Cookie Consent Clarity: Why a Global Travel Brand’s Legal Team Left Their Legacy Provider for Osano

This global travel technology company operates multiple brands under one umbrella, serving customers in regions around the world. With a vast digital presence spanning international markets, the company is subject to a complex and ever-expanding web of data privacy regulations—from GDPR to CCPA to a growing roster of US state laws. Managing cookie consent accurately across every brand and geography isn't just a legal obligation; it's a core trust commitment to millions of travelers.

Watch how compliance advisor Latoya Davidson helped this travel tech company take back control over their cookie consent in the video above.

The Challenge

When a complicated platform sidelines your legal team, visibility is the first thing you lose—and compliance is the next.

When Latoya Davidson, founder of compliance advisory firm CompliHow, was brought in to help her client’s internal legal team get a handle on their consent management program, what she discovered was a situation that was both common and critical: the legal team was paying out of their own budget for a consent management platform (CMP)—but not a single person on the team knew how to use it.

The legal team was responsible for approving and denying the data tracking technologies (like cookies, scripts, and pixels) that the product and marketing teams wanted to deploy on the company's sites. But because only the product team had the technical knowledge to navigate the legacy CMP, a significant and dangerous imbalance had taken hold.

The legal team had the authority. The product team had the access.

Davidson said to think of it like a parent telling a child not to eat a cookie while the cookie jar lives in the child's room. The legal team had no way to verify their decisions were actually being honored. Denied, high-risk scripts could be added to the site anyway, and the legal team had no visibility to detect it.

The situation was compounded by several factors:

• The platform was not intuitive. The interface required significant training to navigate—training the legal team simply didn't have time to complete. The only group that had worked through the learning curve was the product team, creating an inherent conflict of interest.
• The vendor was unresponsive. When Davidson reached out to the legacy provider to request hands-on customer support for the legal team, she was met with silence—and ultimately a flat "no." After multiple escalations, the vendor declined to assign a customer success partner to help onboard the team.
• There was no way to self-serve. The legacy system could not be figured out through exploration. Without formal training, the interface was a black box—making it impossible for motivated legal professionals to ramp up on their own.
• Internal dynamics were silently working against compliance. When Davidson investigated the root of the problem, she discovered that the previous employees who had onboarded the legacy tool were no longer with the company—and the product team, fully aware the legal team had no visibility into the platform, had little incentive to change the status quo.

The result: a privacy program that looked functional on paper but had a critical gap at its center. Policies were being written. Approvals and denials were being issued. But no one on the legal team could confirm whether any of it was being followed.

The Osano Solution

Putting the right tool in the right hands

Davidson evaluated approximately 12 vendors before arriving at a shortlist. The criteria were clear: the solution had to be genuinely intuitive, not just marketed as such, and the vendor had to demonstrate a commitment to customer success that went beyond a product library and an academy of tutorial videos.

During demos, Davidson paid close attention to the actual interface experience. "I was asking myself: if someone from the legal team saw this screen right now, would they know where to click?" she said. "A lot of vendors said their interface was user friendly, but then in the demo there were ten clicks before you could get anywhere useful."

Osano stood out immediately. The interface was clean, navigable, and something a non-technical user could explore without formal training. The demo reflected the reality of the product. And when the legal team tested it themselves, the difference was unmistakable.

Implementation was completed within a week. The previous platform's onboarding had taken much longer—and never truly landed. With Osano, both the legal team and the product team were up and running quickly, with clear documentation and implementation and customer success partners that made the transition smooth across all departments.

The legal team was given direct access and ownership of the CMP for the first time. No more routing requests through the product team. No more waiting for quarterly reports to understand what was on their own sites. And no more operating on trust alone.

"Having the visibility in Osano allows things to be put in their proper context and done more swiftly—without having to wait," said Davidson. "They can go directly into the system themselves and categorize things. They didn't think a tool existed like this, of this magnitude."

Key capabilities that made the difference:

• Real-time site scanning gave the legal team continuous visibility into what cookies, scripts, and pixels were appearing across the company's brands and geographies—not a monthly snapshot, but a live view.
• Automated classification suggestions meant the legal team could quickly review and confirm what each tracking technology was doing, without needing a technical expert in the room. The previous tool offered no such guidance.
• The ability to block directly in Osano was a game-changer. If the legal team spotted a denied script appearing on a site, they no longer had to wait for the product team to act. They could block it themselves—immediately—and then follow up with the responsible party afterward.
• A global consent map allowed the team to view how consent banners appeared across different jurisdictions, verify that language was current and compliant, and feel confident that new regulations were being addressed as they came into force.
• Osano's customer support provided the responsiveness the legacy vendor had categorically refused to offer. Questions from the legal team—often detailed and written in legalese—received prompt, substantive answers. Osano team members joined calls, reviewed screens, and made sure the team understood not just the "what," but the "why."

How the Client Benefitted

Visibility restored. Authority enforced. Risk reduced. Time saved.

The impact of giving the legal team a tool they could actually use was immediate, and in some cases, revealed just how much had been slipping through the cracks.

Shortly after onboarding Osano, the legal team began identifying scripts and cookies appearing on their sites that they had explicitly denied—scripts that the legacy platform had almost certainly detected but that no one on the legal team had ever been able to see. In some cases, these scripts had been flagged as high risk under California's enforcement posture, where companies were already facing significant fines.

Because the legal team now had direct access to Osano, they were able to catch these issues, block the unauthorized scripts themselves, and escalate internally—all without waiting for a quarterly review or submitting a request to another department.

The transformation extended across the entire privacy program:

• The legal team no longer operates blind. Quarterly check-ins with the product team to audit cookie lists have been replaced by continuous, self-directed monitoring inside Osano. The legal team can log in at any time, run a scan, and know exactly what's on their sites.
• The approval and denial process now has teeth. When the legal team issues a denial, they can verify whether it's being honored and act if it isn't. The authority they always had on paper is now backed by real oversight capability.
• Cross-departmental dynamics have shifted. With the legal team's visibility no longer dependent on the product team, collaboration between departments has become more honest and more efficient. The product and marketing teams understand that compliance decisions will be verified, not just issued.
• Outside counsel now has access too. The company's external data privacy counsel has been granted access to Osano, allowing them to monitor the consent program and flag issues—extending the value of the platform beyond the internal team.

For a lean legal team already stretched across litigation, product approvals, and policy development, Osano didn't just solve a compliance problem. It gave them back time, confidence, and control, and proved that the right tool in the right hands is the difference between a privacy program that exists and one that actually works.

Looking to put the power back in your legal team’s hands? Book a demo of Osano today.

CompliHow is a compliance advisory firm that helps businesses understand what legal requirements apply to their operations—and what they can safely ignore. Founded by Latoya Davidson, the firm specializes in mapping applicable regulations to specific business profiles and tracking enforcement trends so that clients can focus their compliance resources where they matter most.