Introduction¶

This article gives instructions on how to set up and use Consent Manager for website cookie banners, cookie scan detection, and cookie maintenance.

This article also covers the legislation and regulation requirements to help website owners know which compliance level to target.

Consent Manager features:

• Custom and accessible branding
  Users can design a cookie acceptance banner to meet legislation and regulation requirements. They can also customize the banner to match the company brand and meet accessibility standards.
• Consent analytics
  Website owners can view real-time data about their visitor cookie acceptance trends.
• Consent log
  Website owners can see a log of visitor consent choices. Visitor consent is properly and anonymously logged and stored, as required by GDPR.

Instructions¶

This section gives instructions for site admins on how to set up the cookie banner and how to categorize cookies.

1. Click Admin Settings (gear icon) on the main toolbar to open the Domain Settings page.

   

2. Click Action on the same row as the domain to scan.

   The Action menu expands in a drop-down list.

3. Select Edit Domain from the drop-down list.

   

   The Edit Domain pane opens.

4. Locate the Features section.

5. Click to turn the Consent Manager switch to ON.

   
6. Save. The Edit Domain page closes and the Admin settings page reopens.
7. Click Action on the Admin settings page, on the same row as the domain from the last step. A drop-down list expands.

8. Select Script Setup Guide.

   

   The Set up your domain page opens.

   

9. Click to turn the Add Consent Manager switch on.

   

10. Click the Open consent manager script settings link.

    The Consent Manager Script Settings page opens.

Cookie banner setup¶

This section gives information on how to configure the consent manager settings.

Consent Manager pop-up setup¶

Click on the mini window to select the location for the cookie banner pop-up to appear on the website landing page. The options are:

• Top left
• Top center
• Top right
• Middle left
• Middle right
• Bottom left
• Bottom center
• Bottom right.

Consent Manager configuration¶

This section gives instructions on how to set up the cookies to comply with CCPA or GDPR standards.

• Privacy regulation: Select the compliance regulation for your geographical location or intended audience.

  Tick to select:

  • CCPA
  • GDPR
  • Both CCPA & GDPR.
  Note

  The fields that expand with each selection are not the same. Continue for instructions on each selection.

  For more information, see the user guide article:

  GDPR and CCPA

CCPA Setup¶

California Consumer Privacy Act

• Opt out link: Click in the input field and enter the link to the company opt-out page.

• Link to Privacy Policy: Click in the input field and enter the link to the company Privacy Policy.

  Tip: The link should begin with http:// or https:// and can contain a maximum of 100 characters.

  For more information, see the user guide article:

  Cookie and privacy policies

• Cookie Overview:

  

  • Manage: Select this option if you choose manage the cookies via Acquia Optimize.

    See Manage Cookies below for instructions on how to add and manage the cookies.

  • Link: Select this option if you have already done the work of categorizing your cookies, and wish to add a link to an external Cookie Overview page.
• Add empty callbacks: Add empty callbacks to the boilerplate (sections of nearly identical code that are reused in many places).
  • Add empty EventListeners: Add event listeners to the boilerplate (detects sections of nearly identical code that are reused in many places).

  • Add web overlay lock: Lock the website behind the banner, so that users cannot interact with the website before they accept cookies.

    Note

    This setting is not advised, as some interpretations of the regulations prohibit this behavior.

  • Consent Manager Language: From the list, select all of the languages that are used on your website. This is the language that the cookie banner shows. Acquia Optimize detects the page language and displays in the appropriate language.
  • Default Language: Click the drop-down arrow and select a default language that is used for any page in a language that is not supported.

For more information, see the user guide article:

GDPR and CCPA

GDPR Setup¶

General Data Protection Regulation Select this option to access the following fields.

