Skip to main content

Compliance Overview (GDPR/TCF • US GPP • GPC • Receipts)

What the CMP does for you

Auto framework: EEA/UK → GDPR/TCF, US → IAB GPP (US‑Nat v2 + state sections), everywhere else → GDPR.
Default‑deny until Accept/Preferences.
GPC respected.
Proof of consent with tamper‑evident receipts.

Regions at a glance

EEA/UK (GDPR/TCF)

Explicit consent before non‑essential cookies; we generate a TCF tcString.

United States (GPP)

gppString with US‑Nat v2 and applicable state sections.

Everywhere else

GDPR‑style categories; fallback to GDPR if region is uncertain.

Receipts & exports

Export Consents/Receipts (CSV/JSON/JSONL). Each event includes region, framework, and the consent string.

Data retention & DPIA (starter)

Suggest 12–24 months event retention; receipts longer for audits.
No IP stored with consent events; Region API is cache‑safe and rate‑limited.
Visitors can reopen the banner (Privacy settings) to change choices.

Snippets

Reopen banner

<a href="#" onclick="window.DWConsent && window.DWConsent.open(); return false;"
  >Privacy settings</a
>

What the CMP does for you
Regions at a glance
Receipts & exports
Data retention & DPIA (starter)
Snippets