Types of tracking consent policies in Usage Insights

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Types of tracking consent policies in Usage Insights

    Usage Insights in ServiceNow allows you to define tracking consent policies tailored by country to meet compliance and organizational requirements. These policies control how user tracking data is collected and presented, balancing between regulatory compliance and data analytics needs. By default, all countries and user groups are set toNo Consent Required, but administrators should review and adjust these settings appropriately.

    Show full answer Show less

    Types of Tracking Consent Policies

    • No Consent Required: Users are tracked automatically without any opt-in prompt. This is the default setting for all users and countries.
    • Explicit Opt-In: Users receive a prompt to consent or decline tracking. Consent is requested yearly, and preferences expire every 365 days.
    • Notice: Users are informed that their activity will be tracked but are not asked to explicitly consent.
    • Basic Tracking: Only users with the admin role have access to usage metrics. User IDs and session data are hashed and collected to maintain aggregate accuracy.
    • Disabled: Equivalent to user opt-out. No individual-level tracking or usage metrics are collected, though aggregate data collection continues.

    Key Points on Data Collection and User Experience

    • The difference between Basic and full tracking lies in data presentation rather than data collection scope.
    • Aggregated metrics include all users, even those who opt out of individual session tracking.
    • When policies require opt-in or display notices, detailed user and session data collection may be reduced due to opt-outs.
    • Users retain the ability to opt in or out individually via application settings regardless of country policy.

    Policy Management and Configuration

    • Admins can view and assign consent policies globally across all countries or update individual country policies as needed.
    • User location detection can be configured with predefined or custom detection policies, allowing prioritized and flexible identification methods.
    • Proper configuration ensures compliance messaging appears at login when required.

    Practical Implications for ServiceNow Customers

    Understanding and configuring these consent policies allows you to align Usage Insights tracking with your legal and internal compliance obligations while maintaining meaningful analytics. You can control the granularity of data collected, communicate transparently with users about tracking, and ensure that aggregate usage statistics remain accurate even when individual tracking is limited.

    There are five types of tracking consent policies that you can define for individual countries. This option provides you with the flexibility to define tracking policies according to your own compliance requirements, applicable country requirements, and even according to users or roles.

    The default consent policies are set to No Consent Required for all countries/groups of users. However, your admins should review and update a group or individual country’s consent policy in line with compliance requirements to any of the following:

    Basic tracking
    Users with the admin role can obtain usage metrics only. Their hashed user ID and session data continue to be collected and included in aggregate metrics (such as Active Users, Sessions, and Average Session Duration) so that these counts remain accurate for the Customer.
    Disabled
    Selecting Disabled as the user consent policy has the same effect as an end user opting out: individual-level tracking is not displayed in Usage Insights tracked applications and usage metrics aren't obtained from these users. Aggregate data collection continues.
    Explicit opt-in
    Users are presented with a message to select whether to opt in or decline to be tracked.
    Notice
    Users are presented with a message explaining that their activity in the application will be tracked.
    No consent required
    Users are automatically tracked and aren't presented with an opt-in/decline message. This is the default consent policy for all users. However, you should review and amend this policy in accordance with internal policies.
    Note:
    • Every country’s consent policy is set to No Consent Required by default. However, users can opt in or out of ServiceNow applications individually in application settings. If you want to provide opt-in messages or notices to users when they log in, you must configure tracking consent policies.
    • If a country’s consent policy is set to Explicit Opt-In or Notice, individual users are asked for consent yearly. Their existing tracking preference expires every 365 days.
    • If a country’s tracking consent policy is set to Disabled, user metrics aren't tracked and aggregate data collection continues.
    • The distinction between Basic and full tracking is in how data is presented, not in what is collected.
    • Counters in the Usage Insights application contain aggregated user numbers.
    • Analytics administrators can choose to store additional user properties. See Add user properties as filters to User Experience Analytics for more information.
    • When Consent policies are updated to display a notice or require opt-ins, capturing detailed user and session data may be impacted due to individual opt-outs. Aggregated metrics will continue to reflect the total user base, including those who have opted out of individual session tracking.