1. Option A: Integrated consent model

Users must be provided with the possibility of accepting cookies and tracking technologies and to just as easily refuse them.

Reject option presented as a reject button on first layer.

The "Reject" option should be:

1. Located in the 1st layer and requiring only 1 click to action.

2. Presented as a button.

3. Equally visible to the accept option (factors to consider here are size, font and location for example).

4. Enabling user to reject with 1 click.

5. Not resulting in limitation to access the site/content if selected (i.e., must not result in redirection to subscription or pay wall).

6. Clear wording used (i.e., “reject all”, “deny all”, “continue without accepting” or an equivalent).

7. No reliance on (other) deceptive design patterns [1].

8. In case scrolling is required to view Utiq consent text, the buttons are always displayed and are placed in a fully visible section of the CMP (i.e. the accept/reject buttons do not disappear with the scrolling down).

FRENCH AND ITALIAN MARKETS ONLY

Reject option presented as a Cross (“X”) enabling the closure of the CMP.

1. Located in 1st layer and requiring only 1 click to action.

2. Its design makes the cross option to reject easily visible to the user (factors to consider here are if included within the frame/CMP, in colors distinguishable from the background, etc.).

3. An explanation of its function being provided next to it (e.g.,: “to continue without accepting: X”).

4. An explanation about the function should be provided within the text.

5. No reliance on (other) deceptive design patterns [1].

FRENCH AND ITALIAN MARKETS ONLY

Reject option presented as “continue without accepting”.

1. Located in 1st layer and requiring only 1 click to action.

2. Design making this option to reject easily visible to the user, without reliance on other deceptive design patterns [1]; i.e.,:

   • as a standard, text should be displayed as part of the CMP box (this is commonly placed in the top corner) or in a location that provides enough visual support for the user to see it.

   • visible without scrolling required.

   • not using design features that may obscure its location (factors to consider here are whether the colour of the text contrasts sufficiently with the background of CMP, option should not be embedded within the text or a location in CMP that would clearly diminish its visibility to the user).

3. Clear wording used (i.e., “continue without accepting”), creating no ambiguity as to its function.

4. An explanation about the function should be provided within the text.

Correct configuration of accept and reject functions

The CMP must be configured to ensure that Utiq calls are only triggered if user consents to the activation of Utiq technology.

1. Utiq technology must be off by default.

2. No Utiq calls to enable the Utiq technology shall be triggered if a user specifically rejects consent to the use of Utiq technology or makes an overall rejection of all non-essential cookies and other tracking technologies.

3. Only strictly necessary cookies (i.e., utiq_consent_status) can be dropped if user denies consent to non essential cookies and other tracking technologies.

Users must be provided with the Utiq consent text in 1st layer without modifications

It should be sufficiently clear that the use of Utiq technology is available on the website.

User attention must be drawn to Utiq consent text on 1st layer.

1. Utiq consent text is shown in the same form as the domain‘s own consent text (same size, font, colour).

2. Utiq consent text is inserted in an appropriate location to ensure appropriate visibility and distinct from other consent wording.

3. Sub-title provided by Utiq is implemented without any variations.

4. Utiq logo is placed next to Utiq consent text sub-title.

5. In case scrolling is required to view Utiq consent text, Utiq logo is placed in a fully visible section of the CMP not requiring scrolling down (where possible, logo should be clickable and, if clicked, it directs automatically to the Utiq section). The most logical place is expected to be next to the mention of use of similar tracking technologies.

6. No reliance on deceptive design patterns [1] that could compromise the visibility of Utiq consent.

Configurable elements within the Utiq Consent text must be populated with the Data Controller information

The Utiq consent text contains configurable elements:

• Data Controller

Populate dedicated configurable elements with your details:

• Data Controller’s name

Implement hyperlinks in clickable elements within Utiq consent text (1st layer and 2nd layer)

The Utiq consent text contains clickable elements:

• consenthub

• Utiq's Privacy Statement

• telecom operator

• our other websites

Implement hyperlinks that open in a new page for clickable elements within Utiq consent text:

• consenthub: https://consenthub.utiq.com/

• Utiq's Privacy Statement: https://consenthub.utiq.com/pages/privacy-statement

• telecom operator: https://consenthub.utiq.com/pages/privacy-statement#telecom-operators

• our other websites (see “2. Setup the dedicated “Manage Utiq” page linked via a footer hyperlink“).

