Analytics.js OneTrust Wrapper
Consent Management is available to customers on the Business Tier Plan
See the available plans, or contact Support.
This guide about Segment’s Analytics.js OneTrust wrapper contains context about which configurations might cause data loss, steps you can take to remediate data loss, and configurations that minimize data loss.
For questions about OneTrust Consent and Preference Management behavior, see the OneTrust documentation.
For questions about the Analytics.js OneTrust wrapper, see the @segment/analytics-consent-wrapper-onetrust repository.
OneTrust consent banner behavior
The OneTrust consent banner has three key UI configurations that control how the banner and consent preferences behave:
- Banner display: If the banner should be shown or not when a user lands on your webpage
- Banner closing: If the consent banner should automatically close when the user takes an action on your webpage
- Consent model: If the status is automatically set to
true
orfalse
for all categories- Opt-In: The user, by default, does not consent to all categories (except those that you deem to be mandatory). The user is required to select categories that they consent to share data with (or, “opt-in” to data collection)
- Opt-out: The user, by default, does consent to all categories. The user can choose to select categories that they do not consent to share data with (or, “opt-out” of data collection)
Segment's Analytics.js OneTrust wrapper assumes the following:
Opt-In and Implied statuses are treated in Segment’s OneTrust wrapper as Opt-In
. Notice Only, Custom, or Opt-Out statuses are treated in Segment’s OneTrust wrapper as Opt-Out
.
You can set the banner display and banner closing settings to create a banner implementation that is either:
- Mandatory: A user must interact with a banner before they access your site
- Optional: A user does not have to interact with a banner while they access your site. The banner is always present as your end users navigate through your site, disappears after a user takes an action, like clicking or scrolling, or is never shown to your users
Some combinations of banner behaviors and consent models may lead to a possibility of data loss in your downstream destinations.
Possibility for data loss
Segment has evaluated a combination of banner behaviors, consent models, and load orders to be at either a low or medium possibility of data loss.
Low
Segment assesses some behaviors to have a low possibility of data loss because Twilio Segment Analytics.js and third-party device mode libraries are loaded only after the user has provided their consent (for consent banners a user must interact with to use your site) or your site assumes that a user consents (if you set your cookie banner on your site to be optional and never displayed to a user).
Medium
Segment assesses some banner behaviors, like those that always remain as a user navigates your site and those that disappear after a user action like clicking or scrolling, to be at a medium possibility for data loss and noncompliance.
- Compliance Risk: Once device mode libraries are loaded they cannot be unloaded when the user revokes consent to their mapped categories. Note: Not unloading the third-party library poses a risk only if the third-party library is collecting data in addition to collecting Segment events.
- Possibility of data loss: Once Segment loads, if the user consents to additional categories that map to device mode libraries, then these new libraries will not be loaded until the next time that Segment loads, like after a page reload. This may result in data loss.
To minimize the possibilities for data loss:
- Set up cookie banners that either must be interacted with in order to use your site, or are set to be optional and never displayed to a user, with the assumption that users rarely go back to update consent preferences
- If using cookie banners that either always remain as a user navigates your site or disappear after a user action, like clicking or scrolling:
- Use fewer device mode libraries. This way, all data flows through Twilio Segment and you can respect an end-user’s consent preferences using Consent Management
- Regularly audit your device mode libraries. Audit your device mode libraries to confirm they are not capturing data themselves
- Add logic to do a full page refresh when the user’s consent to categories associated with device mode libraries changes. This will help unload the device mode libraries completely
Refreshing a page when a user’s consent changes could cause duplicate page events in your destinations. This can also cause a loss of form state for your users, if input form fields were present at the time of refresh. However, page refreshes due to changes in consent can also help load additional device mode libraries the user has consented to share data with, eliminating the possibility of data loss in your downstream destinations.
Segment library desired behavior
Banner behavior | Cookie banner | User interaction with webpage | Segment loads | Possibility of data loss |
---|---|---|---|---|
Mandatory | Displayed on page load | Required to access webpage | After user action | Low, until a user changes their preferences |
A banner that always remains as a user navigates your site | Displayed on page load | Not required to access webpage | With page load | Medium |
A banner that disappears after a user action, like clicking or scrolling | Displayed on page load | Not required to access webpage | With page load | Medium |
A banner that is optional and never displayed to a user | Not displayed on page load | Not required to access webpage | With page load | Low, until a user changes their preferences |
Scenarios where you might experience data loss
You might experience data loss if a user navigates away from a landing page before providing their consent or doesn’t interact with a consent banner on a website that uses an opt-in consent model. The following tables outline common scenarios that your users might encounter and information about the degree of data loss you can expect for each scenario.
First time users
Return users with no valid prior session are treated as first time users.
