search
Developer DocumentationBlogCustomer Portal

CMP glossary

In this article, we provide an overview of common terminology and phrases that your organization may encounter while configuring your Didomi Consent Management Platform (CMP).

circle-info

Utilize your browser's Find feature (Ctrl + F or ⌘ + F) and search a specific term.

Terminology
Description

Anonymized personal data

Personal data that has been anonymized to the extent that it cannot lead to the identification of a specific person anymore. It must be irrevocable. In this specific case, the data is not subject to regulations like GDPR anymore.

Consent notice

Visual component (banner or widget) deployed on website or app to request and manage cookie consent.

Controller representative

Also known as a "local representative," it is an entity residing in the EU who has been designated to represent a non-EU entity subject to GDPR. They do not take any decision upon the personal data use and processing.

Cookies

A text file dropped onto your computer by a server (for instance the one hosting your website). Cookies allow websites to keep user data. See: Technical cookies/ Essential cookies and Third-party cookies

Data controller

Defines the purposes and means "why" and "how" of personal data processing and bears primary GDPR responsibility.

Personal data

Any piece of information that enables one to identify a person, alone or when combined with other information (e.g. phone number, client number, card number, etc.). Click here for more information

See: Pseudonymized personal data and Anonymized personal data

Processor

An entity that acts on the data controller’s instructions to process data, such as storing or organizing it.

Pseudonymized personal data

Personal data that has been obfuscated so that it can't be attributed to a specific person without searching for additional information. This data is still subject to regulations like GDPR but they are considered as better protected.

Purpose(s)

Describes the reason your organization or its vendors is collecting the end-user's data and how your organization processes that data. Click here for more information.

Receiver

Any entity who receives or obtains access to personal data, whether it is a third-party or not.

There is an exception when some public authorities, as part of an investigation, receive data (e.g. customs, tax authority, etc...). In these cases, they are not considered receivers.

Regulation

Refers to a privacy law that has been passed in a state, country, or region. Generally, regulation laws apply to any public or private entity, whatever their size and line of business. Some examples include the General Data Protection Regulation (GDPR) in the EU and the California Privacy Rights Act (CPRA) in California, USA.

Tags

A code snippet which is executed on your website by a third party. Most tags are meant to send information from your website to a third-party in order for the third party to drop cookies and process data (e.g. audience measurement, retargeting, etc...).

Technical cookies / Essential cookies

Cookies that are necessary for the proper functioning of your website. For instance, they are required to save a shopping cart, remember a website language, memorize the connection credentials, memorize the preferences for privacy, etc... It can also be statistics and audience measurements to determine the number of visitors on your website, to know which sections are visited, etc...

Third-party

Any natural or legal person, public authority, agency, or body—excluding the data subject, controller, or processor—that receives personal data.

Third-party cookies

Cookies that are dropped by your organization's vendors. The site administrator does not have any authority over these cookies since they are managed by other companies. The only person who can read or modify the cookies' information is the organization that issues them.

User right

Corresponds to the rights granted to data subjects who live in a state or country that has passed a data privacy law. Subjects or end-users must typically take some action, such as submitting a privacy request, to exercise their data rights. Most data privacy regulations provide certain user rights to consumers such as:

  • The right of access - find out what personal data a company holds on them and to receive a copy of the data held.

  • The right of deletion - erase the personal information that a company has collected from them.

  • The right to opt-out - withdraw their consent to the processing of their personal information (e.g., a request to “do not sell” my personal data).

Vendor(s)

A third party (e.g. subcontractor or partner) who collects end-user data on your website or application through tags and cookies. Click here for more information.

Last updated