We used our framework to create an inventory of all cookies across the various technologies and then applied data governance to implement geolocation-based cookie banners to capture user consent. Our framework categorizes cookies so that their behavior can easily be modified for future requirements.
Our team implemented a unified framework in four steps.
Step One. We ran then analyzed OneTrust’s website cookie scan report and detected discrepancies. We then manually scanned the pages to gather the missing cookies.
Step Two. We analyzed the existing cookie functionality and OneTrust’s categories (Strictly Necessary, Functional, Performance and Marketing) and went through a process of recategorizing some cookies with guidance from the customer’s legal team. In parallel, we verified and fixed the impact of any recategorization of cookies on the site’s functionality. Also, we placed the unknown cookies (discovered in the earlier step) in appropriate categories.
Step Three. We created a new rule in Adobe Launch to integrate the OneTrust’s tool with Salesforce Commerce Cloud. This was necessary to track user interactions on the website through OneTrust Reports and Adobe Analytics. This enforced a fully serviceable OneTrust console with a dashboard, updated geolocation rules, templates, and banners.
Adobe Launch rules and server-side scripts were also updated for each cookie category to permit or block the creation of cookies based on the user’s consent request.
Step Four. We created two geolocation-based cookie banners—an opt-out banner for California residents letting them pick their cookie preferences for specific categories, and an opt-in banner for the rest of the world. These cookie banners appear when a user visits the website the first time, to notify them about the website's personal information tracking practice.