Transparency and Consent Framework (TCF)¶

IVW, as downstream data processors of INFOnline GmbH, also called downstream vendors, have no access to the Consent Decision of a user in the TCF 2.0 Framework.

This results in the necessity for INFOnline GmbH to query the user's Consent Decision from the TCF 2.0 Framework in the measuring script via the TCF 2.0 API and to transmit it to the measuring system.

For this purpose, the IOLib interprets the consent information persisted in the memory provided for this purpose in accordance with the IAB TCF2.0 specification and transfers it into INFOnline's own consent string notation within the scope of automatic processing.

In the event that an own framework is used or no automatic determination of the TCF 2.0 Consent takes place for other reasons, the Publisher can transmit a Consent String via the use of manual processing.

The technical details for the integration of manual processing are listed under 2.0 Manual Processing.

IAB-Vendoren¶

The following IAB Vendors are included in the current INFOnline Measurement:

Details of the vendors used:¶

Vendor 730 "INFOnline"

Purpose 1 (activated from 24.11.2021, consent required) (store or retrieve information on a device).
Purpose 8 (enabled, flexible) (measure content performance)

Short information on TCF 2.0¶

The European General Data Protection Regulation (GDPR) defines almost all profile data collected via cookies or mobile ad identifiers as personal data. Anyone who collects visitor data on their web page must inform the user about its use. Especially with modern advertising mechanisms such as RTB/RTA (Real Time Bidding/Advertising), a highly complex chain of different service providers is created that are involved in the processing and enrichment of user data. It must be known at every point and at every time which tracking and targeting processes of a user are permitted - and which must be refrained from. The industry association IAB Europe has developed the "Transparency and Consent Framework" to ensure technical security. The amended version 2.0 was published in September 2019. It was rolled out on 15 August 2020.

In addition to the user, the TCF defines three other categories of actors: vendors, publishers and consent management platforms (CMPs).

• Vendors are all service providers in the delivery chain who want to process data. They include, for example, website tracking systems, ad servers and adverification providers, demand and sell side platforms (DSPs and SSPs) and data management platforms (DMPs). Vendors must be registered with the TCF and declare the purposes for which they want to process data. With this information, they can be viewed via the so-called Global Vendor List (GVL).

• Publishers provide content and are in direct contact with consumers.

• Consent management platforms (CMPs) are specialised service providers that operate the privacy centres and consent screens on the web pages for publishers and advertisers and give the user the opportunity to consent or object. Within the framework of the TCF, they are responsible for providing the user's consent status to the delivery chain.

For the communication between the different parties, the so-called signalling, the TCF defines a standardised nomenclature. For each vendor integrated by a publisher or advertiser on the pages, it is transmitted for the individual processing purposes whether the data processing is permitted and whether the user has made an explicit Opt-out.

In version 2.0, the TCF distinguishes between ten different purposes (Purposes) for the processing of tracking data. These are supplemented by a total of seven additional processing options and purposes that regulate special use cases and their legal basis.

_{Table 1: Overview of Purposes}

_{Table 2: Overview of Special Features}