• Per category consent: Select this option to give users more control over which cookie categories they can choose to accept. The choices that website users can choose from when this option is selected are:
  • Marketing: Toggle the switch OFF to reject marketing cookies, or ON to accept marketing cookies.
  • Statistics: Toggle the switch OFF to reject Statistics cookies, or ON to accept Statistics cookies.
• Preferences: Toggle the switch OFF to reject Preferences cookies, or ON to accept Preferences cookies.
• Explicit reject option: Select this option to change the text on the banner button from ‘Only Essential Cookies’ to ‘Explicit Reject’.

• Link to Privacy Policy: Click in the input field and enter the link to the relevant privacy policy. The link should begin with HTTP:// or HTTPS:// and can not have more than 100 characters.

  For more information, see the user guide article:

  Cookie and privacy policies

  Note

  Cookies are dynamic and often change. Update the cookie policy regularly to ensure up-to-date information.

• Cookie Overview: Click Manage Cookies to add cookies manually. The Include Cookies window opens. See the Manage Cookies section below for full instructions on how to add cookies manually. In the cookie list, an icon of a person pointing indicates a manually-added cookie.

  Note

  To use the scan to set up cookies via the script, click Data Privacy (the lock icon) on the top toolbar of the page to navigate to the Data Privacy module.

• Add empty callbacks: Tick to add empty callbacks to the boilerplate (sections of nearly identical code that are reused in many places).
• Add empty EventListeners: Tick to add event listeners to the boilerplate (sections of nearly identical code that are reused in many places).
• Consent Manager Language: From the list, select all of the languages that are used on your website. This is the language that the cookie banner shows. Acquia Optimize detects the page language and displays in the appropriate language.
• Default Language: Click the drop-down arrow and select a default language that is used for any page in a language that is not supported.

For more information, see the user guide article:

GDPR and CCPA

Both GDPR & CCPA¶

Select this option for a combination of GDPR and CCPA regulations. See the previous article sections for explanations of the regulations.

Widget design¶

• Choose an icon: Click to select the appearance of the cookie icon. The choices are:
  • Chocolate chip cookie
  • Chocolate chip cookie with a bite taken out of it
  • Gingerbread cookie
  • Peanut butter cookie.
• Icon shape: Click the drop-down list to select an icon shape. The choices are Circle and Rounded Box.

• Text color: Click in the input field to select a color with the color picker, or enter the RGB code for the color (usually a color that fits with the website theme).

  

  Tip! Our Color Contrast Checker is a quick way to test the color combinations on websites and pages.

• Button color: Click in the input field to select a color with the color picker, or enter the RGB code for the color (usually a color that fits with the website theme).
• Color contrast ratio: This number shows the contrast ratio of the selected colors for the buttons and the button text. The contrast can be Bad (0-3.99) or Good (4 and above). Bad contrast options cannot be saved, to meet accessibility requirements.

1. Save the changes.

2. Copy the script and add it to the website HTML code.

   Add HTML Attributes.

   HTML attributes must be added to content elements on your website if you only want them to load once a consent choice has been provided by the visitor. For example, if you are using Google Analytics on your website and only want the script to load once a visitor has accepted Statistics cookies, you will need to mark up the Google Analytics script with an HTML attribute.

For more information and instructions, see the Acquia Optimize for Developers article:

Consent Manager attributes

For more information, see the user guide articles:

• Add script
• Google Tag Manager deployment

Cookie Setup¶

This section gives instructions on how to manage cookies manually, for example, how to add cookies that are not detected by the scan.

1. From the domain Dashboard, click Data Privacy (lock icon) on the menu bar.

   

   The Data Privacy Page opens.

2. From the menu on the left, click Consent Overview.

   

   The menu expands with the following options:

   • Cookie Acceptance Rate
   • Consent Log
   • Cookie Overview.
   
3. Click to select:
   • Cookie Acceptance Rate: The Cookie Acceptance Rate page opens. Here is an overview of the customer cookie acceptance rates.
     • The Acceptance Rate by Category page shows acceptance rates by cookie categories.
     • The Overall Acceptance Rate page shows a percentage of cookies accepted, as well as a graph chart with acceptance rates over time.
   • Consent Log: This page lists IP addresses that interacted with the cookies on the website, shown in chart format. The log is kept on Acquia Optimize servers for two years.
     The column headers are:
     • IP Address: The IP address of the computer that browsed the site.

