Product Updates

Introducing AMP support for Osano Consent Manager

posted on January 14, 2022

Capturing user consent to store cookies isn’t always as simple as running a standard JavaScript snippet. Some web frameworks require unique code to work properly. This is the case for AMP (previously referred to as “Accelerated Mobile Pages”). When it comes to capturing consent on an AMP page the standard approach doesn’t work. That’s why we are excited today to announce Osano’s support for AMP. You can now install Osano Consent Manager on your AMP pages and enjoy all the benefits of privacy compliance that you do on your standard websites.

What is AMP? 

AMP is an open source web framework for creating web content such as pages, emails, and ads, that run and load very quickly. Previously referred to as, “Accelerated Mobile Pages,” AMP pages tend to perform faster because they are simplified versions of the full page and most are delivered by Google's AMP cache. AMP works particularly well for mobile because it can load quickly even when someone has a spotty internet connection. AMP pages tend to rank well in search engines because of their high performance. In particular, media and content sites, such as Dallas Morning News, rely on AMP as a key part of their content distribution strategy. 

How does Osano Consent Manager for AMP work? 

AMP pages are built using framework components. Osano Consent Manger uses the amp-consent component. When building your page you include the amp-consent component script in your page’s <head> tag and include the amp-consent component itself in your page’s body. See the Osano AMP quick start for a complete set of step-by-step instructions. 

Osano Consent Manger for AMP Features

  • Share user consent between your AMP and full sites. Users only have to consent once.
  • Share your configuration between both sites as well. The same UI will be displayed and any changes will be applied to both.
  • Users may update their consent preferences through the AMP version.
  • Conforms to the amp-consent component specification so it is fully AMP compliant.

Why does this matter?

With Osano Consent Manager for AMP, you can now capture and manage consent across your standard and AMP pages using the same Consent Management Platform and the only consent manager backed by a No Fines, No Penalties Pledge!


Product(s) Affected

Consent Management



Saudi Arabia and UAE banner updates

posted on January 4, 2022

Recent legislation requires a change to how cookie consent should be managed for users in the United Arab Emirates and Saudi Arabia. To comply with these new regulations, Osano Consent Management Platform (CMP) has updated the banners that are served to users in these regions. To enable the new banners on your site be sure to republish your configuration.  

Saudi Arabia has recently adopted the Personal Data Protection Law (PDPL), which will regulate data transfers and the collection, processing and sharing of personal data of residents and citizens of Saudi Arabia. The PDPL will go into effect on March 23, 2022, although additional regulations are expected. The new law provides rights to data subjects such as the right of access, correction and deletion, as well as the right to claim damages for material and non material harms. The PDPL requires consent for the collection of personal data, imposes data minimization principles and restrictions on retention as well as sharing of personal data. The maximum penalties of a provision of the regulations or rules are up to two years in prison or up to five million rials of fines. (Fines may be doubled if repeated offenses have occurred to up to ten million rials.) The law is clear that it applies to companies outside of Saudi Arabia that collect or process the data of individuals who are citizens or residents within the Kingdom.

Similarly, on Nov.  28, 2021, the UAE also enacted a comprehensive Personal Data Protection Law (PDPL), the Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data Protection. The new law applies to the processing of personal data of residents whether or not that processing takes place within the UAE and includes a fairly strict requirement for consent prior to processing personal data. The new law also provides data subject rights such as the right of correction and the right to restrict or stop processing of personal information. In addition, requirements outline the cross-border transfer and sharing of personal data for processing purposes. The law establishes the UAE Data Office, which will be responsible for preparing policies, additional regulation and guidance. The law became effective on Jan. 2, 2022.

To help you comply with this new legislation, Osano’s default banner behavior has been updated to show different banners to users in these regions. Because UAE and Saudi Arabia’s new laws enforce similar user protections as the European Union’s GDPR, these regions will now use the same banner with the ability to accept all, reject all and customize privacy preferences.

