OneTrust is a platform used to operationalize privacy, security & governance. Customers use OneTrust to build integrated programs that comply with the CCPA, GDPR, LGPD, PDPA, ISO27001, and hundreds of the world’s privacy and security laws.
This guide walks you through how to set up an integration with OneTrust CMP.
Please note that Kameleoon is also IAB TCF compliant
Integration with OneTrust CMP
Kameleoon provides custom integration with OneTrust CMP. Kameleoon automatically reads the consent policy within OneTrust platform for both our experimentation and personalization modules.
Enable OneTrust integration on Kameleoon
First of all, you will need to add Kameleoon in OneTrust’s CMP.
Configure OneTrust in Kameleoon
Warning: Please note that, as usual, the Kameleoon snippet needs to be triggered independently of OneTrust and added directly to the source code of the page, to prevent flickering in your experiments and personalizations.
On your Kameleoon account, click on Administrate in the left-hand menu, then on Projects.
On the card for your project, click on Configuration: you’ll now access the configuration of your project on Kameleoon.
Unfold the General section.
Global custom script
The Global custom script insert will enable you to link Kameleoon to OneTrust. Any JavaScript code you add in this insert will be executed every time the page is loaded. This feature is usually used to add complex tracking code or integration to other solutions.
To activate the bridge between Kameleoon and OneTrust, please copy and paste the code below into the Global script section.
Kameleoon.API.Core.runWhenConditionTrue( () => window.OneTrust && window.OneTrust.OnConsentChanged && window.OnetrustActiveGroups, () => { Kameleoon.API.Visitor.personalizationLegalConsent || -1 === window.OnetrustActiveGroups.indexOf("C0003") || (console.log("[KAMELEOON ENABLE CONSENT] basic state"), Kameleoon.API.Core.enableLegalConsent("BOTH")), window.OneTrust.OnConsentChanged(({ detail: e }) => { e && (e.includes("C0003") ? (console.log("[KAMELEOON ENABLE CONSENT] consent changed"), Kameleoon.API.Core.enableLegalConsent("BOTH")) : (console.log("[KAMELEOON DISABLE CONSENT] consent changed"), Kameleoon.API.Core.disableLegalConsent("BOTH"))); }); } );
You will need to slightly update the code below depending on the category where Kameleoon has been added in Onetrust. For example, you may have a group called ‘Performance Cookies’, which has a category id of C0002.
Thanks to this code, any time a visitor activates or disables Kameleoon’s consent from the OneTrust pop-in, Kameleoon will be automatically notified and will activate or disable the Experiment or Personalization module (depending on whether the consent is granted or not).
You can click on Validate to apply the changes to your configuration.
Consent policy
The last step is to set up the consent management policy on your project to Consent required for both Experiment and Personalization. Please read this documentation to find out more.
To do this, unfold the Experiment and/or Personalization section of your configuration and select the Consent required option in the dropdown.
You can click on Validate to apply the changes.
It’s done. Kameleoon will now collect and store data based on the consent provided by the users from OneTrust CMP.