Description

The Consent Vault contains a log of interactions between your sites and site users regarding their consent to the processing of their personal data. 

You can use the Consent Vault to easily view and search the history of all Consent objects on your site. In the Consent Vault you can see the status of users' consent, to include: when the consent was last updated, and the date the update was enacted. The vault captures user actions related to consent of the following types of documents and interactions: 

Using the Consent Vault

Navigate to the Admin tab of your Gigya Console and then select Consent Vault in the left-hand navigation menu.

If you have a site group, the Consent Vault can only be opened on the parent site, and will show audited consent records of all sites in the group.

 

 

When you first arrive at the Consent Vault page, you will have a list of all the most recent Consent actions that were performed (20 per page), and be able to see at a glance if consent was granted, renewed, or withdrawn.

 

Using Filters

You can narrow the results available in your view by using Filters.

Filters allow you to search all consents by Type (Terms of Service, Privacy Policy, Communication Consent, and/or Other Statement) and their Action status (Granted, Renewed, Withdrew or Deleted). You can narrow your search even more by using a custom WHERE clause within the corresponding field.

First you can adjust the results based upon Date Range:

The available Consent filters are:

 

If the filter window is collapsed, you can determine if you have an active filter on the visible records by the state of the filter icon.

Custom Where Clause

If you want more fine-grained results you can utilize the Custom Where Clause search. This functions like our Audit Log and allows you to query the available records using any combination of the following properties in a SQL-like format:

An example clause would be similar to:

action = "Withdrew" AND docVersion = 2.4
Notes:
  • Queries are case-sensitive
  • docVersion is a float and should not be inside quotes.


Viewing Records

Once you have found the pertinent records, you can expand them by clicking on the link of the ID column to see specific data regarding the consent.

 

Record Fields

Field NameDescription
Timestamp (UTC)The date and time at which this consent interaction was recorded in the system.
VersionThe consent statement version that was active at the time the action was performed.
User/ApplicationIf the update was made via a User or Application key it will be listed here.
Source IPThe IP address that the API call originated from; this may be the client-browser or the server that made the API call.
Additional DetailsAny tags that you set for this consent for this user.
EntitlementsIf the user has granted consent to any entitlements during this consent interaction, a list of those entitlements.
PurposeThe publicly visible purpose defined for this consent statement that the user agreed to.
ActionThe action that was performed.
Performed ByHow the update was made, if a Console User, Client (via Gigya WebSDK), or Application.
SDKIf the update was made via a REST request or a client-side JavaScript SDK.
Country by IPThe country the IP address that made the request resides.
LanguageThe language of the Consent Template that the user consented to.
Login IDsThe Login ID(s) of the user whom consented to the agreement.
User Action TimestampThe date and time at which the user performed the consent action this record relates to.
View Legal StatementA link to the Consent Statement that the user consented to, as defined in the Consent Template.

 

Examples of Different Update Types

 

Due to non-public information being returned in the auditLogEvent response, the following queries are to be used internally only. The response will be adjusted in the future and then documented publicly.

 

Searching Using APIs

You can use the audit.search API to view consent records for your site. To view all consent for any given API, you can use the following query:

SELECT * FROM auditLogEvent
/* or */
SELECT * FROM auditLogEvent WHERE uid="52897cd5e3964936a174fa9dd0c693df" LIMIT 500

This will give you results similar to the following:

