bretg
commented
1 year ago @HeinzBaumann - is there a requirements doc? Specifically I'd like to better understand the "data category" concept and whether there's a potential processing implication or if this is just informational to show up in the CMP.
Prebid Server interprets this file and we need to confirm that there aren't updates required beyond the location of the GVL file. Here are the changes gathered from the PR:
- added dataDeclaration array. "An array of positive integers that represent the data categories declared by the vendor". This seems to be related to a requirement that vendors need a "List of Categories of data collected across Purposes".
- added dataRetention object. "an object that contains the data retention for the purpose and specialPurpose declared by the vendor"
- added urls array. "An array of url objects representing language, policy url and legitimate interest url"
- Removal of the policyUrl field.
- certain values are no longer allowed in legIntPurposes
HeinzBaumann
Update the files Tech Lab - Consent string and vendor list formats v2.md and Tech Lab - CMP API v2.md based on the latest policy changes and tech specs. In detail: Update several sections to introduced retention periods for all purposes, removal of legitimate interest for purposes 3 to 6, the introduction of data categories used in conjunction with the purposes, support for legitimate interest claim urls, adding support for localized policy urls. Removed references to v1.1 where that information was no longer required. Update the GVL list section accordingly: Updated the API specification: Deprecated the API getTCData as well as some other small tweaks. Removed references to v1.1 where that information was no longer required.