The Consent Vault contains a log of interactions between your sites and site users regarding their consent to the processing of their personal data. Data is stored in the Consent Vault for 7 years.
You can use the Consent Vault to easily view and search the history of all Consent objects on your site. In the Consent Vault you can see the status of users' consent, to include: when the consent was last updated, and the date the update was enacted. The vault captures user actions related to consent of the following types of documents and interactions:
- Terms of service
- Other consent statements
If a subscription requires double opt-in, the communication consent will be saved in the vault only after the user opts in.
While Gigya offers a full suite of solutions designed to help clients comply with applicable data privacy laws, it is the clients' responsibility to comply with its obligations under such data privacy laws. Please consult with your legal team regarding such data privacy laws prior to implementation of the Gigya suite of solutions.
Using the Consent Vault
Navigate to the Admin tab of your Gigya Console and then select Consent Vault in the left-hand navigation menu.
If you have a site group, the Consent Vault can only be opened on the parent site, and will show audited consent records of all sites in the group.
When you first arrive at the Consent Vault page, you will have a list of all the most recent Consent actions that were performed (20 per page), and be able to see at a glance if consent was granted, renewed, or withdrawn.
You can narrow the results available in your view by using Filters.
First you can adjust the results based upon Date Range:
- Last 7 (seven) Days
- Last 30 (thirty) Days
- Last 60 (sixty) Days
- Last 90 (ninety) Days
The available Consent filters are:
- Consent Type
- Terms of Service
- Communication Consent
- Other Statement
- Action Performed
- Deleted - the user was deleted, and as a result their consent is withdrawn. Note that a separate record is saved for that automatic withdrawal, with the action listed as "Right to be forgotten".
- Not Granted - the user did not grant initial consent to the consent statement, the first time it was presented.
- Custom Where Clause (below)
Custom Where Clause
If you want more fine-grained results you can utilize the Custom Where Clause search. This functions like our Audit Log and allows you to query the available records using any combination of the following properties in a SQL-like format:
An example clause would be similar to:
Queries are case-sensitive
docVersion is a float and should not be inside quotes.
Once you have found the pertinent records, you can expand them by clicking on the link of the ID column to see specific data regarding the consent.
|Timestamp (UTC)||The date and time at which this consent interaction was recorded in the system.|
|Version||The consent statement version that was active at the time the action was performed.|
|User/Application||If the update was made via a User or Application key it will be listed here.|
|Source IP||The IP address that the API call originated from; this may be the client-browser or the server that made the API call.|
|Additional Details||Any tags that you set for this consent for this user.|
|Entitlements||If the user has granted consent to any entitlements during this consent interaction, a list of those entitlements.|
|Purpose||The publicly visible purpose defined for this consent statement that the user agreed to.|
|Action||The action that was performed.|
|Performed By||How the update was made, if a Console User, Client (via Gigya WebSDK), or Application.|
|Country by IP||The country the IP address that made the request resides.|
|Language||The language of the Consent Template that the user consented to.|
|Login IDs||The Login ID(s) of the user whom consented to the agreement.|
|User Action Timestamp||The date and time at which the user performed the consent action this record relates to.|
|View Legal Statement||A link to the Consent Statement that the user consented to, as defined in the Consent Template.|
Examples of Different Update Types
When using an Optional consent, which can be true or false, when a user views your screen-set, if the checkbox state is not changed by the user from what it was when they first arrived, there will be no record of the user ignoring the checkbox stored in the consent vault. The consent vault only records user actions of either granting of a previously un-granted consent or withdrawing from a previously granted one.