Skip to main content

How to manage vendors in your CMP

Rogelyn
Updated

Understanding Vendors

A vendor is a legal entity who stores, processes or accesses data about your site visitors. Typically you install scripts or tags from these vendors, which may then in turn set cookies or record information when someone lands on your site.

 

You can manage which vendors are listed in your CMP in the 'Vendors' page in the Termly Dashboard.

 

Impact of adding a vendor

When you enable support for the IAB Transparency and Consent Framework (IAB TCF) in your site's regional consent settings, a detailed list of vendors you've integrated with will appear in your CMP for users in Europe, including the UK.

 

Your CMP will relay your visitors' consent preferences to these vendors, ensuring they modify their data processing behavior in alignment with user consent.

 

Managing Vendors

Discovering Vendors Automatically

Each time Termly scans your website, it attempts to identify the vendors you're working with and add them to your vendor list. If a vendor is not automatically discovered during a scan, you have the option to add it manually.

 

Adding Vendors Manually

To add a Vendor that wasn't discovered in a scan manually:

 

  1. Go to the 'Vendors' page within the Termly Dashboard.

  2. Click on 'Add Vendor' and search for the vendor to add

  3. Confirm by clicking 'Save.'

Which Vendors are included on the 'Vendors' page?

Vendors in the 'Vendors' page are currently limited to:

 

  1. Approved vendors in the IAB TCF Global Vendor List

  2. Google Ad Tech Partners

Troubleshooting Vendor Discovery

If a vendor is not discovered during a scan:

 

  1. Verify the vendor's script or tag is properly installed on your site.

  2. Manually add the vendor as outlined above.

 

What users see in the vendor detail panel

When a user opens a vendor from the vendor list in your consent banner, they'll see details about how that vendor processes data. Depending on what the vendor has declared in the IAB TCF Global Vendor List, the panel may also include the following sections.

 

SDK Disclosure

If a vendor uses mobile SDKs to collect or process data, those SDKs will be listed by their package identifier for example, com.example.analytics. This tells users which specific software packages the vendor runs, not just what the vendor does in general.

Vendors registered in the IAB TCF Global Vendor List are required to declare any SDKs they use as part of their transparency obligations under the framework.

This section is informational only. No action is required from users or site owners.

 

Special Purposes

Special Purposes are IAB-defined processing activities that a vendor may carry out without requiring user consent. Common examples include security monitoring, fraud prevention, and basic technical delivery of content or ads.

These are defined by the IAB TCF specification and cannot be toggled or objected to from the consent banner. They appear in the vendor detail panel for transparency only.

 

Opt Out Storage

Some vendors declare storage items typically a cookie that exist solely to record a user's opt-out choice. For example, a vendor might set a cookie to record a user's global opt-out choice, so that preference is carried forward on future visits.

This storage type sits outside the standard TCF consent purposes, but vendors are required to disclose it. Users don't need to take any action this is simply a record of a choice already made.

Related articles