Configure Custom Consent Categories

Create Advanced Cookie Categories & Consent Mechanisms

Understanding Consent Categories

Default Categories Overview

Essential Cookies (Always Required):

1. Strictly necessary for website functionality
2. Cannot be disabled by users
3. No consent required under GDPR/ePrivacy

Analytics Cookies (Optional):

4. Track website usage and performance
5. Help improve user experience
6. Require explicit consent

Marketing Cookies (Optional):

7. Used for advertising and retargeting
8. Track users across websites
9. Require explicit consent

Preferences Cookies (Optional):

10. Remember user preferences and settings
11. Enhance user experience
12. Require explicit consent

Create Custom Categories


Step 1: Access Category Management


`
SLOS → Consent Management → Cookie Categories → Custom Categories
`

Step 2: Define New Category


Category Configuration:
`json
{
“categoryid”: “socialmedia”,
“name”: {
“en”: “Social Media Cookies”,
“es”: “Cookies de Redes Sociales”,
“fr”: “Cookies de Réseaux Sociaux”
},
“description”: {
“en”: “Enable social media features and integrations”,
“es”: “Habilitar funciones y integraciones de redes sociales”,
“fr”: “Activer les fonctionnalités et intégrations des réseaux sociaux”
},
“required”: false,
“default_state”: “denied”,
“cookies”: [
{
“name”: “facebook_pixel”,
“domain”: “.facebook.com”,
“purpose”: “Facebook advertising and analytics”,
“retention”: “2 years”
},
{
“name”: “twitter_pixel”,
“domain”: “.twitter.com”,
“purpose”: “Twitter advertising and analytics”,
“retention”: “2 years”
}
]
}
`

Step 3: Set Category Rules


Legal Requirements:

13. Define legal basis (consent, legitimate interest, vital interest)
14. Set retention periods
15. Specify data processing purposes
16. Configure data sharing rules

Technical Rules:

17. Define cookie patterns to include
18. Set blocking mechanisms
19. Configure loading conditions
20. Set up fallback behaviors

Configure Advanced Consent Mechanisms


Step 1: Granular Consent Options


`
SLOS → Consent Management → Advanced Settings → Granular Consent
`

Multi-Level Consent:
`javascript
const consentLevels = {
‘basic’: {
‘analytics’: false,
‘marketing’: false,
‘social’: false
},
‘standard’: {
‘analytics’: true,
‘marketing’: false,
‘social’: false
},
‘full’: {
‘analytics’: true,
‘marketing’: true,
‘social’: true
}
};
`

Step 2: Contextual Consent


Set up consent based on user actions:

Scroll-Based Consent:
`javascript
// Auto-accept after scrolling
document.addEventListener(‘scroll’, function() {
if (window.scrollY > 100 && !window.consentGiven) {
window.SLOS.acceptCategory(‘analytics’);
}
});
`

Time-Based Consent:
`javascript
// Auto-accept after time delay
setTimeout(function() {
if (!window.consentGiven) {
window.SLOS.acceptCategory(‘preferences’);
}
}, 30000); // 30 seconds
`

Interaction-Based Consent:
`javascript
// Accept on form interaction
document.querySelectorAll(‘form’).forEach(form => {
form.addEventListener(‘focus’, function() {
window.SLOS.acceptCategory(‘preferences’);
}, { once: true });
});
`

Set Up Conditional Cookie Loading


Step 1: Category-Based Loading


`javascript
// Conditional script loading
function loadScriptBasedOnConsent(category, scriptUrl) {
if (window.SLOS && window.SLOS.hasConsent(category)) {
const script = document.createElement(‘script’);
script.src = scriptUrl;
document.head.appendChild(script);
}
}

// Load Google Analytics only with consent
loadScriptBasedOnConsent(‘analytics’, ‘https://www.googletagmanager.com/gtag/js?id=GATRACKINGID’);

// Load Facebook Pixel only with consent
loadScriptBasedOnConsent(‘marketing’, ‘https://connect.facebook.net/en_US/fbevents.js’);
`

Step 2: Dynamic Content Blocking


Block Marketing Content:
`html


Marketing content blocked. Accept marketing cookies to view.

Accept Marketing Cookies

`

Block Social Widgets:
`html


Social media content blocked. Accept social cookies to view.

