# Vendor cookie disclosure

A vendor cookie disclosure is a privacy practice where a website discloses cookies that can be set on an end-user's device that is attributable to a third-party vendor whose technologies are embedded on the site. In this article, we will cover the following:

* [Legal requirements for vendor cookie disclosure](#legal-requirements-for-vendor-cookie-disclosure)
* [IAB vendor cookie disclosures](#iab-vendor-cookie-disclosures)
* [Manually add cookie disclosure to vendor](#manually-add-cookie-disclosure-to-vendor)

***

### Legal requirements for vendor cookie disclosure

{% hint style="warning" %}
**Note**: The following is not to be considered legal advice and organizations should refer to their DPO and legal counsel regarding applicability of and compliance to regulations.
{% endhint %}

While there is no universal requirement for vendor cookie disclosures, data privacy regulations like General Data Protection Regulation (GDPR) in combination with the ePrivacy Directive generates strong pressure that organization's disclose not only cookies they may set but disclose cookies set by their vendors as well.

However, even within the contexts of data privacy regulations like GDPR there is no set requirements on where vendor cookie disclosures should be surfaced to end-users. Didomi observes some clients including cookies disclosures in their privacy policy while others rely on the consent notice.

### IAB vendor cookie disclosures

When a vendor registers with the IAB TCF Global Vendor List (GVL) the vendor may make cookie disclosures. If an IAB vendor is added to a GDPR consent notice, Didomi will automatically add any cookie disclosures the vendor may have made as part of its IAB TCF GVL registration to the vendor layer of the GDPR consent notice.

{% hint style="info" %}
The vendor cookie disclosures will be added to a GDPR consent notice for any IAB vendor regardless of whether the consent integrates with the IAB TCF or not.
{% endhint %}

Cookies disclosures as part of IAB TCF GVL registrations are not available for IAB vendors via the Data Manager but your organization can view the cookie disclosures using the consent notice preview feature.

Click **Consent notices** on the left-hand panel and select your consent notice from the subsequent page.

<figure><img src="/files/PNfMpSShPxaYOVQp2txV" alt="" width="563"><figcaption></figcaption></figure>

Click the **Preview** icon.

<figure><img src="/files/wofmEQXkSiNlsrGXpWGE" alt="" width="563"><figcaption></figcaption></figure>

Navigate to the vendor layer of your GDPR consent notice and click the **+** icon inline with an IAB vendor. Next, expand **Device storage** to view cookie disclosures for the IAB vendor.&#x20;

<figure><img src="/files/nO4TAValCLIXuftAeOz6" alt="" width="375"><figcaption></figcaption></figure>

### Manually add cookie disclosure to vendor&#x20;

{% hint style="success" %}
**Access Type**: Data Manager - Editor
{% endhint %}

If your organization chooses to surface vendor cookie disclosure via the Didomi consent notice, you can manually add cookie disclosures on a per vendor basis from the Data Manager for any type of vendor (including additional cookie disclosures for IAB vendors).&#x20;

Click **Data Manager** in the left-hand panel and select the **Vendors** tab on the subsequent page.&#x20;

<figure><img src="/files/6QE5kYJyyRCJ2hrYBOl2" alt="" width="563"><figcaption></figcaption></figure>

Navigate to a vendor on the subsequent list and click **Edit** inline with the vendor name.&#x20;

<figure><img src="/files/yHGlHjUkX0h2Hobzsgms" alt="" width="563"><figcaption></figcaption></figure>

Expand the **Storage** accordion and provide details for each storage item droppped/used by the custom vendor by clicking **+ Add a new storage**.

<figure><img src="/files/N98kWxYCKl91ESWi0QS7" alt="" width="375"><figcaption></figcaption></figure>

From the modal, use the **Type of storage** dropdown menu to select a storage type and fill in the appropriate details in the subsequent fields.&#x20;

<figure><img src="/files/QBES8H9rPEWyEb4bGAfz" alt="" width="364"><figcaption></figcaption></figure>

Click **Add** when finished.&#x20;

Repeat as necessary for other storage methods used by the custom vendor. Any added storage methods will be listed in the accordion and can be edited or deleted by clicking the appropriate icon inline with the storage method .

<figure><img src="/files/d5lRRKLNVdR9Eaukl9Vg" alt="" width="375"><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.didomi.io/data-manager/vendors/vendor-cookie-disclosure.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.