.svg)
Your customers' journey from visiting your website to purchasing your products or services is rarely a single, straightforward path.
Most users access the internet using multiple devices; they might browse a product on their mobile phone and complete the purchase later on their personal computer. Additionally, they may interact with your business through various channels, such as your website, mobile app, or social media platforms.
As customer interactions become increasingly complex, it becomes challenging for businesses to identify and map each individual’s journey accurately. That’s why many companies use cross-device and cross-domain tracking technologies, such as third-party cookies, to create a comprehensive view of the entire customer experience. This allows them to deliver personalized ads, optimize advertising spend, and enhance the overall user experience.
But these tracking techniques introduce significant privacy risks, including covert data processing, intrusive personalized advertising, and excessive data collection. Because of that, major data privacy laws, such as the General Data Protection Regulation (GDPR), require businesses to obtain informed and active user consent before tracking individuals across different devices and domains.
If you plan to implement cross-device and cross-domain tracking, you’ll need to set up a legally compliant cookie consent banner and make sure that cross-device and cross-domain consent is consistently recognized across all devices and domains.
In this article, we will show you how to build a consent system for cross-device and domain tracking, as well as create a unified consent experience for your users.
Understanding cross-device and cross-domain consent management
First and foremost, it’s essential for us to define the difference between the two.
What is cross-device consent management?
Cross-device consent management is the practice of obtaining cookie consent on one device, such as a personal computer, for specific data processing purposes, and then applying those consent preferences across the user’s other devices, such as smartphones, tablets, smartwatches, and additional computers.
This approach helps businesses operating multiple websites and apps to comply with data privacy regulations while providing users with a more seamless online experience by eliminating repetitive cookie consent prompts across devices.
For example, your website users may give consent for the use of their data for ad retargeting and ad performance measurement purposes through cross-device tracking technologies. When a user logs into their account on their smartphone with the same email address, you can link their previous cross-device cookie consent to their new device, ensuring that their consent choices are applied on the second device.
Learn how Booli, a Swedish real estate search platform with over 1 million weekly users, manages user consent across web and app environments with Didomi:
What is cross-domain consent management?
Cross-domain consent management refers to the practice of recognizing and applying user consent, originally obtained on one website or domain, across other related websites and domains, even when users interact with them in different browser tabs during the same session.
For example, a financial services company that operates multiple domains, such as one for personal banking, another for credit card services, and a third for investment management, might collect cross-domain cookie consent on one site and apply it across its other web domains. If a customer logs into the credit card site and consents to data processing for personalized offers, that cookie consent preference can be shared with and applied on the investment platform as well.
This cross-domain cookie consent sharing enables businesses to streamline their privacy compliance by collecting informed, legally valid user consent and synchronizing those preferences across multiple web domains.
Learn how CPEx, the largest association of Czech online media operators, uses Didomi to manage consent for over 300 domains:
Do you need a Consent Management Platform (CMP) for cross-device and cross-domain consent management?
Implementing a cross-device and cross-domain cookie consent flow is easier said than done, as it involves several legal and technical challenges.
First, major privacy laws, such as the EU and UK GDPR, require businesses to obtain prior, informed, and granular consent from users before tracking them across different devices, websites, or apps. Additionally, companies must maintain detailed records of each consent, including timestamps and user identifiers, to demonstrate compliance with relevant regulations.
Second, synchronizing user consent across domains and devices presents technical difficulties. Different domains may be hosted on separate infrastructures, and each device or domain might rely on different tracking technologies, such as third-party cookies, server-side tracking, or device fingerprinting, which complicates consistent consent management.
Due to these complexities, most businesses rely on a CMP to obtain legally compliant consent and effectively manage cross-domain consent sharing.
Technical implementation: How to obtain and manage consent for cross-domain and cross-device user tracking
In this section, we explain how you can obtain and manage cookie consent for cross-domain and cross-device tracking through consent management platforms:
1) Set up a CMP that supports cross-device and cross-domain consent sharing
First, choose a consent management platform that supports cross-device and cross-domain cookie consent synchronization.