     • UUID: The unique ID for the user device that received the cookie.

       Note

       This ID is gone from the user's device when the cookies on that device are deleted by the user. When the UUID is gone, the user can no longer request the record of the cookie consent.

     • Location: The country of origin that the user accessed the site from.
     • Data Regulation: The applicable regulation,: GDPR, CCPA, or both.
     • Accepted cookies: The cookie categories that the user accepted.
     • Date: The date that the user accepted the cookies.

   • Cookie Overview: The menu expands. This section gives information about cookies and the cookie acceptance rates by users. The Cookie Overview page opens.

     
     Note

     The first time that the scan populates cookies, the list only shows cookies that have been added manually and those that are present on the Acquia Optimize database of common cookies.

4. Select Cookie Overview. The Cookie Overview page opens.

   

   The table fields have the following columns:

   • Category: Click the drop-down arrow and select the category for the cookie.
     • Essential: These cookies are required to enable basic website functionality. Note: Essential cookies cannot be deselected by the user.
     • Basic (Recommended): Allows users basic access to selected features such as Help Desk, and facilitates communication.
     • Marketing: These cookies are used to provide advertising that is tailored to the user and their particular interests. Marketing cookies can also be used to restrict the number of times an advertisement is displayed and to measure the efficacy of advertising campaigns. Advertising networks usually place marketing cookies with the website operator’s permission.
     • Statistics: These cookies allow website operators to identify technical issues and understand how a site is performing. They can also be used to see how visitors interact with the site and usually do not collect information that identifies visitors.
     • Preferences: These cookies allow the website to keep track of your choices (e.g. region, user name, language) in order to provide more personalized features. A website may, for example, provide local traffic information based on data stored about the current location of the user.
   • Name: Enter the name of the cookie, exactly as it appears in the HTML code.
   • Domain: Enter the domain of the cookie.

   • Platform: Add the name of the platform or the company who provides this cookie.

     Note

     This field automatically inherits the language value.

   • Description: Enter a short description of the cookie. If needed for this step, use a web search engine search for the cookie name.
   • Duration: Enter the duration of the cookie.
   • Delete (trashcan icon): To remove a cookie, click the trashcan icon to delete the row.

   • Error indicators:

     
     • A red exclamation point on a row means that there is incomplete cookie data. Cookies that are not complete cannot be published or filtered, and are added to the user's browser automatically. It is important to complete the cookie setup.
     • A yellow question mark on a row means that the cookie was detected in previous scans but is not present in the most recent scan. Click the question mark to open a dialog box and handle the issues. Choose:
       • Show anyway: If the cookie was missed by the scan and you are sure the cookie is present, this is a good option to select. The cookie remains on the list.

       • Ignore & hide: Choose to ignore this cookie for now and hide it from the list. This is a good option if you suspect the cookie may appear again on the next scan.

         
   • Save. A dialog box opens with the message, "Cookie Overview Saved".

For more information, see the user guide article:

Data Privacy

Manage cookies with the scan¶

This section gives instructions on how to manage cookies that the Acquia Optimize scan detects.

To view the cookies that the scan found:

1. Click Data Privacy (lock icon) on the dashboard menu bar.

2. Select Consent Overview from the menu on the left side of the page.

   
3. The Consent Overview page opens. This is an overview of user cookie acceptance rates, as well as the consent log that stores the cookie categories that the users have consented to.
4. Click Consent Overview from the menu on the left. The list expands.
5. Select:
   • Cookie Acceptance Rate: Select Cookie Acceptance Rate. The Cookie Acceptance Rate page opens and shows an overview of customer behavior towards cookies on the website.
     • The Acceptance Rate by Category page shows acceptance rates by cookie categories.
     • The Overall Acceptance Rate page shows a percentage of cookies accepted, as well as a graph chart with acceptance rates over time.