Tweets by example

`

Configure Vendor Management


Step 1: Register Third-Party Vendors


`
SLOS → Consent Management → Vendors → Add Vendor
`

Vendor Configuration:
`json
{
“vendorid”: “googleanalytics”,
“name”: “Google Analytics”,
“category”: “analytics”,
“privacy_policy”: “https://policies.google.com/privacy”,
“cookie_table”: [
{
“name”: “_ga”,
“domain”: “.example.com”,
“purpose”: “Google Analytics tracking”,
“retention”: “2 years”
},
{
“name”: “_gid”,
“domain”: “.example.com”,
“purpose”: “Google Analytics session tracking”,
“retention”: “24 hours”
}
],
“data_processing”: {
“purposes”: [“analytics”, “measurement”],
“legal_basis”: “consent”,
“data_shared”: [“IP address”, “user agent”, “referrer”]
}
}
`

Step 2: Vendor Consent Management


IAB TCF 2.0 Integration:
`javascript
// Check IAB consent for vendor
function hasIABConsent(vendorId) {
if (window.__tcfapi) {
window.__tcfapi(‘getTCData’, 2, function(tcData, success) {
if (success && tcData.vendor.consents[vendorId]) {
return true;
}
});
}
return false;
}
`

Set Up Consent Withdrawal


Step 1: Withdrawal Mechanisms


`
SLOS → Consent Management → Withdrawal Settings
`

One-Click Withdrawal:
`html

Withdraw Consent
`

Category-Specific Withdrawal:
`javascript
// Withdraw specific category
function withdrawCategory(category) {
window.SLOS.withdrawConsent(category);
// Reload page or update UI
location.reload();
}
`

Step 2: Withdrawal Confirmation


`javascript
// Withdrawal confirmation modal
function showWithdrawalConfirm(category) {
const confirmed = confirm(Are you sure you want to withdraw consent for ${category}? This may affect website functionality.);
if (confirmed) {
window.SLOS.withdrawConsent(category);
// Clear related cookies
clearCategoryCookies(category);
}
}
`

Configure Advanced Cookie Policies


Step 1: Cookie Expiry Management


`javascript
const cookiePolicies = {
‘essential’: {
‘expiry’: ‘1 year’,
‘secure’: true,
‘httpOnly’: true
},
‘analytics’: {
‘expiry’: ‘2 years’,
‘secure’: true,
‘sameSite’: ‘Lax’
},
‘marketing’: {
‘expiry’: ‘1 year’,
‘secure’: true,
‘sameSite’: ‘None’
}
};
`

Step 2: Cross-Domain Consent


Handle consent across subdomains and related domains:

`javascript
// Set consent cookie for all subdomains
function setCrossDomainConsent(category, consented) {
const domains = [‘.example.com’, ‘.blog.example.com’, ‘.shop.example.com’];

domains.forEach(domain => {
document.cookie = slos_${category}=${consented}; domain=${domain}; path=/; max-age=31536000; secure; samesite=lax;
});
}
`

Implement Consent Auditing


Step 1: Consent Log Configuration


`
SLOS → Consent Management → Audit Settings
`

Audit Data Collection:
`javascript
// Log consent changes
function logConsentChange(category, action, source) {
const logEntry = {
timestamp: new Date().toISOString(),
category: category,
action: action, // ‘granted’, ‘withdrawn’, ‘updated’
source: source, // ‘banner’, ‘portal’, ‘api’
user_id: getUserId(),
ip_address: getClientIP(),
user_agent: navigator.userAgent
};

// Send to audit endpoint
fetch(‘/wp-json/slos/v1/audit/consent’, {
method: ‘POST’,
headers: { ‘Content-Type’: ‘application/json’ },
body: JSON.stringify(logEntry)
});
}
`

Step 2: Consent History Tracking


Store complete consent history for compliance:

`php
// Consent history storage
function storeconsenthistory($userid, $consentdata) {
global $wpdb;

$wpdb->insert(
$wpdb->prefix . ‘slosconsenthistory’,
array(
‘userid’ => $userid,
‘consentdata’ => jsonencode($consent_data),
‘timestamp’ => current_time(‘mysql’),
‘ipaddress’ => $SERVER[‘REMOTE_ADDR’],
‘useragent’ => $SERVER[‘HTTPUSERAGENT’]
)
);
}
`

