Consent macros are dynamic placeholders used in programmatic advertising to transmit user consent information within bid requests or ad delivery URLs. They ensure that user privacy preferences—as required by regulations like GDPR (General Data Protection Regulation) or CCPA (California Consumer Privacy Act)—are respected throughout the advertising chain.
How They Work
When an ad call is made, the consent macro is replaced (or “expanded”) with the actual consent string or signal. This allows Demand Side Platforms (DSPs), ad servers, and other players to evaluate whether or not they are allowed to use personal data for that impression.
There are a few key macros used:
%consent%
This macro will return the encoded consent string associated with the user. Depending on the privacy framework, this could be:
-
A TCF v2.0 string under GDPR (also known as the “daisy bit”)
-
A us_privacy string under CCPA
-
Binary consent (e.g., 0/1, yes/no) if the SSP provides it in that format
-
not-foundif no consent is available -
do-not-trackif the DNT flag is active on the user’s browser/device
%consent_unesc%
This is similar to %consent%, but the returned string is unescaped—i.e., it does not include special character encoding, making it easier to read or pass to systems that require clean strings.
%gdpr%
This macro specifically indicates whether GDPR is applicable (1) or not applicable (0) to the current bid request. It helps downstream platforms determine if GDPR-specific rules must be enforced.
Why It Matters
Consent macros are essential for staying compliant with global privacy laws and ensuring transparency and trust in digital advertising. They help advertisers and publishers respect user choices while enabling safe, data-driven targeting.