A Publisher is an owner or operator of online content or services where personal data is collected and used by third-party companies (vendors) for digital advertising, audience measurement, or content personalisation.
Publishers must read and follow the TCF Policies, specifically Chapter IV: Policies for Publishers that explains how publishers can adopt and use the TCF. Publishers following the TCF Policies specifically perform the following:
- Either act as a CMP (in which case they would need to register as a CMP in the TCF) or utilise the services of a CMP registered with the TCF;
- Select and control the Vendors they want to work with. Publishers should put in place a selection process, as an unjustifiably large number of Vendors may impact users’ ability to make informed choices;
- Undertake to update their Vendor-partners’ softwares (such as scripts and tags that result in personal data processing or the storing and/or accessing of information on user devices);
- Forward information relating to users’ choices to their Vendor-partners present on their services, where applicable;
- Ensure their users can resurface the CMP UI from an easily accessible link or call to action, such as a floating icon or a footer link available on each webpage of their websites, or from the top-level settings of their apps as to allow them to withdraw their consent easily.
How can Publishers put in place a Vendor selection process?
Since March 2022, Vendors registering to the TCF are required to provide additional information that is not intended for user disclosures but can be used by Publishers for determining which Vendors they wish to establish transparency and consent for on their digital properties.
The additional information cover the following detail:
- Full legal entity address ;
- Business-to-business contact details ;
- Territorial scope - the EU/EEA/EFTA/UK jurisdictions where the vendor operates in the context of its TCF registration. Note that this is different from the place of establishment ;
- Environment – environment(s) where the vendor operates such as web, mobile apps, CTV apps ;
- Type of service – Vendor’s type of service(s) such as SSP, DSP, DMP ;
- International transfer – indication if the vendor transfers data outside EU/EEA ; when applicable, indication if the data transfers are covered by an EU adequacy decision.
This additional information is available here and can be used by Publishers to, for example, avoid requesting user’s consent for Vendors that operate in technical environments and jurisdictions that are not relevant to their online services, as well as generally better understand each TCF Vendor’s scope of operations and whether it transfers data outside of the EEA.
Publishers can also work with their CMPs and Vendor-partners to better understand which Vendors are active on their digital properties (e.g. contribute to the selling of their ad inventories) to supplement their selection process.
Please also visit the TCF v2.2 Supporting Resources page to review the most relevant resources about TCF v2.2, including the latest:
- TCF Policies
- TCF Terms & Conditions
- TCF Technical specifications
- TCF Implementation Guidelines
- TCF Data Processing Purposes Translations
- Lists of TCF Vendors & TCF CMPs
- Vendors & CMP Notifications
- Compliance documentation
- FAQs, Webinars and Blogs