Didomi - Developers documentation
  • Introduction
  • SDKs
    • Introduction
    • Web SDK
      • Getting started
      • Tags and vendors management
        • Tags management
          • Events & Variables
            • Deprecated
            • Custom events
          • Tag managers
            • Adobe Launch/DTM
            • Eulerian
            • Google Tag Manager
              • Configure the Didomi / GTM integration
              • Didomi's GTM template
            • Tealium
            • Other tag managers
        • Custom Didomi <script> tags
        • Third-party integrations
          • Google Ad Manager / AdSense
            • GDPR via Non-Personalized Ads
              • Share consent and load/refresh ads
              • Share consent without loading or refreshing ads
            • US states laws
          • Google Consent Mode V2
          • Kameleoon
          • Piano Analytics (AT Internet)
          • Prebid
            • GDPR via IAB TCF
            • US states laws
          • Salesforce DMP (Krux)
        • IAB frameworks
        • Programmatic API
      • Configuration
        • Bots (SEO & Performance tools)
        • Configuration by URL
        • Cookies and storage
        • Custom domains for events
        • Notice
          • Behavior
          • Interactions
          • Look and feel
        • Preferences
        • Theme
      • AB tests
      • Custom domain
        • Domain delegation
        • Reverse proxy
      • Share consents between domains
      • Share consents across devices
      • Pass user choices in query string
      • Serve Didomi assets from your domain
      • Reference
        • API
          • Deprecated
        • Events
      • Performance
    • Mobile and TV SDKs
      • Android and Android TV
        • Setup
        • Logging
        • Reference
          • API
            • Deprecated
          • Events
        • Versions
      • iOS and tvOS
        • Setup
        • Logging
        • App Tracking Transparency (iOS 14.5+)
        • Reference
          • API
            • Deprecated
          • Events
        • Versions
      • Unity
        • Setup
        • Reference
        • Versions
        • Troubleshooting
      • React Native
        • Setup
        • Reference
          • Deprecated
        • Versions
      • Flutter
        • Setup
        • Reference
        • Versions
      • Consent notice
        • Getting started
        • Customize the notice
        • Customize the preferences popup
        • Customize the theme & UI
        • Load notice by ID
      • Third-party SDKs
      • Share consents across devices
      • Share consent with WebViews
      • Google Consent Mode v2
      • FAQ
    • AMP SDK
      • Blocking Behaviors
        • Load immediately on page load
        • Load only after consent (positive or negative)
        • Load only after positive consent
      • Consent status for vendors
    • Help & Support
  • API
    • Introduction
      • Authentication
      • Errors
      • Pagination
      • Filters
      • Caching
      • Rate limiting
      • Quotas
      • Translations
    • Data Manager
      • Regulations
      • Configuration Tree
      • Purposes
        • Purposes & Vendors Numerical IDs
      • Preferences Library
      • User Rights
    • Widgets
      • Consent notices
        • Notices
        • Configurations
        • Multi-Regulation Configurations
          • Migration of Existing Notices and API Updates
        • Deployments
        • Tutorials
          • Create and publish a consent notice
          • Create and publish a multi-regulation consent notice
      • Privacy widgets
        • Create a widget
        • Retrieve widgets
        • Edit a widget
          • Content & Design
            • Themes & Shapes
            • Components
              • auth
              • dsar_form
              • footer
              • header
              • preference
              • preference_value
              • save
              • section
              • sections
            • Options
          • Purposes & preferences
          • Settings
        • Deploy a Widget
          • Use your own subdomain
          • Use your own domain
          • Implement an embeddable widget on your website
        • Authentication
          • Manage authentication providers
          • Authenticate your end-user
        • Archive a widget
        • Headless widgets
          • Public Methods
          • Custom elements
          • Custom events
          • Event listeners
        • Tutorial
          • Launch a Preference Center from a mobile app
    • Compliance Reports
      • Properties
      • Reports
      • CSV format reference
      • Websites
    • Consents and Preferences
      • Events
        • Generate IAB TCF consent string
      • Links
      • Proofs
      • Tokens
      • Secrets
      • Users
      • Tutorial
        • Collect and operate data
    • Privacy Requests
      • Requests
      • Notes
      • Links
      • Emails
  • Integrations
    • Introduction
      • Quotas
    • Generic integrations
      • Batch export
        • Destinations
          • AWS S3 Bucket (owned by Didomi)
          • GCP Storage Bucket
        • Exported data
          • Notices consents
        • Logs
      • Webhooks
      • Batch import
      • Analytics export
        • Destinations
          • AWS S3 Bucket (owned by Didomi)
          • GCP Storage Bucket
    • Third-party apps
      • CMP integrations
        • Didomi-mParticle integration for your CMP
        • Deploy Didomi’s SDK for your Adobe Commerce website
      • Preference Management Platform integrations
        • Actito
        • Adobe Campaign Classic
        • Adobe Experience Cloud
        • Adobe Marketo Engage
        • Adobe Source Connector
        • Braze
        • Dotdigital
        • Hubspot
        • Mailchimp
        • Microsoft Dynamics 365
        • Salesforce Marketing Cloud
        • Salesforce Sales & Service Cloud
        • Selligent
        • Brevo (ex Sendinblue)
    • Tutorials
      • Configure a HTTP webhook
      • Configure a batch export
      • Configure an analytics export
    • Emailing
      • Configurations
        • Actito Email
        • Actito SMS
        • Adobe Campaign Classic
        • Adobe Campaign Standard
      • Emails
        • Templates
        • Manage your templates
Powered by GitBook
On this page
  • Window for recollecting consent
  • Recollect consent after a certain date
  • Consent expiration
  • Expiration for denied consent
  • Vendors and purposes
  • Notice country
  • Configuration by user country
  1. SDKs
  2. Web SDK
  3. Configuration
  4. Notice