Consent model | User action | Expected behavior | Data loss |
---|---|---|---|
Opt-In (optional banner behavior) | User provides consent preferences and closes banner (with or without the presence of strictly necessary category) | 1. Website loads 2. Website presents consent banner to a user 3. Users provide consent preference and close banner 4. Segment libraries load 5. Any events in the buffer for that session are sent to consented destinations (Segment and third-party destinations) 6. All events after a user provides their consent will flow to consented destinations (Segment and third-party destinations) |
Data loss is possible if the user navigates away from the landing page before providing consent or if a user closes the banner. No data loss if the user provides consent on the landing page |
User does not interact with the consent banner and continues to access the website | 1. Website loads 2. Website presents consent banner to a user 3. User does not take a consent action and continues to access the website 4. No Segment cookies are set 5. No events flow to Segment or third-party destinations |
Data loss. No data flows to strictly necessary or unmapped destinations | |
User rejects all cookies and closes banner | 1. Website loads 2. Website presents consent banner to a user 3. User rejects all cookies and closes banner 4. If workspace has unmapped destinations or strictly necessary destinations, Segment libraries load 5. Any events in the buffer for that session are sent to unmapped or strictly necessary destinations 6. All events after a user rejects consent flow to unmapped or strictly necessary destinations |
Data loss is possible if the user navigates away from the landing page before providing consent or if a user closes the banner. No data loss if the user provides consent on the landing page |
|
Opt-In (with mandatory consent banner) | User provides consent preferences and closes banner | 1. Website loads 2. Website presents consent banner to a user, who cannot use your website until they interact with the banner 3. User provides consent preferences and closes banner 4. Segment libraries load 5. All events flow to consented destinations (Segment and third-party destinations) |
No data loss |
Opt-out | User provides consent preference and closes banner | 1. Website loads 2. Segment libraries load 3. Events flow to default consented and unmapped destinations (Segment and third party destinations) 4. Website presents consent banner to a user 5. User provides consent preferences and closes banner 6. Events flow to unmapped destinations and destinations in categories your user consented to share data with. Events do not flow to mapped destinations in categories that your user did not consent to share data with |
No data loss Device mode libraries that are passively collecting data and are mapped to categories a user does not consent to share data with might still be collecting data. Segment is not able to block that data collection. |
User does not interact with the consent banner and continues to access the website | 1. Website loads 2. Segment libraries load 3. Events flow to default consented and unmapped destinations (Segment and third-party destinations) 4. Website presents consent banner to a user 5. User does not interact with the consent banner and continues to access the website 6. Events continue to flow to default consented and unmapped destinations |
No data loss | |
User provides consent preferences, rejects all categories, and closes the banner | 1. Website loads 2. Segment libraries load 3. Events flow to default consented destinations (Segment and third-party destinations) 4. Website presents consent banner to a user 5. User provides consent preferences, rejects all categories and closes the banner. If your workspace has no unmapped or strictly necessary destinations, all event data after a user provides their consent data is blocked. If your workspace has unmapped or strictly necessary destinations, events continue to flow to destinations in the strictly necessary category and unmapped destinations. |
No data loss Device mode libraries that are passively collecting data and are mapped to categories a user does not consent to share data with might still be collecting data. Segment is not able to block that data collection. |
|
Implied | User does not interact with the consent banner and continues to access the website | 1. Website loads 2. Segment libraries load 3. Events flow to default consented and unmapped destinations (Segment and third-party destinations) 4. Website presents consent banner to a user 5. User does not interact with the consent banner and continues to access the website 6. Events continue to flow to all connected destinations If your workspace has unmapped or strictly necessary destinations, events continue to flow to unmapped destinations. |
No data loss |
Return users
Consent model | User action | Expected behavior | Data loss |
---|---|---|---|
Opt-In(with mandatory or optional consent banner) | User does nothing and continues accessing the website | 1. Website loads 2. Segment libraries load 3. Events flow to default consented and unmapped destinations (Segment and third-party destinations) 4. User does not interact with the consent banner and continues to access the website |
No data loss |
User seeks, opens, and updates cookies on the banner, then closes the banner | 1. Website loads 2. Segment libraries load 3. Events flow to default consented destinations (Segment and third-party destinations) 4. User seeks, opens, and updates cookies on the banner 5. User closes banner 6. Events flow to consented destinations, are block from flowing to mapped, non-consented destinations. If a user rejects all categories and your Segment workspace has no unmapped destinations, no data will flow to any destination If a user rejects all categories and your Segment workspace has unmapped destinations, data will flow to your unmapped destinations |
No data loss Device mode libraries that are passively collecting data and are mapped to categories a user does not consent to share data with might still be collecting data. Segment is not able to block that data collection. |
|
Opt-out(with mandatory or optional consent banner) | User does nothing and continues accessing the website | 1. Website loads 2. Segment libraries load 3. Events flow to default consented and unmapped destinations (Segment and third-party destinations) 4. User does not interact with the consent banner and continues to access the website |
No data loss |
User seeks, opens, and updates cookies on the banner, then closes the banner | 1. Website loads 2. Segment libraries load 3. Events flow to default consented destinations (Segment and third-party destinations) 4. User seeks, opens, and updates cookies on the banner 5. User closes banner 6. Events flow to consented destinations, are block from flowing to mapped, non-consented destinations. If a user rejects all categories and your Segment workspace has no unmapped destinations, no data will flow to any destination If a user rejects all categories and your Segment workspace has unmapped destinations, data will flow to your unmapped destinations |
No data loss Device mode libraries that are passively collecting data and are mapped to categories a user does not consent to share data with might still be collecting data. Segment is not able to block that data collection. |
|
Implied | User does nothing and continues accessing the website | 1. Website loads 2. Segment libraries load 3. Events flow to default consented and unmapped destinations (Segment and third-party destinations) 4. User does not interact with the consent banner and continues to access the website |
No data loss |
User seeks, opens, and updates cookies on the banner, then closes the banner | 1. Website loads 2. Segment libraries load 3. Events flow to default consented destinations (Segment and third-party destinations) 4. User seeks, opens, and updates cookies on the banner 5. User closes banner 6. Events flow to consented destinations, are block from flowing to mapped, non-consented destinations. If a user rejects all categories and your Segment workspace has no unmapped destinations, no data will flow to any destination If a user rejects all categories and your Segment workspace has unmapped destinations, data will flow to your unmapped destinations |
No data loss Device mode libraries that are passively collecting data and are mapped to categories a user does not consent to share data with might still be collecting data. Segment is not able to block that data collection. |
This page was last modified: 02 May 2024
Need support?
Questions? Problems? Need more info? Contact Segment Support for assistance!