Page created: 4 Feb 2020 |
Page updated: 22 Jul 2020
The following example illustrates both consent capture and consent enforcement. This example follows a user's journey on a website during which the company must gather consent to track the user's browsing behavior:
- A user launches the company's application and authenticates. The application wants to record the page visit, but first it must check if the user has granted consent to do so.
- The application makes a call to the Consent API to determine if the browsing-behavior consent record exists for this user, and whether consent been granted.
- The API returns a result indicating that no consent record exists. The application must prompt the user for his or her consent. The application calls the Consent API to retrieve the localization for the browsing-behavior consent, which includes the language that the application uses to produce a prompt for the user.
- After the user makes a decision, the application stores the user's decision by creating a new consent record. This is through a call to the Consent API.
- Later, the user visits another page in the company's site. The application wants to record the page visit, and again checks whether the user has granted consent to do so.
- The application makes a call to the Consent API to get the browsing-behavior consent record for this user.
- If the user's consent record agrees to have the company track his or her browsing behavior, the application can then make the appropriate calls to track browsing behavior. This is consent enforcement.