Overview
Validating your Consent Management Platform (CMP) is a great way to take advantage of ObservePoint's Privacy Compliance solution. In this help doc, we'll walk you through how to simulate a user opting out of 3rd party cookies. Next, you will want to create approved lists with Consent Categories to process the data collected and flag unexpected 3rd parties.
Procedure
Create an audit, giving it a name describing which test you want to perform, keywords like "GDPR" and "CCPA" make great labels and audit titles.
Next, under Advanced Setup, choose a location from the dropdown applicable to the test you are creating. ObservePoint offers locations to simulate traffic from Northern California, London, England; Dublin, Ireland, Frankfurt, Germany and other locations.
3. After configuring the rest of the advanced setup of your audit audit, Go to the Pre-Audit Actions tab.
4. Create a Pre-Audit Actions that simulates a user declining all cookies that are available to decline. Consent managers tend to be custom, so there is no on-size-fits all approach. In this example we'll use a OneTrust consent manager found on https://www.gene.com, but the same principles could be applied to any consent manager solution.
5. We'll start with a Navigation action to the page.
6. Then we'll open a new tab in our browser and navigate to https://www.gene.com and search for a consent manager banner
Note: If you don't see the banner, you maybe maybe already have your cookie preferences saved from a previous visit, so perform the step above in an incognito window.
7. From here we'll create actions to click on "Cookie Preferences", then toggle off available cookies that can be declined, and finally click "Confirm My Choices"
8. After grabbing appropriate selectors and creating click actions, your Pre-Audit Actions should look like this.
9. Now, run the audit. Before visiting any page in the audit, the Pre-Audit Actions will be performed and the results should show no Performance, Functional, Social Media, or Targeting Cookies. The results can be seen in the Cookie Export available in the Page Details Report, or by inspecting the lack of tags in the tag presence report.
Considerations for Auditing Multiple Countries
When setting up an audit to scan multiple countries (e.g., UK, US, FR), please take the following into account:
1. Unique Domain Extensions:
If the country site is represented by unique domain extensions (e.g., observepoint.fr or observepoint.co.uk), ensure that, in the pre-audit actions, each of these specific URLs is included.
You will need to navigate to a page and opt out of tracking for each domain.
In these cases, we recommend splitting these out into different audits to prevent cookies associated with different domains from persisting throughout a session.
2. Unique URL Paths:
If the country site is represented by unique URL paths (e.g., observepoint.com/fr or observepoint.com/uk), during the pre-audit actions, navigate to the main domain (e.g. observepoint.com), add a clear all cookies action, and then opt out of tracking.
By addressing these considerations, you ensure that the audit is configured correctly to cover the specificities of each country site, whether represented by unique domain extensions or URL paths.