۶Ƶ

DocumentationAdvertisingSupport for Consumer Privacy

۶Ƶ Advertising Support for the California Consumer Privacy Act: Consumer Opt-Out of Sale Support

Last update: Thu May 09 2024 00:00:00 GMT+0000 (Coordinated Universal Time)

CREATED FOR:

  • User
  • Developer

For ۶Ƶ Advertising Demand Side Platform (DSP)

IMPORTANT
The contents of this document are not legal advice and are not meant to substitute for legal advice. Consult with your legal counsel for advice concerning the California Consumer Privacy Act.

The California Consumer Privacy Act (CCPA) is California’s new privacy law, which is effective January 1, 2020. CCPA provides California residents new rights regarding their personal information and imposes data protection responsibilities on certain entities who conduct business in California. CCPA provides consumers with the right to access and delete their data as well as the right to opt out of certain activities that qualify as “selling” personal information to a third party.

As a business, you will determine the personal data that ۶Ƶ Experience Cloud processes and stores on your behalf.

As your service provider, ۶Ƶ Advertising provides support for your business to fulfill its obligations under CCPA that are applicable to the use of ۶Ƶ Advertising products and services, including managing consumer requests to access and delete personal information and managing consumer requests to opt out of the sale of personal information.

This document describes how ۶Ƶ Advertising Demand Side Platform (DSP), as a service provider, supports the consumer right to opt out of the “sale” of “personal information,” as each term is defined by the CCPA. It includes information on how to communicate opt-out-of-sale requests to ۶Ƶ Advertising and how to retrieve reports of your organization’s opt-out-of-sale requests.

For information about how Advertising Search, Social, & Commerce; Advertising Creative; and Advertising DCO support consumers’ personal information access and deletion rights, see ۶Ƶ Advertising Support for the California Consumer Privacy Act: Consumer Data Access and Delete Support.

For more information about the ۶Ƶ Privacy services for CCPA, see the .

Communicating Consumer Opt-Out-of-Sale Requests to ۶Ƶ Advertising

You can communicate consumer opt-out-of-sale requests by using either:

  • a CCPA opt-out-of-sale segment created in Advertising DSP
  • the ۶Ƶ Experience Platform Privacy Service API

Method 1: Communicate CCPA Opt-Out-of-Sale Requests Using a CCPA Opt-Out-of-Sale Segment in Advertising DSP

NOTE
Users remain in CCPA opt-out-of-sale segments indefinitely.
  1. Log in to the advertiser’s account in Advertising DSP at .
  2. Create a CCPA opt-out-of-sale segment, and implement the segment pixel to capture the opt-out requests.

Method 2: Communicate CCPA Opt-Out-of-Sale Requests Using the ۶Ƶ Experience Platform Privacy Service API

Advertisers assigned an ۶Ƶ Experience Cloud organization ID only

  1. Deploy a JavaScript library to retrieve your customer’s cookies. The same library, ۶ƵPrivacy.js, is used for all ۶Ƶ Experience Cloud solutions.

    note important
    IMPORTANT
    Requests to some ۶Ƶ Experience Cloud solutions don’t require the JavaScript library, but requests to ۶Ƶ Advertising require it.

    You should deploy the library on the webpage from which your customers can submit opt-out-of-sale requests, such as your company’s privacy portal. The library helps you retrieve ۶Ƶ cookies (namespace ID: gsurferID) so that you can submit these identities as part of opt-out-of-sale requests via the ۶Ƶ Experience Platform Privacy Service API.

  2. Identify your Experience Cloud organization ID and make sure that it’s linked to your ۶Ƶ Advertising accounts.

    An Experience Cloud organization ID is a 24-character alphanumeric string appended with “@۶ƵOrg.” Most Experience Cloud customers have been assigned an organization ID. If your marketing team or internal ۶Ƶ system administrator doesn’t know your organization ID, or isn’t sure if it’s been provisioned, then contact your ۶Ƶ Account Team. You’ll need the organization ID to submit requests to the Privacy API using the imsOrgID namespace.

    note important
    IMPORTANT
    Contact your company’s ۶Ƶ Advertising representative to confirm that all of your organization’s ۶Ƶ Advertising accounts — including DSP accounts or advertisers, Search, Social, & Commerce accounts, and Creative or DCO accounts — are linked to your Experience Cloud organization ID.

  3. Use the ۶Ƶ Experience Platform Privacy Service API to submit opt-out-of-sale requests to ۶Ƶ Advertising on behalf of consumers, and to check the status of existing requests.

    See the Appendix below for an example of an opt-out-of-sale request.

    note note
    NOTE
    If your business has multiple Experience Cloud organization IDs, then you must send separate API requests for each. You can, however make one API request to multiple ۶Ƶ Advertising sub-solutions (Search, Social, & Commerce, Creative, DSP, and DCO), with one account per sub-solution.

All of these steps are necessary to receive support from ۶Ƶ Advertising. For more information about these and other related tasks you need to perform using the ۶Ƶ Experience Platform Privacy Service, and where to find the necessary items, see /docs/experience-platform/privacy/home.html.

Retrieving Reports of Consumers Who Submitted Opt-Out-of-Sale Requests

۶Ƶ Advertising generates monthly reports of IDs that customers have submitted for opt-out-of-sale requests for the account. Each report is available as a tab-separated text file compressed into GZIP format. The data consolidates requests captured using CCPA opt-out-of-sale segments that were created in Advertising DSP and any submissions made via the Privacy Service API. User IDs captured in CCPA opt-out-of-sale segments are identified by segment and by advertiser. Reports are generated on the first of each month for the previous month. For example, the monthly user list for June is available on July 1.

You can retrieve links to the monthly reports that were created in the previous three months, either from within Advertising DSP or by using the Advertising DSP Trafficking API. Each link is valid for seven days but refreshes each time a customer attempts to retrieve one.

Method 1: Retrieve Consumer Opt-Out-of-Sale Reports Within Advertising DSP

  1. Log in to the advertiser’s account in Advertising DSP at .
  2. Retrieve the reports.

Method 2: Retrieve Consumer Opt-Out-of-Sale Reports Using the Advertising DSP Trafficking API

This feature is available to organizations that use the Trafficking API. See the documentation for the Trafficking API for more information.

If your organization doesn’t use the Trafficking API but is interested in more information, contact your ۶Ƶ Account Team.

Appendix: Example CCPA Opt-Out-of-Sale Request for Privacy Service API Users

curl -X POST \
  https://platform.adobe.io/data/privacy/gdpr/ \
  -H 'Authorization: Bearer {ACCESS_TOKEN}' \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: {API_KEY}' \
  -H 'x-gw-ims-org-id: {IMS_ORG}' \
  -d '{
    "companyContexts": [
      {
        "namespace": "imsOrgID",
        "value": "{IMS_ORG}"
      }
    ],
    "users": [
      {
        "key": "DavidSmith",
        "action": ["opt-out-of-sale"],
        "userIDs": [
          {
            "namespace": "email",
            "value": "dsmith@acme.com",
            "type": "standard"
          },
          {
            "namespace": "adCloud",
            "type": "standard",
            "value":  "Wqersioejr-wdg",
          }
    ],
    "include": ["adCloud"],
    "regulation": "ccpa"
}'

where:

  • "namespace": "adCloud" indicates the adCloud cookie space, and the corresponding value is the customer’s cookie ID as retrieved from ۶ƵPrivacy.js
  • "include": ["adCloud"] indicates that the request applies to ۶Ƶ Advertising
recommendation-more-help
2f08d4e3-9772-481e-b57c-a895b2a58c8c