What the law says
Before writing or reading a cookie, website or app publishers have to:
- inform end users about the purpose of cookies
- collect their consent
- provide end users with a method to opt out of cookies
The consent is valid for a maximum of 13 months.
For more details, read here (published by the French National Commission on Informatics and Liberty (Commission nationale de l'informatique et des libertés - CNIL).
Smart AdServer's implementation
The law requires website operators and solution vendors to inform end users and collect their consent before storing cookies.
Blocking Cookies in Smart AdServer's Publisher solution
The nocookie parameter defines, if Smart AdServer is allowed to store cookies.
The nocookie=1 parameter needs to be passed:
- in the first call on the page; this is the call to the config.js library (in the HTML document's <head>); example: http://www7.smartadserver.com/config.js?nwid=92&nocookie=1
- in the field sas_target in all ad requests of the given page
The nocookie parameter has the following effects:
- nocookie=1: blocks all cookies
- if nocookie=1 is not provided, the default behavior results: permission to store and read cookies is granted; use this after you have collected consent from the end user
For more information see the integration sample below.
Blocking third party cookies
The method described above applies to Smart AdServer cookies only. You cannot directly control or manage cookies stored and read by redirect ad tags (served via Smart AdServer).
At this time, there is no standard defining how publisher ad servers and agency ad servers communicate about the end users' consent.
To control cookie storing, you can simply exclude the insertions concerned until user consent is collected. Proceed as follows:
- edit all the insertion where a redirect ad tag is used (where no creative is hosted at Smart AdServer)
- go to the Targeting tab of each insertion and exclude the key value pair nocookie=1 (enable the checkbox "No")
- as a result, these insertions will not be served to those who reject cookies
Blocking Cookies in Smart AdServer's Agency solution
In a scenario where a Smart AdServer agency ad tag is served through Smart AdServer's publisher solution, add the parameter &tgt=[sas_keywordTargeting] to the redirect's URL.
Here is a Demo Page to test the behavior:
Please use this page as follows:
- first, delete your cookies
- open the page; the ad request includes tgt=nocookie=1 => no cookie is stored
- refresh the page; this time, the ad request does not include tgt=nocookie=1 => cookies are stored
You can communicate the following URL to users who wish to block any Smart AdServer cookies:
Lifetime of Smart AdServer Cookies
All of Smart AdServer's cookies have a maximum lifetime of 13 months.
Any feature which requires cookies will stop working without the end users' consent.
Without cookies, the following features do not work: frequency capping, links, exclusions, visit counting, unique visitor counting, targeting by browser, OS and geography.