Types of tracking consent policies in Usage Insights

  • Release version: Yokohama
  • Updated May 22, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Types of tracking consent policies in Usage Insights

    Usage Insights in ServiceNow Yokohama release allows you to define tracking consent policies at a country level to align with compliance needs and user roles. These policies determine how user activity data is collected and displayed, balancing detailed analytics with privacy requirements. By default, all countries are set toNo Consent Required, but administrators should review and customize these settings based on applicable regulations and internal policies.

    Show full answer Show less

    Types of Tracking Consent Policies

    • No Consent Required: Users are automatically tracked without any opt-in prompt. This is the default setting but should be reviewed for compliance.
    • Explicit Opt-In: Users see a message asking them to opt in or decline tracking. Consent expires every 365 days, requiring yearly user re-consent.
    • Notice: Users receive a message informing them that their activity will be tracked but no action is required. Consent also expires annually.
    • Basic Tracking: Admin users get usage metrics with hashed user IDs and session data included in aggregate metrics. This retains accuracy while limiting detailed tracking.
    • Disabled: Equivalent to users opting out, disabling individual-level tracking and usage metrics collection for those users. Aggregate data collection continues unaffected.

    Key Features and Configuration

    • Country-Specific Policies: You can define distinct consent policies for different countries or apply a uniform policy globally.
    • Customizable Consent Messages: Edit the default texts shown to users for Notice and Explicit Opt-In policies to meet organizational communication standards.
    • Privacy Policy Link: Configure links to your privacy policy shown to users during consent prompts, ensuring transparency.
    • User Consent Management: View and analyze users’ tracking consent selections to monitor compliance and user preferences.
    • Impact on Data Collection: When users opt out or policies are set to Disabled, individual tracking data is not collected, but aggregated metrics still represent overall usage.

    Practical Implications for ServiceNow Customers

    ServiceNow customers can leverage these tracking consent policies to ensure their Usage Insights data collection complies with regional privacy laws and internal governance. Proper configuration helps balance detailed user analytics with user privacy. Admins should regularly review and update consent policies to maintain compliance and accurately interpret usage metrics, especially considering the annual expiration of consents for Explicit Opt-In and Notice policies.

    There are five types of tracking consent policies that you can define for individual countries. This option provides you with the flexibility to define tracking policies according to your own compliance requirements, applicable country requirements, and even according to users or roles.

    The default consent policies are set to No Consent Required for all countries/groups of users. However, your admins should review and update a group or individual country’s consent policy in line with compliance requirements to any of the following:

    Basic Tracking
    Users with the admin role can obtain usage metrics only. Their hashed user ID and session data continue to be collected and included in aggregate metrics (such as Active Users, Sessions, and Average Session Duration) so that these counts remain accurate for the Customer.
    Disabled
    Selecting Disabled as the user consent policy has the same effect as an end user opting out: individual-level tracking is not displayed in Usage Insights tracked applications and usage metrics aren't obtained from these users. Aggregate data collection continues.
    Explicit opt-in
    Users are presented with a message to select whether to opt in or decline to be tracked.
    Notice
    Users are presented with a message explaining that their activity in the application will be tracked.
    No Consent Required
    Users are automatically tracked and aren't presented with an opt-in/decline message. This is the default consent policy for all users. However, you should review and amend this policy in accordance with internal policies.
    Note:
    • Every country’s consent policy is set to No Consent Required by default. However, users can opt in or out of ServiceNow applications individually in application settings. If you want to provide opt-in messages or notices to users when they log in, you must configure tracking consent policies.
    • When consent policies are updated to display a notice or require opt-ins, capturing detailed user and session data may be impacted due to individual opt-outs. Aggregated metrics will continue to reflect the total user base, including those who have opted out of individual session tracking.
    • Counters in the Usage Insights application contain aggregated user numbers.
    • If a country’s tracking consent policy is set to Disabled, user metrics aren't tracked and aggregate data collection continues.
    • If a country’s consent policy is set to Explicit Opt-In or Notice, individual users are asked for consent yearly. Their existing tracking preference expires every 365 days.
    • Analytics administrators can choose to store additional user properties. See Add user properties as filters to User Experience Analytics for more information.
    • The distinction between Basic and full tracking is in how data is presented, not in what is collected.