAB.
Store and/or access information on a device
Select basic ads
Create a personalised ads profile
Select personalised ads
Create a personalised content profile
Select personalised content
Measure ad performance
Measure content performance
Apply market research to generate audience insight
Develop and improve products
Ensure security, prevent fraud, and debug
Technically deliver ads or content
A stack is a defined group of IAB purposes. In total, the IAB has defined 42 of them. This list is to be found on the IAB website.
For Transparency & Consent Framework developed under the aegis of IAB Europe, proposes common rules to be adopted when processing personal data or accessing and / or storing information on a user's terminal , such as cookies, advertising identifiers, device identifiers and other tracking technologies. The aim is therefore to provide users with greater transparency on the use which is made of their personal data, as well as to collect their consent and transmit it to all the advertising actors identified in the GVL. In practice, the IAB Framework functions as a system for communicating the state of user consent between first parties (i.e. publishers), third parties (i.e. advertisers) and the consent management provider (i.e. CMP) used on the Part 1 website.
In the IAB Framework, these are the third party advertisers with whom the publisher has chosen to partner. Sellers post third party content on the publisher's website or application. They are the ones who place marketing cookies or trackers on the end user's browser or application, in order to display relevant advertisements to potential customers.
Developed in 2008, the blockchain is primarily a technology for storing and transmitting information. This technology offers high standards of transparency and security because it operates without a central control unit. More concretely, the blockchain enables its users - connected in a network - to share data without intermediaries.
Understanding of the environmental impact of products and technological infrastructures as soon as they are built.
The controller must ensure the highest level of protection for data subjects by default, which implies that security and protection measures must be taken systematically in the event of processing involving personal data.
A concept that requires companies to integrate the principles of the GDPR into the design of a project, service, or any other tool related to the handling of personal data. The idea is to impose that every new technology designed to handle personal data must be designed to provide a high level of data protection.
All data collected is anonymized, encrypted, and hashed, which ensures security in processing and data integrity.
User Experience Design, is a set of methods whose objective is to place the human being at the heart of the design process by identifying his needs and constraints in a given context.
A/B testing is a process for testing the impact of a change in the version of a variable on the achievement of an objective (click, validation, etc.).
This feature allows you to present a consent window to a specific group of people by knowing their identifiers.
With this feature, the customer can choose the identifier associated with the user's consent.
This feature allows customers to revert to earlier versions of their records with one click.
This AppConsent feature provides a first-level scan of cookies deposited on a website.