Our Didomi CMP allows businesses to share consent across multiple devices, websites, and apps, provided the user can be reliably identified.
2) Assign a unique user identifier
Next, assign each user a unique user ID, such as a name, email address, or account ID, that enables you to recognize them across different sessions, devices, and domains.
This typically occurs when a user navigates to your website, app, or platform using the same credentials, such as their email address or user ID.
3) Sync consent across devices and domains
Once the user is identified, Didomi will store their consent preferences and associate them with their unique ID.
A consent banner will typically appear only on the first device or domain the user interacts with. When a website visitor visits your website or app on different devices or domains, Didomi can retrieve their stored privacy choices from a centralized consent API and apply them locally.
In other words, users only need to provide consent once, and their preferences will be respected across all relevant platforms, eliminating the need for repeated consent prompts.
By using a CMP with cross-device and cross-domain cookie consent sharing features like Didomi, you ensure that user consent is applied consistently, creating a seamless experience for users while simplifying your privacy compliance efforts.
4) Provide transparency with reassurance banners
When users access your website or app from a different device after having already made consent choices elsewhere, best practices suggest displaying an informational banner to remind them that their choices have been registered and are applied. This can be as simple as a straightforward notification, inviting users to revisit and update their choices if necessary in their privacy settings.
Our CMP provides the option to implement this reassurance banner functionality, maintaining transparency while providing seamless cross-device experiences:
Benefits of managing consent across devices and domains
Sharing consent across various devices, domains, and platforms provides significant benefits to businesses:
Compliance with data privacy laws
Firstly, it helps ensure compliance with applicable data privacy regulations. For example, data protection laws in the EU, UK, and Switzerland require businesses to obtain prior informed consent from users before tracking them across different websites, mobile apps, or digital environments.
Similarly, if your business is subject to state-level privacy laws in the United States, such as California’s CCPA/CPRA, you may be required to provide users with the ability to opt out of tracking for targeted advertising and the sale of their personal information.
Earning your users’ trust
Secondly, cross-domain and cross-device consent sharing builds user trust.
If you provide your users with a consent banner that clearly informs them about how you will use their data and obtain prior consent, this will increase their trust in you.
Higher consent rates and better user experience
Another key benefit of cross-device and cross-domain cookie consent sharing is that it increases the consent rate and provides a seamless user experience. If you ask users for consent on each website, sub-domain, and mobile app they visit, they will likely suffer from consent fatigue and will be less likely to give consent.
Thankfully, presenting them with only one consent banner will enhance their user experience and encourage them to give consent to the use of their data for cross-domain tracking.
Challenges of managing consent across devices and domains
Despite the benefits we discussed above, using a CMP for cross-device and cross-domain cookie consent sharing comes with its unique challenges.
One major challenge is customizing the consent banner to make it both user-friendly and compliant with legal requirements.
The consent banner must be clear and understandable to users and must properly address how data will be used for cross-device and domain tracking. If it fails to meet these standards, you may experience a significant decline in consent rates, which can negatively impact your user behavior analytics and targeted advertising performance.
Another critical challenge involves accurately recording, synchronizing, and reporting user consent.
To ensure legal compliance and accurately measure consent rates, you must log each consent, share it across different devices and domains at the exact time, and also link the given consent to the applicable version of the privacy policy and the stated purposes. Any delay or failure in syncing consent may result in inaccurate consent status and unreliable reporting, negatively impacting the accuracy of your consent rates and your analytics operations.
Cross-domain and cross-device consent sharing and data privacy compliance
When tracking users across different devices, websites, and mobile apps, it is essential to consider applicable privacy laws and obtain valid consent from users.
If you have users from the EU and UK areas, the E-Privacy Directive and the EU and UK GDPR will require you to obtain prior consent for tracking users across different environments. For example, the European Data Protection Board’s Guidance on the E-Privacy Directive states that cross-domain and device tracking, using IP addresses or other techniques, falls under the scope of the Directive and thus requires consent.