Set Up Consent Validation


Step 1: Consent Proof Requirements


Configure requirements for valid consent:

GDPR Compliance:

21. Consent must be freely given
22. Consent must be specific
23. Consent must be informed
24. Consent must be unambiguous
25. Consent must be withdrawable

Validation Rules:
`javascript
function validateConsent(consentData) {
const required = [‘timestamp’, ‘categories’, ‘source’, ‘version’];

for (const field of required) {
if (!consentData[field]) {
return { valid: false, error: Missing required field: ${field} };
}
}

// Check consent age (must be recent)
const consentAge = Date.now() – new Date(consentData.timestamp).getTime();
if (consentAge > 365 24 60 60 1000) { // 1 year
return { valid: false, error: ‘Consent is too old’ };
}

return { valid: true };
}
`

Step 2: Consent Versioning


Track consent policy versions:

`json
{
“consent_version”: “2.1”,
“policy_version”: “2024.01”,
“changes”: [
“Added social media category”,
“Updated retention periods”,
“Enhanced withdrawal process”
],
“effective_date”: “2024-01-15”
}
`

Test Custom Categories


Step 1: Category Testing Checklist


Functionality Testing:

26. [ ] Categories appear in banner correctly
27. [ ] Consent choices save properly
28. [ ] Cookies load/unload based on consent
29. [ ] Withdrawal works for each category
30. [ ] Cross-domain consent syncs

Compliance Testing:

31. [ ] Legal basis properly documented
32. [ ] Cookie table accurate and complete
33. [ ] Vendor information correct
34. [ ] Audit logs capture all changes
35. [ ] Consent validation passes

User Experience Testing:

36. [ ] Banner loads quickly with custom categories
37. [ ] Category descriptions clear and helpful
38. [ ] Mobile experience optimized
39. [ ] Accessibility features work
40. [ ] Multi-language support functions

Step 2: Performance Testing


41. Test page load times with different consent combinations
42. Verify cookie blocking doesn’t break functionality
43. Check memory usage with multiple categories
44. Test concurrent consent changes

Monitor Category Performance


Step 1: Consent Analytics


Track category-specific metrics:

Acceptance Rates:
`javascript
// Track category acceptance
function trackCategoryAcceptance(category) {
gtag(‘event’, ‘consent_update’, {
‘category’: category,
‘action’: ‘accepted’,
‘timestamp’: new Date().toISOString()
});
}
`

Usage Patterns:

45. Most/least accepted categories
46. Consent changes over time
47. Withdrawal rates by category
48. Geographic variations

Step 2: Optimization Opportunities


49. Identify underperforming categories
50. A/B test category descriptions
51. Optimize banner placement
52. Improve consent flow

Maintenance and Updates


Step 1: Regular Category Review


53. Review category usage quarterly
54. Update cookie lists as vendors change
55. Refresh legal basis documentation
56. Audit consent logs for issues

Step 2: Category Lifecycle Management


57. Deprecate unused categories
58. Archive old consent data
59. Update vendor information
60. Refresh cookie policies

Troubleshooting Custom Categories


Common Issues


Categories Not Appearing:

61. Check category configuration
62. Verify banner template includes custom categories
63. Test with different user roles
64. Check for JavaScript errors

Consent Not Saving:

65. Verify database table structure
66. Check AJAX endpoints
67. Test cookie settings
68. Review server logs

Cookies Not Blocking:

69. Check script loading conditions
70. Verify category mapping
71. Test with different browsers
72. Review network requests

Performance Issues:

73. Optimize category loading
74. Reduce cookie table size
75. Cache consent decisions
76. Minimize DOM manipulation

Advanced Debugging


`javascript
// Debug consent state
console.log(‘Current consent state:’, window.SLOS.getConsentState());

// Debug category configuration
console.log(‘Category config:’, window.SLOS.getCategoryConfig(‘custom_category’));

// Debug cookie blocking
console.log(‘Blocked scripts:’, window.SLOS.getBlockedScripts());
`

Support Resources


77. Consent management best practices
78. Cookie compliance guides
79. Vendor management documentation
80. Performance optimization tips