search

Privacy & Consent

n360ortb includes built-in support for privacy regulations including GDPR/TCF, GPP (Global Privacy Platform), and US Privacy (CCPA).

hashtag
Overview

n360ortb automatically detects and reads consent signals from Consent Management Platforms (CMPs) that implement industry-standard APIs:

  • TCF v2 - IAB Transparency and Consent Framework

  • GPP - IAB Global Privacy Platform

  • USP - IAB US Privacy String (CCPA)

hashtag
GDPR / TCF v2

n360ortb automatically detects TCF v2 CMPs via the __tcfapi interface and reads the TC string.

hashtag
Configuration

n360ortb.init({
  currency: 'EUR',
  gdpr: {
    cmpTimeout: 1000  // Wait up to 1 second for CMP
  }
});

hashtag
Options

Property
Type
Default
Description

cmpTimeout

number

50

Milliseconds to wait for CMP response

hashtag
How It Works

  1. n360ortb calls __tcfapi('getTCData') when the page loads

  2. If consent data is available within the timeout, it's included in bid requests

  3. If the CMP doesn't respond in time, the request proceeds without consent data

  4. SSPs receive the TC string and apply their consent logic

hashtag
Best Practices

  • Set cmpTimeout high enough for your CMP to initialize

  • Consider user experience - longer timeouts delay ad loading

  • A timeout of 500-1500ms is typically sufficient

hashtag
GPP (Global Privacy Platform)

n360ortb supports the IAB Global Privacy Platform for unified privacy signals across jurisdictions.

hashtag
Configuration

hashtag
Options

Property
Type
Default
Description

cmpTimeout

number

50

Milliseconds to wait for GPP CMP response

hashtag
How It Works

  1. n360ortb calls the GPP API (__gpp) to retrieve the GPP string

  2. The GPP string and applicable sections are included in bid requests

  3. SSPs interpret the GPP string according to their policies

hashtag
US Privacy (CCPA)

n360ortb supports the IAB US Privacy String for CCPA compliance.

hashtag
Configuration

hashtag
Options

Property
Type
Default
Description

cmpTimeout

number

50

Milliseconds to wait for USP API response

hashtag
How It Works

  1. n360ortb calls __uspapi('getUSPData') to retrieve the US Privacy string

  2. The USP string (e.g., "1YNN") is included in bid requests

  3. SSPs apply their CCPA logic based on the string values

hashtag
Combining Privacy Configurations

You can enable multiple privacy frameworks simultaneously:

n360ortb will attempt to read consent from all configured frameworks and include available signals in bid requests.

hashtag
Example: Full Privacy Configuration

hashtag
Consent Timeout Behavior

When consent is not available within the configured timeout:

Scenario
Behavior

CMP not present

Request proceeds without consent signals

CMP timeout

Request proceeds without consent signals

User hasn't consented yet

Request proceeds without consent signals

Consent available

Consent signals included in request

circle-exclamation

When consent signals are not available, some SSPs may not bid or may bid at reduced rates depending on their policies and the user's jurisdiction.

hashtag
Debugging Consent

To verify consent is being captured correctly:

  1. Open browser developer tools

  2. Go to the Network tab

  3. Find the bid request to Nexx360

  4. Check the request payload for:

    • gdpr and gdpr_consent fields (TCF)

    • gpp and gpp_sid fields (GPP)

    • us_privacy field (CCPA)

hashtag
Best Practices

  1. Load CMP first: Ensure your CMP script loads before n360ortb

  2. Set appropriate timeouts: Balance consent capture with ad load speed

  3. Test thoroughly: Verify consent flows in different scenarios

  4. Monitor fill rates: Low fill rates may indicate consent issues

hashtag
Compliance Note

circle-info

n360ortb provides the technical capability to pass consent signals to SSPs. Publishers are responsible for implementing a compliant CMP and ensuring proper consent collection according to applicable laws.

hashtag
Next Steps

PreviousGAM Creative SetupNextIntroduction

Last updated

Was this helpful?