   • Consent Log: This page lists IP addresses that interacted with the cookies on the website, shown in chart format. The log is kept on our servers for two years.

     

     The column headers are:

     • IP Address: The IP address of the computer that browsed the site.

     • UUID: The unique ID for the user device that received the cookie.

       Note

       This ID is gone from the user's device when the cookies on that device are deleted by the user. When the UUID is gone, the user can no longer request the record of the cookie consent.

     • Location: The country of origin that the user accessed the site from.
     • Data Regulation: The applicable regulation, GDPR, CCPA, or both.
     • Accepted cookies: The cookie categories that the user accepted.
     • Date: The date that the user accepted the cookies.

   • Cookie Overview: This page gives information about the cookie acceptance rates by users. The Cookie Overview page opens.

     
     Note

     If this is the first time that the scan populates cookies, the list only shows manually added cookies and those that are present in our database of common cookies.

     • Scan Domain: Click to start a cookie scan. The Scan in progress message appears and the scan icon spins until the scan is complete.

     • Include Cookies:

       Cookies that the scan detects are in the cookie list but may be only partially complete. The icons indicate:

       • A green check mark indicates that the cookie is a common cookie and our system populated the fields from our internal repository.
       • A red exclamation point on a row means that there is incomplete cookie data. Cookies that are not complete cannot be published or filtered, and are added to the user's browser automatically. It is important to complete the cookie setup.
       • A yellow question mark on a row means that the cookie was detected in previous scans but is not present in the most recent scan. Click the question mark to open a dialog box and handle the issues. Choose:
       • Show anyway: Even though the cookie was missed by the scan, if you are sure this cookie is present then select this option. The cookie remains on the list.
       • Ignore & hide: Choose to ignore this cookie for now and hide it from the list. Choose this option if the cookie may appear again on the next scan.

       • Delete: Click to delete the cookie from the list. It will appear again after a new scan if the scanner still finds it.

         Note

         On the left side of the cookie, an icon of a person pointing indicates a cookie that was added to the list manually.

     • Category: Click the drop-down arrow and select the category for the cookie. The categories are:
       • Essential: These cookies are required to enable basic website functionality. Note: Essential cookies cannot be deselected by the user.
       • Basic (Recommended): Allows users basic access to selected features such as Help Desk, and facilitates communication.
       • Marketing: These cookies are used to provide advertising that is tailored to the user and their particular interests. Marketing cookies can also be used to restrict the number of times an advertisement is displayed and to measure the efficacy of advertising campaigns. Advertising networks usually place marketing cookies with the website operator’s permission.
       • Statistics: These cookies allow website operators to identify technical issues and understand how a site is performing. They can also be used to see how visitors interact with the site and usually do not collect information that identifies visitors.
       • Preferences: These cookies allow the website to keep track of your choices (e.g. region, user name, language) in order to provide more personalized features. A website may, for example, provide local traffic information based on data stored about the current location of the user.
     • Name: The name of the cookie, exactly as it appears in the HTML code.
     • Domain: The domain for the cookie.
     • Description: Enter a short description of the cookie. If needed for this step, use a web search engine search for the cookie name.
     • Duration: The duration of the cookie.
     • Delete: To remove a cookie, click the trashcan icon to delete the row.
     • + Add a cookie: Click to insert a new empty row for a new cookie.
     • Save. A dialog box opens with the message, "Cookie Overview Saved".

     Notes:

     • 3rd party cookies that are found by the scan have a domain and a path listed. These are unique identifiers for the cookie.
     • It is not possible to edit the name, domain, or path of cookies found by the scanner.
     • It is not possible to manually create a cookie with a name that already exists for a cookie found by the scan.

For more information, see the user guide article:

Data privacy

Add the script¶

This section gives instructions on how to add the script to your domains.

