Processing personal data is generally prohibited, unless it is expressly allowed by law, or the data subject has consented to the processing: this is legal consent.
Kameleoon provides flexible options to define the level of consent management required by your website, in compliance with the latest privacy legislation updates (GDPR, CCPA).
How to choose your consent management policy
For Experiment
- You should have either the “CONSENT NOT REQUIRED/INFORMATIONAL BANNER” or “CONSENT REQUIRED” option enabled.
- If you run experiments using custom data that collects behavior data, you should use the “CONSENT REQUIRED” option.
The level of consent required depends on the applicable legislation.
For Personalization
You should always have the ”CONSENT REQUIRED” option enabled.
However, these choices depend on your use of Kameleoon. Your Customer Success Manager is there to help you choose the policy that best suits your website.
How to define your consent management policy
The consent management policy settings are accessible in the “Administrate” > “Sites” menu of the Kameleoon App.

You can set up the fields relating to consent management in each of the two blocks (“Experiment” and “Personalization”). It can be defined differently for Experiment and Personalization.

3 dropdowns will allow you to define:
- The consent management policy;
- The behavior of Kameleoon when consent is unknown;
- The behavior of Kameleoon on opt-out.
Consent policy
Whether consent is required or not

You can choose between 2 options.
Consent not required/Informational banner
Select this option if:
- you are not subject to the GDPR;
- or if you only run simple A/B tests that don’t use any personalized data, geolocation data or IP addresses.
If you select this option, all experiments will be run and data will be collected without consent.
We recommend displaying an information banner to let the visitor know you are running experiments on your page. You must implement it directly on your website (and not via Kameleoon).
Consent required
Select this option if you are running complex experiments that use personalized data, geolocation data or IP addresses.
If you select this option, you are required to display a consent banner through which the visitor can give their consent before Kameleoon is launched. Please implement it directly on your website (and not via Kameleoon). Next you must make a call to the Kameleoon API to send through the visitor’s consent.
Behavior when consent is unknown
Kameleoon’s behavior when consent has not yet been granted

You can choose between 3 options.
Completely block Kameleoon
Kameleoon will not run at all, and no data will be collected or sent to an analytics platform until consent has been given.
Partially block Kameleoon
Kameleoon will only run the experiments you tagged “Technical”, no data will be collected or sent to an analytics platform until consent has been given.
How to tag a campaign as “Technical”?
If the second option is selected, the tag “Technical” must be added to each experiment you would like to run. There are several possibilities for this:
When creating an experiment or a personalization, associate the “Technical” tag with it.

In the case of an already created experiment, on the Experiments dashboard, on its line click on the three-point menu, then on “Manage tags”. In the field that opens on the right, write “Technical”.

If you use the Graphic editor, click on the burger menu at the top left, then “Test currently being edited” then “Tags and descriptions”. Enter “Technical”.
If you use the Code editor, go to the “Experiment” tab and then “Tags and descriptions”. Enter “Technical”.

If the Personalization has already been created, go to its card in the Personalization dashboard and click on the pencil icon to edit it. On the personalization configuration form, click on “Create a tag” and enter “Technical”.

Do not block Kameleoon (don’t write / send anything)
Experiments will be run but no data will be collected without consent.
Behavior on opt-out
Kameleoon’s behavior when the visitor refuses consent

You can choose between 2 options.
Partially block Kameleoon
The visitor sees only one variation of the campaigns tagged as “Technical” (to comply with the law, these experiments must only be used for the smooth running of your website) ; no data is collected.
Completely block Kameleoon
In this case, no campaign is run and no data is collected by Kameleoon.