Main CMP title must be adequate

As per core requirement.

The main CMP title must not only reference or concern cookies. It must address other similar technologies.

Implementation of a section within “Manage Utiq” page listing the cross domain websites in scope (i.e., all websites that would make use of the same martechpass value)

As per core requirement.

1. The reference to other websites in scope within the Utiq consent text must be correctly hyperlinked and direct the user to the relevant section within the “Manage Utiq” page where there is the list of all such websites in scope (i.e., all websites that would make use of the same martechpass value).

2. In case of additional websites in scope, the list must be updated, before the additional website goes live.

Implementation of telecom operators hyperlink

As per core requirement.

1. The reference to participating telecom operators in scope within the Utiq consent text must be correctly hyperlinked and direct the user to the relevant section within the Utiq privacy statement which contains the list of all participating telecom operators per country.

2. In case of additional telecom operators in scope, the list within Utiq’s privacy statement will be updated by Utiq, without unreasonable delay.

Utiq technology purpose included in 2nd layer of CMP (as Utiq custom purpose)

It must be possible for users to view the purposes in a granular way. Specifically, users should be able to make granular choices for Utiq via distinct tick boxes.

1. Utiq 2nd layer consent text must be added in an appropriate location (as Utiq custom purpose).

2. If possible, Utiq logo must be placed next to Utiq 2nd layer title.

3. Accept and reject options must be displayed in the 2nd layer and must be equally visible to each other (factors to consider here are size, font and location for example).

4. Specific accept and reject options must be placed next to Utiq consent (Utiq 2nd layer text)

5. No reliance on deceptive design patterns [1] that could compromise the visibility of Utiq consent.

The website’s main CMP must be easy to locate and resurface to facilitate withdrawal of consent at any time

As per core requirement.

1. The option to resurface the website main CMP shall be located in an easily visible place for the user to find. Usually, this will be at the bottom of the page.

2. The option must be present in all the pages of the website (i.e. not only in the Homepage).

3. The name of the functionality (e.g., link or icon) should use clear wording to enable the user to make use of the functionality to manage their consents.

4. The wording used must not reference only cookies, but also other similar technologies (in case such wording is used).

5. No reliance on deceptive design patterns [1] (e.g., different size, font, colour or inappropriate location), accessible with 1 click, not hidden by other banners in the websites, colour of text contrasts sufficiently with the background)

The website should make its “Privacy policy/notice/statement” easily accessible at the bottom of all pages

As per core requirement.

1. The option to open the Privacy Statement shall be located in an easily visible place for the user to find. Usually, this will be at the bottom of the page.

2. The option to open the Privacy Statement must be present in all the pages of the website (i.e. not only in the Homepage).

3. No reliance on deceptive design patterns [1] (e.g., different size, font, colour or inappropriate location, accessible with 1 click, not hidden by other banners in the websites, colour of text contrasts sufficiently with the background).

Consent validity times (the time after which consent should be re-requested)

The consent validity timeframe for Utiq consents is 180 days.

martechpass TTL is 90 days.

1. Set up the consent validity timeframe for Utiq consents to 180 days.

2. The denied consent duration for Utiq consents is also 180 days.

Evidence of consent

It should be technically possible for the Advertiser/Publisher to provide evidence of Utiq consents captured.

It should be technically feasible for Utiq to monitor that each consent has effectively been provided.

1. Ensure that you are keeping track of the version of your Consent Notices that includes Utiq consent.

2. Ensure that the Evidence of Consents feature in your CMP console is correctly capturing the user’s preferences for the Utiq consent.

Utiq consent withdrawal mechanisms

As per core requirement.

1. There are 3 ways for users to withdraw Utiq consents:

   • CMP: by re-opening the CMP and changing the Utiq preferences, the users can withdraw Utiq consent.

   • Manage Utiq via the consent revocation dedicated functionality: users can revoke their Utiq consent directly through your site. The revocation will only apply to your site in this case.

   • consenthub.

2. Ensured synchronization with consenthub.

Vendor name

Utiq

Privacy Policy

https://consenthub.utiq.com/pages/privacy-statement

Purpose based on consent

<select the “Use of Telecom and Utiq powered technology on this website for digital marketing”>

Utiq purpose description for “Integrated Model” can be found here.