Combined Sourcepoint CCPA to Version 2 GDPR Code

Implementation of the on-page code of Sourcepoint's CCPA solution for an account already using version 2 of Sourcepoint's GDPR CMP

Overview

Setting up Sourcepoint’s CCPA solution is a simple process that publisher teams can follow to get up and running quickly. This document is a quick start guide on how to implement a Do Not Sell (my data) experience on your website using Sourcepoint’s Javascript code-snippet along with version 2 of Sourcepoint's GDPR solution. The JS code-snippet needs to be placed on your site, preferably in the head tag before any advertising technology scripts implemented on your site. The goal of the implementation is to render a Do Not Sell (my data) notification required under CCPA and syndicate the user's privacy settings to any relevant third party technology running on your site along with a GDPR message when appropriate. The Sourcepoint script implementation has been optimized for high performance and fast delivery.

Below is the tags and libraries necessary to serve a CCPA "Do Not Sell" message and a GDPR message.

<script type="text/javascript">
//GDPR Stub file
(function () { var e = false; var c = window; var t = document; function r() { if (!c.frames["__cmpLocator"]) { if (t.body) { var a = t.body; var e = t.createElement("iframe"); e.style.cssText = "display:none"; e.name = "__cmpLocator"; a.appendChild(e) } else { setTimeout(r, 5) } } } r(); function p() { var a = arguments; __cmp.a = __cmp.a || []; if (!a.length) { return __cmp.a } else if (a[0] === "ping") { a[2]({ gdprAppliesGlobally: e, cmpLoaded: false }, true) } else { __cmp.a.push([].slice.apply(a)) } } function l(t) { var r = typeof t.data === "string"; try { var a = r ? JSON.parse(t.data) : t.data; if (a.__cmpCall) { var n = a.__cmpCall; c.__cmp(n.command, n.parameter, function (a, e) { var c = { __cmpReturn: { returnValue: a, success: e, callId: n.callId } }; t.source.postMessage(r ? JSON.stringify(c) : c, "*") }) } } catch (a) { } } if (typeof __cmp !== "function") { c.__cmp = p; __cmp.msgHandler = l; c.addEventListener("message", l, false) } })();
</script>
<script type="text/javascript">
//CCPA Stub file
(function () { var e = false; var c = window; var t = document; function r() { if (!c.frames["__uspapiLocator"]) { if (t.body) { var a = t.body; var e = t.createElement("iframe"); e.style.cssText = "display:none"; e.name = "__uspapiLocator"; a.appendChild(e) } else { setTimeout(r, 5) } } } r(); function p() { var a = arguments; __uspapi.a = __uspapi.a || []; if (!a.length) { return __uspapi.a } else if (a[0] === "ping") { a[2]({ gdprAppliesGlobally: e, cmpLoaded: false }, true) } else { __uspapi.a.push([].slice.apply(a)) } } function l(t) { var r = typeof t.data === "string"; try { var a = r ? JSON.parse(t.data) : t.data; if (a.__cmpCall) { var n = a.__cmpCall; c.__uspapi(n.command, n.parameter, function (a, e) { var c = { __cmpReturn: { returnValue: a, success: e, callId: n.callId } }; t.source.postMessage(r ? JSON.stringify(c) : c, "*") }) } } catch (a) { } } if (typeof __uspapi !== "function") { c.__uspapi = p; __uspapi.msgHandler = l; c.addEventListener("message", l, false) } })();
</script>
<script type="text/javascript">
window._sp_ = {
config: {
mmsDomain: "https://message.sp-prod.net",
accountId: ACCOUNT_ID_HERE,
cmpOrigin: "https://sourcepoint.mgr.consensu.org"
}
}
window._sp_ccpa = {
config: {
mmsDomain: "https://message.sp-prod.net",
ccpaOrigin: "https://ccpa-service.sp-prod.net",
accountId: ACCOUNT_ID_HERE,
getDnsMsgMms: true,
alwaysDisplayDns: false,
}
}
</script>
<script src="https://dialogue.sp-prod.net/messagingWithoutDetection.js"></script>
<script src="https://ccpa.sp-prod.net/ccpa.js"></script>

Setting up The Messaging Domain (optional)

Setting up a messaging domain (mmsDomain) is optional. The Dialogue Javascript communicates with the Sourcepoint messaging server on a subdomain of the site. The benefit of doing that is to allow messaging cookies to be “first party” and thus, circumventing Safari’s web browser Intelligent Tracking Prevention (ITP). This creates a discrete messaging channel between the publisher’s messaging subdomain and the Dialogue messaging server. Once you have created the subdomain, you should create a DNS CNAME record to direct traffic to the Sourcepoint messaging endpoint message<account id>.sp-prod.net where the account id refers to your account ID in the Sourcepoint user interface. If you are unsure of what your account ID is, please contact your Sourcepoint account manager

Once you have created the CNAME record, please inform your Sourcepoint Account manager so that they can create an SSL certificate for the subdomain. This will ensure that both secure and non-secure traffic are handled properly.

We also included additional information on how to leverage our key-value pair targeting features and our data callbacks. Key-value pairs are used to create highly targeted messages based on data points from external systems like DMPs and CRM platforms. Our callbacks can be used to set cookie values based on the messages a user have seen and to send data to external systems such as website analytics platforms and/or DMPs.