Consent Management Platform – FAQ

What is GDPR?

GDPR (General Data Protection Regulation) is a European regulation to provide EU citizens and residents with greater control of their personal data and to streamline the rules for international businesses working in Europe.

When does GDPR take effect and who has to comply with GDPR?

GDPR went into effect on May 25, 2018. GDPR affects all companies based in the EU as well as companies anywhere in the world that handle data related to EU residents.

What is “Personal Data” as it relates to GDPR?

Under GDPR personal data refers to any information that can directly or indirectly identify an individual. Personal information ShareThis collects includes cookies and IP addresses. We do not collect emails, addresses, phone numbers, or national ID numbers which is also considered personal information.  

What is a Data Protection Officer (DPO)?

A DPO is required for companies that handle large-scale processing of data. The DPO’s role is to monitor the company’s compliance under GDPR and to communicate with the data protection authorities. ShareThis is working with a DPO.

What is a CMP?

A consent management platform (CMP) is a tool that collects and stores consented data as well as communicates the consent status of users and their cookies to other vendors within the CMP’s framework. It is customizable by the publisher and editable by the consumer.

How do I work with the IAB Framework?

The IAB Framework, put together by IAB Europe, is one consent mechanism solution for publishers to gain consent on data collection. ShareThis is working within the IAB Framework, which at this point is the industry standard and have built our own CMP, the ShareThis Consent Management Platform, under their recommended guidelines. We are a member of the Global Vendor List which allows us to see the cookie consent status of other companies working under the IAB Framework.

ShareThis is a member of the IAB, NAI, and DAA in the North American markets and EDAA in Europe.

How do you manage requests from individuals regarding their data?

For consumers who wish not to have their data processed, or to request withdrawal of consent or deletion of data, our existing opt-out procedure can be found on our privacy page or emailed to privacy@sharethis.com.

How long can you keep personal data?

We believe Usage Data is relevant for up to 13 months so we retain that data for up to 14 months from the date of collection.  Our cookies expire 13 months after they are last updated.

What do I need to do to comply with GDPR?

Please review the ShareThis Terms of Use for what ShareThis expects of our publishers in order to be GDPR compliant and to continue using ShareThis tools. Included in our Terms of Use:

  • ShareThis expects that by maintaining our publisher tools on your website, you agree to these terms of service and will collect, process, and pass personal data on the basis of this consent.
  • To receive consented data, we expect our publishers to have a GDPR compliant consent mechanism of choice on their website.
  • ShareThis expects our publishers to collect, process, and transfer EU/EEA User Personal Data to ShareThis once they have solicited and obtained informed consent from each individual user.

Adding the ShareThis Consent Management Platform to your site is a simple process similar to installing other ShareThis publisher tools. Navigate to our Consent Management Platform download page, register or login to your existing ShareThis account, copy your unique installation code, then paste that code into the <head> tag of your website. You can then configure appearance, language, and other options in your ShareThis platform dashboard.

Yes, though you could exclude specific pages by not including the code in the header on any pages where you did not want the tool to appear.

No, once a user makes their choice, their preferences are saved and they will not see the consent tool again. If they delete cookies, browse in private mode, or use a different browser, they will see the consent tool again.

If I choose to show the tool to people only in the EU, how can I check to make sure it’s working?

There are many free and paid VPN services that you can use to check the appearance of your site in other geographic regions. ShareThis has used https://www.personalvpn.com/.

The “Consent Scope” option will allow you to establish either one of two modes:
  1. Global: in which Publisher Consent will be a first party cookie and Vendor Consent will be a third party cookie.
  2. Service: in which both Publisher and Vendor Consent will be a first party cookie.

Yes

When I click the SHOW PURPOSES and then SHOW FULL LIST buttons, a vendor list appears. Where is this list coming from? 

Those are all the vendors participating in the IAB Framework and we have included all of these vendors in our consent management tool. You can customize the list of vendors by setting up a pubvendors.json file. An upcoming release will allow you to manage the vendor list in your dashboard.

What will happen to the data the users provide?

The user’s consent choice is transmitted to the Framework maintained by the IAB Europe. Registered vendors will then have access to these user choices to understand if they have opted in or out. You can read more about the IAB Framework here: iabeurope.eu/transparency-consent-framework/

Yes, we have created a WordPress plugin for our Consent Management Platform which you can access by clicking here.

In order to be GDPR compliant with ShareThis, ShareThis expects a publisher to use a consumer management platform of their choosing, which can include the ShareThis GDPR Compliance Tool.  Our publishers must collect, process, and transfer EU/EEA User Personal Data to ShareThis only after it has been solicited with obtained informed consent from each individual user.  For general GDPR compliance, please seek legal counsel to understand how the law affects your publisher business in full.

How can I modify/resurface the CMP box so I can change my choices?

You are able to modify/resurface the CMP box by doing the following:

1. Right-click within the page and click on Inspect.
2. Once the Inspect options come up, navigate to
Console.
3. Within the console, copy the following and then press enter:

__cmp("displayConsentUi", null, !0)

4. The CMP box should now appear and you will be able to modify your choices.