Similarly, the UK Data Protection Regulator clarified that cross-device tracking requires prior consent from the users. Last but not least, the French data protection authority CNIL opened a public consultation on cross-device consent management, hinting at upcoming recommendations on the topic.
Considering these major privacy laws and updates, you must ensure that you provide a clear and informative consent banner to users on the first website/app they interact with, inform them about how you use their data, and obtain their consent.
When requesting consent for cross-domain and cross-device tracking, it is essential to clearly specify the data points used for identification and the purposes for which the data will be used, such as ad retargeting and measurement. Additionally, you should provide them with a consent withdrawal mechanism that allows them to easily adjust their consent settings.
While the EU and the UK have the strictest consent requirements, you should also pay close attention to other privacy laws, such as California’s CCPA/CPRA. California requires covered businesses to give users the right to opt out of the sale of their personal information and the use of their data for targeted advertising. As a result, you will likely need a CMP to provide users with these rights and effectively manage their opt-out choices.
Cross-device and cross-domain best practices
When sharing consent across different devices and domains, you should follow the following key rules.
- Set up a consent flow that includes presenting users with a legally compliant consent banner, recording their consent, and sharing their consent across the specified devices and domains.
- Identify applicable data privacy laws and ensure that your consent-sharing mechanism complies with these laws. For example, you must offer users the ability to provide consent on a granular level under the EU and UK GDPR.
- Consider using a CMP to establish a consent mechanism, record each consent, and share consent across devices.
- Ensure the CMP offers robust customization features and comprehensive reporting capabilities, as these will be crucial for optimizing consent rates and improving the user experience.
- Verify your CMP gives you the option to display a “reminder” message when users log in from a different device, reminding them that their privacy choices have been carried over.
{{how-to-select-the-right-cmp}}
Example of a cross-device consent management implementation
Orange, the first telecommunications operator in France, is used by over 25 million French people who connect to Orange websites, mobile applications, and TV boxes every month.
The organization has relied on Didomi for several years to collect its users' consents on these three environments using our Consent Management Platform and its cross-device functionality.
Read the case study and watch the video testimonial below to hear from Orange directly:
How to get started with cross-domain and cross-device consent management with Didomi?
Managing user consent across your website, mobile app, and other platforms can seem like a daunting task: Not only do you have to present users with a legally compliant consent banner, but you also have to strike the perfect balance between ensuring legal compliance and providing a seamless user experience.
Put simply, you need a CMP that can help you collect and manage consent in a way that is legally compliant and user-friendly.
With Didomi’s cross-device consent sharing feature, you can:
- Ensure full compliance with major privacy laws
- Avoid consent fatigue with a streamlined user experience
- Gain accurate, unified consent records across platforms
Check out our help center to learn how to enable cross-device in the Didomi Console and book a call with our team to discuss your cross-device and cross-domain challenges:
{{talk-to-an-expert}}
Frequently Asked Questions (FAQ)
What is cross-device consent management?
Cross-device consent management refers to the process of obtaining consent preferences from website or app users on one device, such as a computer, to use their data for specified purposes and then applying the users’ consent preferences across their different devices, including smartphones, tablets, smartwatches, and computers. Discover 10 essential questions on cross-device consent management.
What are the best practices in choosing a consent management platform (CMP) to manage consent sharing across different devices and domains?
You need to consider if your CMP syncs consent preferences across different environments effectively and accurately. Furthermore, you should also consider whether the CMP offers robust customization features and consent reporting capabilities, enabling you to optimize consent rates and improve the user experience. Compare some of the best CMPs on the market to find the right fit for your organization.
What is cross-domain consent management?
Cross-domain consent management refers to the practice of applying user consent preferences obtained on one website or domain to other websites and domains by recognizing the user’s previous privacy choices when they visit other websites and domains.
.avif.avif){kind=tracking}
