Follow these steps to get started using Tag Control
- Add the Omni-Tag to your website
- Create a site
- Create a whitelist
- Deploy Tag Control
Add the Omni-Tag to your website
Start by adding the JavaScript Omni-Tag to your website.
<script src="https://c.evidon.com/dg/dg.js" companyId="company id"></script>
Your CompanyId
For the Omni-Tag to run properly, you will need to update the snippet with the correct value for the companyId. If you are unsure of the value, your Customer Success Manager can supply it.
Using the companyId, the tag will fetch a configuration file (config.json) that is unique to your company. This configuration file manages metering, number of data requests, scan interval, whitelist, and Tag Control’s mode.
Where to Place the Omni-Tag
We recommend placing the Omni-Tag in the <head> tag of your website, before anything else. This is the best way to ensure it will effectively block all tags and piggy-backing.
For Real-Time Scanning stand alone, add the tag to every page of every website you would like scanned. Once the Omni-Tag is in place, scanning will commence in real-time using real user metrics. This information is aggregated daily and used to update your consent notices in the Universal Consent Platform nightly.
Creating, Editing, and Deleting a Site
Adding a Site
You can add a new site or edit an existing site from the main Manage Sites page. To add a new site, click the Add Site button on the top right of the screen and add your website name, site URL, and description. Click Save ;when complete.
Editing a Site
To edit an existing site, click on the site name and then toggle open the Site Details tab. From this tab you can update the site's name, URL, and description.
*TIP - Add a prefix to site names to help keep your list of sites organized. Prefixes could include language abbreviation, country abbreviation, product line abbreviation, etc.
Deleting a Site
To delete an existing site, click on the site name and toggle to the Site Details tab. At the bottom of the tab, you have the option to delete a site from Tag Control. Proceed with caution. This action cannot be undone.
Build a Site Whitelist
You will need to configure a whitelist for every site, which is a policy that controls which vendors are allowed to fire on that website. Any vendors not on the whitelist will be blocked from firing. As new acceptable vendors are observed over time, they will need to be added to the whitelist if you would like them to be fired.
Observed Vendors
All webpages with the Omni-tag are scanned repeatedly during a predetermined interval, set to 30 seconds by default. This scan happens on the individual user level, with the intention of collecting all the tag resource URIs that have made an external request. Typically, this will include stylesheets, images, and scripts.
As each tag resource URI is identified, it will be added to your Vendors Observed From Scans list. All items in this list are blocked from firing by default when Tag Control is enabled.
You can view additional details about a vendor resource by clicking on the vendor name. This will give you access to the vendor profile from our vendor database along with other vendor details, allowing you to learn more about the vendor and their privacy practices.
Approved Vendor Whitelist
The Approved Vendor Whitelist is the list of vendor resources that you have selected to be allowed to fire on your site.
To approve one or more vendors to add them to the site’s whitelist, select the checkboxes next to the vendor name and click the Add To Policy button on top of the table.
To remove vendors from the Approved Vendor Whitelist, select the checkboxes next to the vendor and click Unapprove. This will move the resources back to the Vendors Observed From Scan list.
Essential Resources
Essential resources are a subset of vendors on the Whitelist identified with a star. Any resources that are required for site functionality should be marked as essential. Toggle the star on or off to change the essential status.
For Prior Consent, essential resources are allowed to fire immediately when a visitor comes to your website. The remaining tags will be allowed to fire only once your website visitor has provided consent.
Why is the Vendor Name Missing?
Our scanner collects all the tag resource URI’s that have made an external request. This may include tags that are not registered in our vendor database.
If our database is missing a required vendor, you can submit a request for it to be added here: https://www.evidon.com/contact-us/submit-a-tracker.
Deploying Tag Control
When your whitelist is complete, click Save and Generate Policy in the top right corner of the page. This will create your content security policy (CSP) and push it to the website. When you make changes in the future, you will need to regenerate your policy again to publish the changes.
The final step is to turn on policy enforcement. When enforcement is enabled, if the whitelist is not set correctly, it may impact your site functionality. To reduce risk, we restrict access to the feature so we can walk through the process with you.
To turn on enforcement, submit a support ticket and request that your site be enabled for one of the following:
Observing: The Omni-Tag is actively observing and recording vendors but nothing is being blocked.
Tag Control Only: The Omni-Tag is observing and adding new vendors to the site’s Observed list as well as enforcing the site’s Whitelist. Only vendors on the site’s Whitelist will be fired.
Tag Policy Enforcement: Policy enforcement will follow the regulation settings defined in the Universal Consent Platform based on geographic area. For a region following Prior Consent rules (i.e. GDPR), Tag Control will only fire Essential vendors until consent is received. Once consent is received, Tag Control will allow other whitelisted vendors. For a region following Opt-Out consent (i.e. CCPA), all whitelisted vendors are allowed to fire until consent is withdrawn.
If you select Tag Policy Enforcement, you will also need to select a default policy, Opt-Out or Prior Consent. The default will be used if a location is not detected