How To: Configure Consent for "Do Not Sell," "Do Not Share," and Sensitive Personal Information

A technical guide for setting up opt-outs for data sales and data sharing

California's Consumer Privacy Act (CCPA), requires organizations to offer consumers the right to opt out of data processing for sales. CPRA, VCDPA, and CPA require organizations offer consumers the rights to opt out of data sharing or in to sensitive data processing.

This guide acts as the hub for setting up your technical integrations for both CCPA's "Do Not Sell My Personal Information" and the approaching "Do Not Share My Personal Information" legislation of other states. Because every business is different, we have multiple technical guides available, so you can manage pixels in all of your various system - whether it is in Google Tag Manager or directly in your mobile application, we have you covered!

Setup Overview

Any new configuration of Ethyca Consent Platform will require these 5 steps. Please make sure you complete Steps 1 and 2 prior to your Privacy Center launch.

  1. Creating a Data Use Case for Data Sales or Data Sharing
  2. Adding Consent Flags to your Data Use Case
  3. Understanding Ethyca's Global Consent Object & Cookie
  4. Setting up consent in the systems where you manage pixels
  5. Testing Consent for Data Sales

Understanding Ethyca's Global Consent Object & Cookie

The eth_cmp cookie is a representation of Ethyca's internal global consent object. The global consent object retains a categorized view of preferences related to consent a user may have set under regulations like GDPR, CCPA, CPRA, or ePrivacy Directive (the 'cookie consent banners' you see in Europe).

Depending on your configuration of Ethyca's consent system, some or all of these values will be available:

    ethy_fbp: 'consent-value', // Value for Facebook's LDU pixel  
    ethy_fbi: 'consent-value', // Value for Facebook's LDU image  
    ethy_gads: 'consent-value', // Value for Google Ads RDO  
    ethy_ds: 'consent-value', // Value for global non-specific system  
    GROUP0: BOOLEAN, // Essential Cookies  
    GROUP1: BOOLEAN, // Functional Cookies  
    GROUP2: BOOLEAN, // Marketing & Analytics   
    GROUP3: BOOLEAN, // Advertising  
    GROUP4: BOOLEAN, // Do Not Sell  
    GROUP5: BOOLEAN, // Do Not Share
    GROUP6: BOOLEAN // Sensitive Personal Information Processing

These values are available directly from the cookie or if you use Ethyca's emp.js tag they will be injected into the DataLayer of your site as well as an Ethyca defined global object on the window. By default, groups 1-5 are set to true, meaning a user would need to opt out by default. Group 6 is set to false by default, meaning a user would need to opt in.

Technical Guide

More than likely, your business may be triggering pixels like Facebook, Pinterest, Snapchat in multiple place, so we recommend checking with the appropriate internal teams (i.e. marketing, ad agencies, mobile engineers, software developers) prior to implementation. Please visit the relevant support articles below for step-by-step technical guides:


Please contact [email protected] if you have any questions regarding implementation.