Excel format reference
The Excel export of a report provides detailed information about the compliance status of a given website or application. It includes both high-level metrics (compliance and security scores, privacy policy, user consent information, etc.) as well as low-level data (HTTP requests, list of cookies, dependencies between domains, etc.).
An Excel file can be generated in the Didomi Console by clicking on the "Excel" button available on every report. The Excel file includes all the information for the report period.
This section is a full reference of the content of the Excel file, sheet by sheet:
Pages: The pages that were visited by our bots in the report period
Website - Cookies: First-party cookies set by the pages and website
Website - Compliance: Compliance requirements of the website
Vendors - Cookies: Third-party cookies set by the vendors
Vendors - Initiators: Dependencies between vendors
Vendors - Security: Security information of each vendor
Vendors - Requests: HTTP requests sent to vendors
This sheet lists all the pages that were visited by our bots during the report period.
Column | Type | Description | Example |
Date | Date | The date and time when the page was browsed | 1/9/2018 2:41:43 AM |
URL | URL | The full URL of the page that was browsed | |
Title | String | The title (content of the | Privacy management platform - Didomi |
This sheet lists all the cookies set on the original domain (the one that is being browsed by our bot). These are called "first-party" cookies and include both the cookies set by the website itself as well as cookies set by third-parties embedded on the website via JavaScript.
Column | Type | Description | Example |
Page URL | URL | The URL where the cookie was set | |
Cookie Domain | String | The domain that was used when setting the cookie | didomi.io |
Cookie Name | String | The name of the cookie | uuid |
Lifetime | Integer | The lifetime of the cookie, in seconds | 3600 |
Sample | String | A sample of content extracted from the cookie | a8fbf13f-419b-498e-919c-e60071501cea |
This sheet lists the compliance requirements of the property. It's an exact representation of the metrics displayed in the "Website" tab of reports in the Didomi Console.
Column | Type | Description | Example |
Requirement | String | The name of the metric | Privacy/Privacy Policy/Present |
Result | Boolean | Whether the requirement is met or not | TRUE |
Here is a full list of the requirements that are available in the Excel export:
User Consent
Privacy/User Consent/Information about cookies on the home page: Is the website correctly informing the user about their use of cookies? (usually with a cookie banner/notice)
Privacy/User Consent/Honoring user choice: Are cookies set on the user browser after they agree to the website use of cookies?
Privacy/User Consent/Cookie lifetime below 13 months: Is the lifetime of all cookies below 13 months?
Privacy Policy
Privacy/Privacy Policy/Present: Does the website have a dedicated privacy policy? (not included in the "terms and conditions" section)
Privacy/Privacy Policy/Present on all pages: Is the website privacy policy available on all pages?
Privacy/Privacy Policy/Explicit about cookies: Does the privacy policy include a full list of all cookies set by the website and their use?
Privacy/Privacy Policy/Explicit about vendors: Does the privacy policy include a full list of vendors setting cookies on the website?
Privacy/Privacy Policy/Offers opt-out: Does the privacy policy offer an easy way to opt out from cookies globally and for each vendor?
Security
Security/Certificate/Valid: Does the website have a valid SSL certificate?
Security/Certificate/Trusted: Does the website have a trusted SSL certificate? (ie the whole certificate chain is trusted by most common browsers)
Security/Protocols/TLS1.2: Does the website SSL implementation support TLS1.2?
Security/Protocols/ForwardSecrecy: Does the website SSL implementation support perfect forward secrecy?
This sheet lists all the cookies set by vendors on their own domains (so-called "third-party cookies") when they are embedded on a page of the monitored website.
Column | Type | Description | Example |
Vendor | String | A unique ID of the vendor | doubleclick |
Page URL | URL | The URL of the page where the cookie was set for the first time | |
Cookie URL | URL | The URL of the request that set the cookie | |
Cookie Domain | String | The domain on which the cookie was set | doubleclick.net |
Cookie Name | String | The name of the cookie | test_cookie |
Lifetime | Integer | The lifetime of the cookie, in seconds | 3600 |
Sample | String | A sample of content extracted from the cookie | CheckForPermission |
This sheet presents the dependencies between vendors (what vendor included what other vendor on the page).
Column | Type | Description | Example |
Vendor | String | A unique ID of the vendor | doubleclick |
Initiator | String | A unique ID of the vendor ("Initiator") that loaded the vendor indicated in the "Vendor" column. A special value "Website" is used to indicate that the vendor was loaded by the website itself | google-analytics |
This sheet presents the security information for each vendor found in the pages that our bots visited.
Column | Type | Description | Example |
Vendor | String | A unique ID of the vendor | doubleclick |
Vendor host | String | A host (domain name + port) used by the vendor. If a vendor uses multiple hosts, each host will be listed and will have dedicated security information | doubleclick.net |
Valid certificate | Boolean | Does the host have a valid SSL certificate? | TRUE |
Trusted certificate | Boolean | Does the host have a trusted SSL certificate? (ie the whole certificate chain is trusted by most common browsers) | TRUE |
Support for TLS1.2 protocol | Boolean | Does the website SSL implementation support TLS1.2? | TRUE |
Perfect forward secrecy | Boolean | Does the website SSL implementation support perfect forward secrecy? | TRUE |
This sheet lists all the HTTP requests sent to vendors by any of the pages visited by our bots.
Column | Type | Description | Example |
ID | String | A unique request ID | 14adb7cd-f0e4-4919-a1f8-01afedf837b9 |
Date | ISO 8601 date | The date/time when the request was sent | 2018-01-09T02:41:42.814Z |
Vendor | String | The unique ID of the vendor that the request is sent to | doubleclick |
Page URL | URL | The URL of the page where the request was captured | |
Request URL | URL | The full URL of the HTTP request | |
Is Tag? | Boolean | Is this HTTP request considered a tag? | TRUE |
Tag type | ENUM(js, img, other) | The type of resource loaded by the request (JavaScript, Image or Other) | js |
Initiator - URL | URL | The URL that initiated this HTTP request. For instance, if a | |
Initiator - Vendor | String | The ID of the vendor that initiated this HTTP request. A special value "Website" is used to indicate that this request was initiated by the website itself | Website |
Loading time | Decimal | The total execution time of the HTTP request (DNS request, connection, send, wait, etc.) in seconds | 0.018706 |
What is a tracking tag?
What we call a tracking tag is an HTTP request that is used by a vendor for tracking/targeting purposes. For instance, we try to identify all the requests that adblockers would block. There is no exact definition of what constitutes a tag and there is surely no perfect way to identify them.
We do our best to classify requests as tags when possible to get an estimate of how many tags are embedded on webpages. We use rules like: the format of the HTTP response (image, JavaScript), the size of the response, the query-string parameters, the domain, etc.