achimschloss
commented
4 years ago Adding here - the language around default legal basis is already present in the spec, but just in the annotated example global vendor list - seem even more reasonable to give this a bit more visibility. What missing here is that the default can only be changes via a restriction.
`
- "legIntPurposes" conditionally OPTIONAL (see "Constraints") array of
- positive integers. List of Purpose ids declared as performed on the legal
- basis of legitimate interest
- "flexiblePurposes": OPTIONAL array of positive integers. Array may be
- empty. List of purpose ids where the vendor is flexible regarding the
- legal basis; they will perform the processing based on consent or a
- legitimate interest. The 'default' is determined by which of the other two
- mutually-exclusive purpose fields is used to declare the purpose for the
- vendor
-
- Constraints:
- Either purposes OR legIntPurposes can be missing/empty, but not both.
- A Purpose id must not be present in both purposes and legIntPurposes
- A Purpose id listed in flexiblePurposes must have been declared in one
- of purposes or legIntPurposes.
- Purpose id values included in the three purpose fields must be in the
- range from 1 to N, where N is the highest purpose id published in this
- GVL file.`
Facens
alextcone
As discussed in https://github.com/InteractiveAdvertisingBureau/GDPR-Transparency-and-Consent-Framework/pull/220 - some more explicit description in the section "What are publisher restrictions?". Looking at the discussion it seem good to make it more explicit
@chrispaterson the TC Core String details description contains some language in the notes that restrictions should be respected even without flexibility, not sure I you'd want to change that given the code would not even allow them to be written just now