Again, to enable the new banners on your site be sure to republish your configuration.  

Why does this matter?

Both Saudi Arabia and the UAE's new laws provide data subjects with more rights than they previously had, and the updated banners ensure you're allowing them to exercise those rights. The banners help you to:

  • Comply with both new laws.
  • Help data subjects feel empowered.


Product(s) Affected

Core Platform



Secure Messaging Portal

posted on December 16, 2021

Data-subject access requests (DSARs) have become a core part of many privacy compliance efforts. Supporting DSARs is a requirement under the EU’s GDPR, and California’s privacy laws indicate that U.S. states are keen to follow its lead. 

DSARs allow users to request the information a company has collected about them, as well as how it’s being used, with whom it’s being shared and why. It’s essential to have a system that allows you to fulfill these requests within the timeframe any given law requires. For that, you’d use Osano’s Data Discovery to understand, holistically, what data you have on any given user and where it lives, Osano’s DSAR Management to track requests.

But sometimes, Osano customers need to talk to data subjects about those requests. For example, a company fulfilling a DSAR might need to say to the data subject: "Can you please verify your full name and date of birth? The information you sent doesn't match ours."

Typically, those conversations happen over email. That can be difficult because now you’re operating out of two different portals, your DSAR tool and your email. If a regulator ever wanted an audit, that would mean a lot of detective work to cobble together information between systems. Plus, email communications can be insecure depending on what you’re using. Sending sensitive data related to a DSAR request over email could expose you to risk of a breach and associated fines. 

The Secure Messaging Portal gives Osano customers and users one place – a secure place – to send and track messages about DSARs. Every communication is logged in the portal, so audit histories are simple to generate and view. 

Screen Shot 2021-12-14 at 1-53-01 PM-png

Why does this matter?

The ability to securely communicate with your data subjects about their DSAR means you’re more likely to stay in compliance with privacy laws granting users access to their data and more likely to comply with security regulations. Keeping all of your communications in one place ensures an organized, timely response to data subject’s inquiries. It also enables a seamless audit process should a regulator come knocking on your proverbial door. 

Osano's Secure Messaging Portal allows you to: 

  • Communicate with data subjects about their DSARs.
  • Track all communications in one place.
  • Easily audit your DSAR communications.
  • More easily comply with privacy laws and security regulations.

If you are currently on an Osano Enterprise plan, visit the DSAR documentation to learn how to set up and start using the Secure Messaging Portal. If you’re not yet on an Enterprise plan, but would like to learn how the Osano capabilities in this tier can help your business, contact sales


Product(s) Affected

Core Platform



The managed data privacy platform

Get started with Osano today

Explore Osano

What's New at Osano

Introducing DSAR email intake

Capture data subject rights requests with the convenience of email and the efficiency of a dedicated intake form.

Learn more

New reworked DSAR and discovery

We've reworked and redesigned Osano Subject Rights Management and Data Discovery, unifying them into a single, seamless experience and creating automation to save you time.

Learn more

Stay GDPR compliant under new French ruling

Privacy regulators at the CNIL in France recently declared that Google Analytics violates GDPR. Osano’s new block list feature can disable Google Analytics in France to keep you compliant while allowing you to use Google Analytics in regions where it is still legal.


New in May 2022: DSAR conditional fields, 28 new integrations, and more!

Customize DSAR forms with conditional fields, serve consent banners in additional languages, use 28 new integrations for Data Discovery, and more! Check out our latest product announcement blog for demos, links, and more information.


New in April 2022: Admin notes, IAB TCF updates, and more!

Collaborate on DSARs with internal notes for request submissions. IAB TCF 2.0 Consent Management support has been updated per the latest IAB specifications. 11 new Data Discovery integrations and more! Check out our latest product announcement blog for demos, links, and more information.


View more product updates

Osano product & engineering teams have been hard at work. View the full list of all product updates.

View Product Updates