In Exponea, you can define your own consent categories that help you to manage different purposes for data processing and communication. There are 3 types of categories available in the application:
|Consent||As per GDPR, consent has to be freely and actively given by a customer. You can define multiple consent categories (such as "Newsletter", "Push notifications" etc.). Consents need be tracked/imported for every customer. Learn how.|
|Legitimate interest||Processing data under legitimate interest is more flexible in comparison to the active consents. It enables you to process personal data without actively asking your customers to provide consent. Hence in Exponea, you can define a legitimate interest group by creating an automatic filter based on a customer's behavior (such as having a purchase etc.)|
|General consent||This is a system setting in Exponea that allows you to send campaigns to all your customers even without consents or those who already opted out. This is only to allow you to send transactional emails or important warnings and need to be used carefully.|
You can configure categories in
Project settings >
Privacy management >
You can then use these categories every time you want to launch a campaign. This will ensure that you will show e.g. a push notification only to customers who have given you the appropriate consent. Consent settings are available for all campaigns in Exponea:
- Push notifications
- Tag manager
We will now show you how to create and edit categories for consents and legitimate interests.
|Color||Distinguish between consent categories with different colors.|
|Consent category||This field is used for mapping the consent category to the tracked consent event.. This field needs to have the same value as the attribute |
|Name||This is a human-readable name of the consent category that will also be visible to your customers on the consent page.|
|Description||Description of the consent category that will also be visible to your customers on the consent page.|
|Public API||By default, new consent categories have tracking of consents from public API disabled.|
In practice this means that consent events with property source=public_api will be ignored or invalid.
We strongly recommend to leave this option disabled, because it is preventing attackers to change user consents at will by obtaining public API token.
As an alternative we recommend to use
- either consent double opt-in
## - or tracking of consents by api with private key, which will be tracked as source=private_api
You can apply a legitimate interest to all your customers, or only a specific segment, using the filter in the "applies on" column.
Legitimate interest has the same configuration as consents expect the setting Applies on. Description of other settings can be found in the table above.
|Applies on||Use this setting to define on what segment of customers you want to apply this legitimate interest.|
Note that this filter is not static, but always reflects the actual state based on customers' behavior.
Customers have an option to opt-out from a legitimate interest in the same way as for consents. They are also visible on the consent page. Read more here.
Updated 3 months ago
Learn how to track consents and opt-outs.
|Tracking consent events|