Telemetry Overview
The primary method for identifying cookies and data flows on your site is through telemetry data collected through Transcend’s airgap.js script on the site. The script sends telemetry data back to Transcend to be processed and classified, where it will appear in the “Data Flows” and “Cookies” tables. Telemetry data is collected when users on your site encounter a data flow (network request or cookie). This means that the more visitors there are on the site, and the more pages they interact with, the more telemetry data there will be.
Telemetry data is available in Transcend for the previous 7 days. Any network requests or data transfers that have not been encountered in the previous seven days will be filtered out. This helps ensure only relevant telemetry data is present for review. For example, if a user has a browser extension that injects a script on your site once, and it's never seen again, it will be filtered out of telemetry data after 7 days.
Transcend auto-classifies data flows for known trackers. When one of these trackers is discovered through telemetry on your site, a data flow with a labeled tracking purpose will be recommended for review and approval. Transcend classifies these trackers at the network request level. This allows the tracker scripts to load while precisely regulating their subsequent emissions, which in turn allows for more granular control over assigning tracking purposes.
Learn more about purposes and view the list of available tracking purposes through our Tracking Purposes article
When initially getting started with Consent, managing cookies and data flows will be a core piece of implementation.
As your website changes over time, you may need to adjust the data flows that Consent is regulating and review new data flows encountered through telemetry. This often results from new scripts getting added to the website to support new functionality, new widgets (ex: live chat support) or a new analytics tool. Additionally, new internal first party cookies and data flows may be added to your site to support native functionality.
Refer to the use case guide on adding, editing, and otherwise manaing your data flows / cookies for further information.
As telemetry data is collected from your website, Transcend will suggest a new data flow rule or cookie rule in the Triage tab of the Consent Dashboard.
Cookies and Data Flows that appear in the Triage tabs in the Admin Dashboard represent network requests discovered by the airgap.js Script and are recommended as data flows/cookies, but still require review before they are regulated by the consent manager on your site. These data flows are not yet included in your live airgap.js bundle until they are approved. This means that they may not be regulated by the consent manager until assigned a tracking purpose and approved.
Transcend auto-classifies recommended data flows with a consent tracking purpose for common trackers. When reviewing suggested data flows/cookies in the triage view, make sure to review the recommendation. To review, click on the highlighted row. You should see a modal pop up:
If the information looks correct to you, click “Approve”. Sometimes we are not able to guess the associated tracking purpose and Service info, so you’ll have to manually add that information.
For more information on how to research and approve recommended data flows and cookies in the Triage view, check out our full guide on Triaging Data Flows.
You have the option to reset telemetry data. This can be helpful to remove noise from the Triage view once you've approved and saved the relevant data flows and cookies needed for regulation on your site. This can be done in the Transcend Dashboard under Consent Developer Settings.
HTTP only cookies are not discovered through telemetry of data flows on your site. We recommend manually creating a cookie rule in the Approved Cookies tab for any HTTP cookies on your site to ensure they are regulated by the consent manager.
There are times when data flows are present on your site for scripts and trackers that are not loaded directly by your site. This is often the result of browser extensions or malware that are present on an end-users’ device or browser. For example, if an end user accessing your site has a browser extension running, that browser extension may inject a data flow into the site to accomplish its purpose.
airgap.js telemetry may pick up these data flows. If you determine there’s no need for these data flows to be regulated by your consent manager, you can mark them as “junk” in Transcend to remove them from your Triage view. Data Flows that are marked as junk will not be added to your airgap.js bundle. Consent will handle these events when encountered on your site based on your unknown event policies.
airgap 9.1 and later filters requests from extensions by default for Chrome, Firefox, and Edge. You may still see some junk data flows and cookies coming from browsers extensions on Safari. Due to browser limitations, Transcend cannot detect if requests or cookie mutations came from an extension or the site itself. If you wish to disable data flow and cookie telemetry in browsers that don't support extension filtering, add data-require-tfpf="on"
to your airgap.js script tag.
Unknown data flows & cookies are those that don't match any of the approved entries under Cookies > Approved and Data Flows > Approved. In other words, these are data flows and cookies are not "known" by your consent bundle.
Unknown flows and cookies are handled differently depending on the settings configured in Consent Developer Settings, where there are different options for when and how to allow unknown cookies and data flows through. By default, the settings are configured to allow through unknown cookies and data flows. This means that all network requests and data transfers that do not match an approved cookie/data flow rule will be allowed and will not be blocked.