Types of tracking consent policies in Usage Insights

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Types of tracking consent policies in Usage Insights

    Usage Insights in ServiceNow allows you to define five types of tracking consent policies tailored to individual countries. This flexibility helps you align tracking practices with your compliance obligations, country regulations, and user or role-specific requirements. By default, all countries and user groups have a "No Consent Required" policy, but administrators should review and adjust these settings to ensure compliance and appropriate user consent management.

    Show full answer Show less

    Types of Tracking Consent Policies

    • No Consent Required: Users are automatically tracked without opt-in prompts. This is the default setting for all countries but should be reviewed for compliance.
    • Basic Tracking: Only users with admin roles obtain usage metrics. Data such as hashed user IDs and session information are still collected and aggregated for accurate metrics.
    • Disabled: Equivalent to users opting out. Individual tracking data is not collected or displayed, but aggregate data collection continues.
    • Explicit Opt-In: Users receive a prompt to opt in or decline tracking. Consent must be renewed yearly.
    • Notice: Users are informed that their activity will be tracked, without requiring explicit consent. Consent notices are also renewed annually.

    Key Considerations for Consent Policies

    • Users can individually opt in or out within ServiceNow application settings regardless of country-wide policies.
    • When using Explicit Opt-In or Notice policies, individual tracking data collection may decrease due to opt-outs, but aggregate metrics still reflect the total user base.
    • The difference between Basic and full tracking lies in data presentation, not data collection scope.
    • Administrators can enhance analytics by adding user properties as filters to Usage Insights.

    Managing Consent Policies by Country

    • Define and customize tracking consent policies per country or apply a uniform policy across all countries.
    • View and update each country's consent policy from a consolidated list.
    • Configure user location detection policies to determine applicable consent rules, using predefined or custom scripts prioritized in order.

    Impact on Data Collection

    Opting out of individual tracking impacts detailed user and session data availability, but aggregate data collection remains unaffected. This ensures that overall usage metrics remain comprehensive while respecting individual user privacy choices.

    There are five types of tracking consent policies that you can define for individual countries. This option provides you with the flexibility to define tracking policies according to your own compliance requirements, applicable country requirements, and even according to users or roles.

    The default consent policies are set to No Consent Required for all countries/groups of users. However, your admins should review and update a group or individual country’s consent policy in line with compliance requirements to any of the following:

    Basic tracking
    Users with the admin role can obtain usage metrics only. Their hashed user ID and session data continue to be collected and included in aggregate metrics (such as Active Users, Sessions, and Average Session Duration) so that these counts remain accurate for the Customer.
    Disabled
    Selecting Disabled as the user consent policy has the same effect as an end user opting out: individual-level tracking is not displayed in Usage Insights tracked applications and usage metrics aren't obtained from these users. Aggregate data collection continues.
    Explicit opt-in
    Users are presented with a message to select whether to opt in or decline to be tracked.
    Notice
    Users are presented with a message explaining that their activity in the application will be tracked.
    No consent required
    Users are automatically tracked and aren't presented with an opt-in/decline message. This is the default consent policy for all users. However, you should review and amend this policy in accordance with internal policies.
    Note:
    • Every country’s consent policy is set to No Consent Required by default. However, users can opt in or out of ServiceNow applications individually in application settings. If you want to provide opt-in messages or notices to users when they log in, you must configure tracking consent policies.
    • If a country’s consent policy is set to Explicit Opt-In or Notice, individual users are asked for consent yearly. Their existing tracking preference expires every 365 days.
    • If a country’s tracking consent policy is set to Disabled, user metrics aren't tracked and aggregate data collection continues.
    • The distinction between Basic and full tracking is in how data is presented, not in what is collected.
    • Counters in the Usage Insights application contain aggregated user numbers.
    • Analytics administrators can choose to store additional user properties. See Add user properties as filters to Usage Insights for more information.
    • When Consent policies are updated to display a notice or require opt-ins, capturing detailed user and session data may be impacted due to individual opt-outs. Aggregated metrics will continue to reflect the total user base, including those who have opted out of individual session tracking.