{
  "callId": "f858f16d8fc84334ad0288b42b1ff84a",
  "errorCode": 0,
  "apiVersion": 2,
  "statusCode": 200,
  "statusReason": "OK",
  "time": "2018-03-06T10:31:42.973Z",
  "results": [
    {
      "@message": "",
      "@timestamp": "2017-11-28T12:43:42.881Z",
      "@type": "auditLogEvent",
      "@source_host": "US1A-NOMAD-S05",
      "uid": "52897cd5e3964936a174fa9dd0c693df",
      "pspanID": "3f31a6a32163458c81c9a2f0e1d57e2c",
      "srv": {
        "system": "ConsentService",
        "host": "US1A-NOMAD-S05",
        "systemInstance": "20171115161201Z",
        "version": "0.12.2.242"
      },
      "runtime": {
        "dc": "us1",
        "host": "US1A-NOMAD-S05",
        "env": "prod"
      },
      "apikey": "3_bDkTA-r9fGFgOM_hoNwSa4xpMzi0MKVxDArk4GhKNFqt-SItLaK-_0KzPneywCNL",
      "infr": {
        "version": "0.12.2.242"
      },
      "siteID": "7686811",
      "event": "ConsentChanged",
      "@flume_host": "us1b-h3-flume02",
      "spanID": "37f580ccebb948ef8cfda76df193ffe5",
      "path": "testOptionalConsent_01",
      "action": "Granted",
      "partnerID": "2195101",
      "docVersion": "2.4",
      "callID": "a774c2cccc8248a38aa48b060cc7bb47",
      "@datacenter": "us1"
    }
  ],
  "objectsCount": 1,
  "totalCount": 1,
  "missing": 0,
  "nextCursorId": null
}

 

You can then take the callID from the specific result you want to get additional information for, and again, using the audit.search API with the callID similar to:

SELECT * FROM auditLog WHERE callID="CallID"

which will give you the following response:

{
  "results": [
    {
      "callID": "a774c2cccc8248a38aa48b060cc7bb47",
      "authType": "regToken",
      "@timestamp": "2017-11-28T12:43:42.147Z",
      "errCode": "0",
      "errMessage": "OK",
      "endpoint": "accounts.setAccountInfo",
      "httpReq": {
        "SDK": "js_7.4.30"
      },
      "ip": "185.23.175.142",
      "params": {
        "APIKey": "3_bDkTA-r9fGFgOM_hoNwSa4xpMzi0MKVxDArk4GhKNFqt-SItLaK-_0KzPneywCNL",
        "conflictHandling": "saveProfileAndFail",
        "data": "%7B%22subscribe%22%3Afalse%7D",
        "regToken": "st2.mZ32tFBlB5i6CfPyRH8eun6qKF4.RNOwmJYqSF5DCiVzTOUSxw.EnJRsMT5x28AnGDQReLab5OjY50",
        "sdk": "js_7.4.30",
        "profile": "%7B%22email%22%3A%22levi.st%40gigya-inc.com%22%2C%22birthYear%22%3Anull%2C%22zip%22%3Anull%7D",
        "preferences": "%7B%22terms%22%3A%7B%22november_16_2017%22%3A%7B%22isConsentGranted%22%3Atrue%7D%7D%2C%22testOptionalConsent_01%22%3A%7B%22isConsentGranted%22%3Atrue%7D%7D"
      },
      "uid": "52897cd5e3964936a174fa9dd0c693df",
      "apikey": "3_bDkTA-r9fGFgOM_hoNwSa4xpMzi0MKVxDArk4GhKNFqt-SItLaK-_0KzPneywCNL",
      "userAgent": {
        "raw": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.104 Safari/537.36",
        "os": "UNIX",
        "platform": "desktop",
        "browser": "Chrome",
        "language": "en-US,en;q=0.8,la;q=0.6",
        "version": "59.0"
      }
    }
  ],
  "totalCount": 1,
  "statusCode": 200,
  "errorCode": 0,
  "statusReason": "OK",
  "callId": "62b482bef3244ef6abdb291bb304bb30",
  "time": "2018-03-06T10:35:00.866Z",
  "objectsCount": 1
}

 

Additional Information

When using an Optional consent, which can be true or false, when a user views your screen-set, if the checkbox state is not changed by the user from what it was when they first arrived, there will be no record of the user ignoring the checkbox stored in the consent vault. The consent vault only records user actions of either granting of a previously un-granted consent or withdrawing from a previously granted one.

 

Helpful Links

Consent Management

Preferences Object REST

accounts.register REST

accounts.setSchema REST

accounts.setAccountInfo REST

 

 

The Consent Vault contains a log of interactions between your sites and site users regarding their consent to the processing of their personal data.

<script>
$(document).ready(function() {
    lssdk.tableFixer();
});
</script>