Behavior

Window for recollecting consent

By default, consent is automatically re-collected and the notice is displayed again in three cases:

  • After 13 months (maximum acceptable cookie lifetime)

  • When the user clears they browser cookies

  • When a new vendor is added in your tag configuration or in the IAB vendors list (if you choose the option all)

The third case (a new vendor is added) can happen pretty often so you have the option to choose a number of days during which the notice will not be displayed even though there are new vendors to collect consent for. By default, the number is zero and the notice will be displayed automatically if a new vendor is added. If you create notices through the Didomi Console, the default value is 30 days.

During that consent recollection window:

  • New users will be asked for consent for the new vendor immediately.

  • Previous users that had already given consent within the window (ie less than X days ago) will not be asked again until the expiration of the window. The new vendor will not have vendor during that time.

  • Previous users that had already given consent outside of the window (ie more than X days ago) will be asked again immediately.

<script type="text/javascript">
window.didomiConfig = {
  notice: {
    daysBeforeShowingAgain: 5 // Number of days. Default is 0
  }
};
</script>

If you choose that option and because the notice is not shown again, the user consent status will be partial and some vendors will not have consent information. The function Didomi.isUserStatusPartial() can return true in these cases.

Be aware that when recollecting consent until it is given to a vendor (true or false), consent status is reset to undefined.

Recollect consent after a certain date

In some cases, you might want to force recollect consent for all users after a certain date, irrespective of their choices and the configured window for recollecting consent.

This can be achieved by setting an ISO8601 date in the user.ignoreConsentBefore property:

<script type="text/javascript">
window.didomiConfig = {
  user: {
    ignoreConsentBefore: "2020-09-09T00:00:00Z"
  }
};
</script>

When the user has given consent before the provided date, consent will be automatically recollected. Dates in the future are ignored until they become current so you can schedule a consent recollection for a specific date in the future.

Consent expiration

Didomi CMP allows you to customize the lifetime of the consent so that it expires after a specific time.

You can use app.consentDuration configuration option to specify custom consent duration:

<script type="text/javascript">
window.didomiConfig = {
  app: {
    consentDuration: 100 // Custom consent duration in seconds
  }
};
</script>

The app.consentDuration configuration option accepts custom consent duration value in seconds.

Consent expires after 12 months by default if custom consent duration is not specified.

The lifetime of the cookies is set to the value specified in the consent duration configuration option. If the custom consent duration is not specified, the lifetime of the cookies will be set to 12 months by default.

Expiration for denied consent

It is possible to apply a specific consent expiration when the user denies consent for all purposes and vendors. This can be done by using the app.deniedConsentDuration configuration option:

<script type="text/javascript">
window.didomiConfig = {
  app: {
    deniedConsentDuration: 100 // Denied consent duration in seconds
  }
};
</script>

If this configuration option is used and the user disagrees to all vendors and purposes on the consent legal basis, the consent will expire after the specified denied consent expiration and the consent will be recollected. The user choices on the legitimate interest legal basis are not taken into account when applying this configuration option.

