Skip to main content
All CollectionsOnboarding
Consent Management compliance options
Consent Management compliance options

Understanding the need for compliance, and how Webtrends Optimize can be configured.

O
Written by Optimize Team
Updated yesterday

Key understanding of user consent

Many countries have strict privacy laws around user consent, such as UK and Europe under GDPR.

The law describes how any given website cannot cookie a user or track their behaviour without consent, for any platforms that are not deemed to be essential. Traditionally, Web Analytics and Research platforms, which experimentation tools like Webtrends Optimize are often grouped into, fall into this group of tools that users need to consent to.

"Cookieing" as a concept also applies under these laws to any similar technology through which we make users identifyable, such as the use of IP addresses, fingerprinting, and other storage mechanisms such as localstorage and sessionstorage.

The above two parts - cookieing and tracking behaviour - are crucial to the solutions that Webtrends Optimize offers for compliance with Consent Management and the associated laws.

Typical load behaviour

To understand how the options available differ, it is important to first outline how Webtrends Optimize traditionally loads.

  1. wt.js file is loaded in the <head> of the page.

  2. Required libraries are downloaded.

  3. Request goes out to fetch experiments - comes back and tests are run.

  4. Cookies are created for the user.

  5. Behaviour is tracked.

Ensuring compliance here would require either step 1 to be delayed until opt-in (simple compliance) or step 4 and 5 to be delayed (advanced compliance). These are the two solutions Webtrends Optimize puts forward.

Options available

Here, we discuss the two options available, along with "pros" and "cons" of each.

Simple compliance

The most straightforward version of ensuring Webtrends Optimize is compliant with your cookie policy is to only write our tag (wt.js) to the page when a user has opted in.

This version of compliance is handled purely by you, the owner of the website.

  1. We wait for the user to opt-in

  2. Steps 1-5 above happen as normal.

For full details of how to implement this, read the dedicated document on Consent management - simple.

What you can expect to see:

Pre opt-in: Many requests, none from containing "Webtrends"

User clicks Accept All:

All network requests are run starting with the wt.js tag by the website after a user opt-in:

Pros:

  • Simplest to understand. Webtrends Optimize doesn't exist until optin.

  • Easier sign off from legal teams: With less nuance, there is less to discuss. The tag not being there until optin is straightforward to verify and ensure compliance.

  • All controlled by you. The presence of our tag on your website is a decision made entirely by you.

Cons:

  • Poor user experience: The user will see your original page pre-optin and this will flash to the new experience post-optin.

  • Unable to deliver rules-based experiences, 100%/optimal experiences and patches pre-optin.

Advanced compliance

The more nuanced approach is what we called Advanced compliance.

This approach is handled on the Webtrends Optimize side for you. In short, it ensures we do not drop cookies/localstorage entries, and do not track any user behaviour if/until a user opts-in at the appropriate level.

Looking at the typical loading behaviour section above, this approach puts a gate behind steps 4 and 5. So:

  • Tag is written as normal to the page

  • All experiences deliver as normal - tests, targets, optimals, hotfixes/patches, baselines, etc.

We then have a new check:

  • Has the user opted-in?

    • Yes: (typically on second page load)

      • Allow cookies and behaviour

    • No: (typically on first page load)

      • Wait for user to opt in

      • Release all cookies and behaviour if any is waiting.

For full details of how to implement this approach, read the dedicated document Consent management - advanced.

What you can expect to see:

Web page loads in, with wt.js and library requests. Tests are fetched, but no additional measurement calls are issued and no cookies are found:

The page should render all required experiences, delivered on the last network request in the above screenshot.

After a user opts-in, we will then release all tracking and cookies if there are any to write/send:
​

Pros:

  • Best option for user experience - serve all experiences pre-optin.

  • Is compliant with cookie laws.

  • Less for customers to think about - just put the tag in the head as normal.

Cons:

  • If the user sees a test, does not opt-in/out and refreshes the page, they may see a different experience as they will be re-randomised for tests until an opt-in/opt-out decision is made.

    • Note that most visitors will make a decision as the first thing they do when a website loads, and many cookie policies take over the whole website to ensure this happens.

Our recommendation:

To all customers of Webtrends Optimize, we recommend our Advanced compliance route.

Most important, it ensures we do not cookie users nor track their behaviour before they opt-in, which keeps us compliant with the required laws. Further, we then benefit from experiences being delivered in the moment of the page first loading, which is considerably more likely to drive conversion and not frighten users with an otherwise jumpy experience.

It is, by far, the best solution available in the industry, and the result of re-engineering the Optimize snippet to pull apart the mechanisms we don't want to trigger until we're ready for them to do so - a feat which many of other platforms in the market have not achieved and thus a key selling point of the Webtrends Optimize platform.

Related Articles
Consent management - simple
Consent management - advanced
Onboarding
Full Stack / Server-Side
Does Chrome's third party cookies change affect Webtrends Optimize users?
Did this answer your question?