Create the script. For instructions, see the user guide article:

Add script

To add the script to the HEAD tag of the website:

1. Click Copy Script (icon of two papers) to copy the script that is in the Script section.

   
   Important

   The script is unique for each domain. It will not work to copy/paste from one to another. Websites ending in .com and .eu, for example, are considered different domains and it does not work to copy/paste the Acquia Optimize script. The script needs to be configured separately for each domain.

2. Paste the script into the HEAD tag in your HTML editor, or place it before the </body> tag on every page.

   Note

   If Consent Manager is activated, the script must be in the HEAD tag so that it can detect the cookies.

3. Add HTML Attributes.

   HTML attributes must be added to content elements on your website if you only want them to load after the visitor makes their consent choices. For example, if you are using Google Analytics on your website and only want the script to load after a visitor has accepted Statistics cookies, you need to mark up the Google Analytics script with an HTML attribute.

   For more information and instructions, see the article:

   Consent Manager Attributes

Cookieless tracking¶

The Acquia Optimize Statistics module normally applies a cookie to the browser of the visitor. It is possible to remove this, so that Acquia Optimize can still track the same data from visitors who refuse Statistics cookies on the cookie banner.

1. Select Script Setup Guide in the drop-down list. The Domain Setup page opens.
2. Enable Acquia Optimize Statistics. 
   For more information, see the user guide article:
   ​Statistics

3. Click the Enable Cookieless Tracking switch to turn it on.

   

   For more information, see the user guide articles:

   • Cookieless tracking setup
   • ​Statistics
   • Add script
4. Configure the script as usual.
5. Paste the script to the website HTML and then publish the site.

Cookie Acceptance Rate¶

This page gives an overview of website visitor behavior regarding cookie acceptance on the website.

Select Cookie Acceptance Rate. The Cookie Acceptance Rate page opens and shows an overview of customer behavior towards cookies on the website.

• The Acceptance Rate by Category page shows acceptance rates by cookie categories.
• The Overall Acceptance Rate page shows a percentage of cookies accepted, as well as a graph chart with acceptance rates over time.

Consent log¶

This page lists IP addresses that interacted with the cookies on the website, shown in chart format. The log is kept on Acquia Optimize servers for two years.
The column headers are:

• IP Address: The IP address of the computer that browsed the site.

• UUID: The unique ID for the user device that received the cookie.

  Note

  This ID is gone from the user's device when the cookies on that device are deleted by the user. When the UUID is gone, the user can no longer request the record of the cookie consent.

• Location: The country of origin that the user accessed the site from.
• Data Regulation: The applicable regulation, GDPR, CCPA, or both.
• Accepted cookies: The cookie categories that the user accepted.
• Date: The date that the user accepted the cookies.

Cookie overview¶

The Cookie overview is where the website administrator handles the cookies. This section gives instructions for the website administrator on how to add cookies via the scan, add cookies manually, and categorize cookies.

1. Save the page and then save again.

   A dialog gives the option to edit the cookie settings. Click Data Privacy to update now, or click I'll do it later to exit without setting it up now.

2. The Data Privacy module opens. If you selected I'll do it later, navigate to the Privacy module with these steps:
   • From the main page, click to select the domain. The domain dashboard opens.
   • Click Data Privacy (a lock icon), on the top menu bar.

3. In the Data Privacy module, click Consent Overview and then select Cookie Overview.

   This page is where the website administrator handles the cookies. There are three panes:

• Include cookies: Enter the cookie information manually, or populate with the Acquia Optimize scan. Manually entered cookies have an icon of a person pointing.
• Automatic cookie scan: Start a manual scan for cookies, or toggle the switch to ON to scan for cookies automatically during the next scheduled scan. The icon spins while a scan is in progress.
• Script setup: To include the cookie overview on the webpage, create the overview. In the HTML editor, paste the script into the HEAD tag.

For more information, see the user guide article:

Add script

Additional resources¶

For documentation and advanced help files including SDK information for developers, see:
Documentation for Developers