The denied consent duration value should be smaller than the generic consent duration value, otherwise, the denied consent expiration will be ignored.

The app.deniedConsentDuration configuration option accepts a custom consent duration value in seconds.

If no value is set for the denied consent duration, the generic consent duration will still be applied for the denied consents.

Vendors and purposes

You must configure the vendors for which consent is collected by our consent notice and displayed in the preferences popup.

Notice country

If you want to specify the country which determines the policy, you can use the app.country configuration option:

<script type="text/javascript">
window.didomiConfig = {
  app: {
    country: 'fr' // Two-letter country code
  }
};
</script>

The value specified in the app.country configuration option is used for the IAB TCF v2 consent string and for the IAB TCF v2 **__tcfapi**method.

Configuration by user country

window.didomiConfig = {
    user: {
        country: "US",
        region: "CA"
    }
}

It is likely that you would be setting these properties dynamically via server-side code. Some things to be aware of when explicitly overriding the country and region codes when overriding the SDK's default behavior for serving notice configurations based on user geolocation detected by our servers:

  • If the values are null/undefined, we will ignore them and serve the notice using our standard behavior, i.e. what our servers have detected based on the incoming request's geolocation.

  • Because you are overriding our default behavior and we do not validate whether or not the country and region codes you are sending us are actual ISO codes, it is your responsibility to send valid country and region ISO codes. An invalid codes would result in a failure to match in our lookup for a related notice configuration. It is your responsibility to ensure valid codes are sent to us to resolve.

  • We are not changing our logic about how we serve notices, we are only allowing you to override the country and region codes. Therefore, what happens is determined on the notice settings in the country and region configuration in the console for the notice. That is, if you have configured GDPR to apply to only certain countries, the GDPR notice will only show up in those cases. In all other cases, there is no notice displayed.

Country-specific configuration settings

Example to force the language based on the user country instead of the user browser configuration, and modify vendors:

<script type="text/javascript">
window.didomiConfig = {
  // Visitors from countries other than FR or US will get this configuration
  languages: {
    enabled: ['fr', 'en'], // Enable both French and English for all users
  },
  app: {
    name: 'My Website',
    vendors: {
      iab: {
        all: true,
        exclude: [9],
      }
    }
  },
  configByCountry: {
    // Visitors from France will get the global configuration + these changes applied to it
    FR: {
      languages: {
        enabled: ['fr'] // Force French for visitors from France
      },
      app: {
        vendors: {
          iab: {
            all: false,
            include: [9],
            exclude: [] // It's important to override "exclude" here otherwise it would be kept as [9]
          }
        }
      }
    },
    // Visitors from the US will get the global configuration + these changes applied to it
    US: {
      languages: {
        enabled: ['en'] // Force English for visitors from the US
      }
      // Vendors are not specified here so the global vendors will apply (all IAB)
    }
  }
};
</script>

The properties defined in configByCountry are merged with the rest of the configuration when the user comes from the matching country. The properties from the country configuration override the properties defined globally and are merged recursively so make sure to fully override objects when necessary. Arrays are replaced and not merged or concatenated.

PreviousNoticeNextInteractions

Last updated 2 months ago

to see how they can be configured.

The app.country configuration option receives a string which is an country code.

You can read more about it in our section.

By default, we will serve the notice with the appropriate regulation based on the location of the user's geolocation as determined by IP address resolution to country and region values. That is, if you have a notice configured to display GDPR within the EU (the default) and you have also added the CPRA regulation to display in California, a visitor from California will receive the CPRA banner and the same visitor traveling to France would see the GDPR version of the notice. For more details on multi-regulation notices, read more .

If you want to override what our servers are detecting in terms of the geolocation of your visitors, you can override the user country code and the region code directly via your local SDK config object by setting the window.didomiConfig.user.country and window.didomiConfig.user.region properties to have their values equal to valid country and region codes. For example, if you want a user to appear to be visiting from California:

If you want to apply a different configuration depending on the country that the user is from, you can add country-specific properties in a configByCountry property where each key is an country code in uppercase (the country code is case-sensitive). This allows you to replace part or all of the configuration for some countries.

Read our detailed section
ISO 3166-1 alpha-2
here
ISO 3166-1 alpha-2
ISO 3166-2
ISO 3166-1 alpha-2
Reference