Managing consents

Consent management allows you to manage your subscription policies and tracks any changes to consents for every customer. The main features of consent management in Intempt are:

  • Defining your consent categories that customers can subscribe to

  • Setting subscriptions based on a legitimate interest

  • Lifetime overview of the whole consent history for every customer - see who, when, and where gave or withdrew consent

  • Customizable consent/preference management page

Consent categories

Consent categories allow you to manage and organize data into multiple categories, each with different consent status and a different approach to data processing and communication. Thanks to the categories, you will be able to approach each of your customers in the way to which the specific customer consented or for which they have a legitimate interest. There are three types of categories available in Intempt:

  1. General consent

  2. Consent

  3. Legitimate interest

Managing consents via the user details page

On the user details page, you can monitor and manage consents for each individual customer. The overview in their profile shows the consents granted and revoked and the current status of every consent given by the particular customer.

You can also view all consent events by timeline to view consent details, such as the source of the consent and their expiration dates. 

Consent categories

Consent categories allow you to manage and organize data into multiple categories, each with a different consent status and data processing and communication approaches. Thanks to the categories, you will be able to approach each of your customers in the way to which the specific customer consented or for which they have a legitimate interest. There are three types of categories available in Intempt:

Category typeDescription
General consentThis system setting in Intempt allows you to send messages to all your customers, even without consent or to those who have already opted out. This only allows you to send transactional emails or important warnings that must be used carefully.
ConsentAs per GDPR, a customer must freely and actively give consent. You can define multiple consent categories (such as "Newsletter," "Notifications," etc.). Consents need to be tracked/imported for every customer.
Legitimate interestProcessing data under legitimate interest is more flexible than active consent. It enables you to process personal data without actively asking your customers for consent. In Intempt, you can define a legitimate interest group by creating an automatic filter based on a customer's behavior (such as purchasing, etc.).

Configuring the categories

You can configure consent categories in the “Privacy center” section.

You can then select from these categories in the settings of each journey action you are about to launch. 

This will ensure that you only send messages to customers with the appropriate consent.

Deleting consent categories

To delete a consent category with relations, you must first disconnect the consent form from active journeys.

Configuring consent categories

General consent

General consent should be used only in very few instances. When it is used, customer consent preferences are ignored, which may result in approaching customers without any legal basis for doing so. Therefore, permission to use General consent should be very limited.

The best practice is to disable it altogether and re-enable it only for very specific purposes where you are sure its use is legal and appropriate. In the consent section, you can choose which channels to use the General consent.

If you decide to disable a channel, you can also see which of your campaigns and scenarios have been using General consent in 'Check dependencies' so that you know what campaigns need adjustments in their Consent category. General consent will only be disabled after the adjustments to the running campaigns are made.


You can create custom consent categories based on the specific consent you received from your customers. It is preferable to have multiple consent categories, first because different customers will give you consent for different things, and secondly, it is preferable to allow customers to opt-out only from some of your communication they had previously consented to instead of withdrawing their consent to all communication.

Consent categoryThis field is used to map the consent category to the tracked consent event. It must have the same value as the “category” property in the consent event. We recommend using simple lowercase words for easy troubleshooting. This field will not be visible to your customers.
NameThis is a human-readable name of the consent category, which will also be visible to your customers on the consent page.
DescriptionA description of the consent category will also be visible to your customers on the consent page.
RegulationThis field is optional. The regulation under which a user's consent or preference is being saved, for example, GDPR or CCPA.

Legitimate interest

You can apply a legitimate interest to all your customers or only a specific segment using the "Applies on" filter.

Legitimate interest has the same configuration as consent except for the ‘Applies on’ in the settings. The remaining ones are the same as in the table above.

Applies onUse this setting to define to which customers you want to apply this legitimate interest. If you select "All users," every customer in Intempt will have this legitimate interest. "Specific users" — only the group of customers defined by the filter will have a legitimate interest. Note that this filter is not static and always reflects the actual state based on customers' behavior.

Opting in/out from a legitimate interest

Customers can opt-in/opt-out of a legitimate interest in the same way as they can for consent. They are also visible on the consent page.

Tracking an explicit consent event containing a legitimate interest consent category will always override the legitimate interest filter.

Tracking consent

When a customer consents, you need to track it as an event. This is important because if your legal base for processing the customer’s data is consent, you might be asked to provide proof of consent if one of your customers complains to their local data protection authority.

Consent tracking does not happen automatically, so you need to integrate tracking of the event on all the touchpoints where you collect customers’ consent. The name of the event has to be consent.

Every valid consent event must include 4 required attributes as defined below. Other attributes are defined either manually as custom attributes or generated automatically. You can specify and track any other custom attributes you need.

If you track consent with a specified timestamp in the valid_until event parameter and consent gets expired, the consent will change to revoked, and the consent event with status reject will not be tracked.

actionOptions: accept - consent granted; reject - consent revokedYes"accept"
categoryThe ID of the consent category, as defined in project settingsYes"newsletter"
timestampDate and time when the consent was granted or rejected by the customer.In other words, consent timestamp is "valid_from" for the given consentYes1528114618
valid_untilMultiple options:unlimited<timestamp> - Timestamp of the expiration dateYes, when action is accept"unlimited"
userIdUser identifier valueNo[email protected]
sourceMultiple options:web_store - Manually created consent in the application.api - API which uses basic authenticationios_app - tracked from a an ios app. Source name user belong to or “api” value.Yes, is generated automatically if consent framework is enabled"web_store"
sourceIdSource id valueYes, if soure is provided. If profile id is not required: null“1003”
emailEmail of the person who provided the consent.No[email protected]
messageFull quotation of the consent message that the customer reacted to.NoDo you agree to...?

Event tracking in JS SDK

You need to use the consent method to track if the user has consented to use his data.


const consentParams = {
  action: 'agree',
  validUntil: 1691823151, // Unix timestamp for consent expiry
  email: '[email protected]',
  message: 'User agreed to marketing emails.',
  category: 'marketing'


In this example, the consent method logs a user's agreement to receive marketing emails, specifying the duration of the consent and additional details about the consent given.

  	action: "accept", // "accept" for granting  or "reject" for revoking
    validUntil: 1710859460000,// "timestamp" value of the Date till the consent is valid
  	category: "", // category of the consent (optional)
  	email: "", // email used/entered by the visitor (optional)
  	message: "" // optional (can be left as empty string)(optional)

Below is an example of how the tracking can be implemented on a signup page.

Before using consent tracking methods, ensure you have created consent purposes in your organization's settings.

Here is an example of a successfully tracked consent:

   "action": "accept",
    "category": "news"
    "timestamp": 1707735272863,
    "validUntil": 1710859460000,
    "source": "Mobile",
    "sourceId": 589541138664144896,
    "profileId": "07940997-185b-437e-84d8-151f479fd088",
    "email": "[email protected]",
    "message": "Yes, email me offers, style updates and special invites to sales and events."


Good to know

Refer to JS SDK documentation for information on implementing the Consent tracking method.