SAP Customer Data Cloud Positions

Consent Vault

Skip to end of metadata
Go to start of metadata


The Consent Vault contains a log of interactions between your sites and site users regarding their consent to the processing of their personal data. Data is stored in the Consent Vault for 7 years. 

You can use the Consent Vault to easily view and search the history of all Consent objects on your site. In the Consent Vault you can see the status of users' consent, to include: when the consent was last updated, and the date the update was enacted. The vault captures user actions related to consent of the following types of documents and interactions: 

  • Terms of service
  • Privacy policy
  • Other consent statements
  • Communication preferences

    If a subscription requires double opt-in, the communication consent will be saved in the vault only after the user opts in.

While Gigya offers a full suite of solutions designed to help clients comply with applicable data privacy laws, it is the clients' responsibility to comply with its obligations under such data privacy laws. Please consult with your legal team regarding such data privacy laws prior to implementation of the Gigya suite of solutions.

Using the Consent Vault

Navigate to the Admin tab of your Gigya Console and then select Consent Vault in the left-hand navigation menu.

If you have a site group, the Consent Vault can only be opened on the parent site, and will show audited consent records of all sites in the group.


When you first arrive at the Consent Vault page, you will have a list of all the most recent Consent actions that were performed (20 per page), and be able to see at a glance if consent was granted, renewed, or withdrawn.

Using Filters

You can narrow the results available in your view by using Filters.

Filters allow you to search all consents by Type (Terms of Service, Privacy Policy, Communication Consent, and/or Other Statement) and their Action status (Granted, Renewed, Withdrew or Deleted). You can narrow your search even more by using a custom WHERE clause within the corresponding field.

First you can adjust the results based upon Date Range:

  • Last 7 (seven) Days
  • Last 30 (thirty) Days
  • Last 60 (sixty) Days
  • Last 90 (ninety) Days
  • Custom

The available Consent filters are:

  • Consent Type
    • Terms of Service
    • Privacy Policy
    • Communication Consent
    • Other Statement
  • Action Performed
    • Granted 
    • Renewed 
    • Withdrew
    • Deleted - the user was deleted, and as a result their consent is withdrawn. Note that a separate record is saved for that automatic withdrawal, with the action listed as "Right to be forgotten". 
    • Not Granted - the user did not grant initial consent to the consent statement, the first time it was presented.
  • Custom Where Clause (below)


Custom Where Clause

If you want more fine-grained results you can utilize the Custom Where Clause search. This functions like our Audit Log and allows you to query the available records using any combination of the following properties in a SQL-like format:

  • event
  • uid
  • apiKey
  • path
  • action
  • docVersion/docDate
  • tags
  • callID

An example clause would be similar to:

action = "Withdrew" AND docVersion = 2.4
  • Queries are case-sensitive
  • docVersion is a float and should not be inside quotes.

Viewing Records

Once you have found the pertinent records, you can expand them by clicking on the link of the ID column to see specific data regarding the consent.

Record Fields

Field NameDescription
Timestamp (UTC)The date and time at which this consent interaction was recorded in the system.
VersionThe consent statement version that was active at the time the action was performed.
User/ApplicationIf the update was made via a User or Application key it will be listed here.
Source IPThe IP address that the API call originated from; this may be the client-browser or the server that made the API call.
Additional DetailsAny tags that you set for this consent for this user.
EntitlementsIf the user has granted consent to any entitlements during this consent interaction, a list of those entitlements.
PurposeThe publicly visible purpose defined for this consent statement that the user agreed to.
ActionThe action that was performed.
Performed ByHow the update was made, if a Console User, Client (via Gigya WebSDK), or Application.
SDKIf the update was made via a REST request or a client-side JavaScript SDK.
Country by IPThe country the IP address that made the request resides.
LanguageThe language of the Consent Template that the user consented to.
Login IDsThe Login ID(s) of the user whom consented to the agreement.
User Action TimestampThe date and time at which the user performed the consent action this record relates to.
View Legal StatementA link to the Consent Statement that the user consented to, as defined in the Consent Template.


Examples of Different Update Types


Unable to render {include} The included page could not be found.


Additional Information

When using an Optional consent, which can be true or false, when a user views your screen-set, if the checkbox state is not changed by the user from what it was when they first arrived, there will be no record of the user ignoring the checkbox stored in the consent vault. The consent vault only records user actions of either granting of a previously un-granted consent or withdrawing from a previously granted one.


Consent Management

Preferences Object REST

accounts.register REST

accounts.setSchema REST

accounts.setAccountInfo REST





  • No labels