Back to Blog

Consent Management vs Consent Orchestration: What’s The Difference?

Over recent years, the data privacy landscape has experienced an incredible shift, and brought with it the notion of consent management. Consumers have demanded more control, transparency and privacy in regards to their personal data – and their concerns have been heard and actioned through the introduction of data privacy laws like GDPR in Europe.

To comply with consumers’ requests (and the law), businesses are now required to shore up their consent practices and protect their customers’ personal data, or face hefty fines and damage to brand reputation. Many brands are already experiencing the consequences of the former: in fact, the number of fines for GDPR violations has surged by 113% in the last year alone.

Besides continuing to provide personalised experiences to customers, brands have two main challenges:

  1. They need a way to collect and manage a customer’s consent preferences
  2. They need to reflect these consent preferences in the right communication channels – and to do so at scale

In response to these challenges, a new lexicon of confusing terminology has emerged (describing a new universe of tools to go with them), including:

  • Consent Management
  • Consent Collection
  • Consent Mastering
  • Consent Orchestration
  • Consent Activation

In the search for solutions to the new challenges of consent, it’s important to understand what these mean and the important differences between them. In this article, we’ll unpack these terms and show how they fit together in an overall picture of effective management of consent.

What is Consent Management?

Consent Management is a system of processes used by organisations to collect, share and update an individual’s consent and marketing choices across channels. This allows for compliance with data regulations, such as GDPR and CCPA.

This is perhaps the most-recognised term of all the ones we’re referring to today, and that’s because of the growing number of Consent Management Platforms (CMPs) on the market.

A CMP informs website visitors about which types of data the business will collect and what it will be used for, and then store visitor consent data and handle data alteration requests made by the visitor, such as accessing or erasing the stored data.

Website visitors will primarily encounter CMPs as pop-up forms that ask them to specify which data can be collected once a website homepage or landing page has completed loading (see example pop-up below from The Telegraph’s website). From a brand reputation perspective, this helps provide visible assurance to visitors that the company is taking the collection of their data seriously, which helps build trust.

Some CMPs will display privacy notices that ask visitors to accept or decline various preferences for their data collection, whilst others will request permission from visitors to use sensitive data like their location. Others will simply inform visitors that their data is being collected. However, the best CMPs will provide proof of data compliance through accessible audit trails which can be used to demonstrate compliance and protect your business from fines.

Overall, they provide transparency into a business’s data collection and usage compliance, and are considered necessary platforms for companies to maintain compliance in their data collection. Popular examples include UserCentrics and Didomi.

What Is Consent Orchestration?

Consent Orchestration is the process of unifying siloed consent and marketing preferences data from multiple data sources (including a client’s CMP) and reflecting the same choices in relevant marketing channels.

Consent Orchestration should not be confused with Consent Management; in fact, the former simply continues the user consent journey that begins through the use of a CMP (see data flow diagram below).

It works by combining three different consent processes together:

  1. Consent Collection
    Consent Collection refers to the collection of consent data from a client’s CMP (which usually includes Web and App data), as well as other data sources, such as a CRM or Loyalty Program.

2. Consent Mastering
Consent Mastering is when consent choices are standardised under a single Customer Unique ID. This involves mapping different consent labels that can be found in different data sources to a structured single taxonomy. For example, mapping ‘Y/N’, ‘Accept / Decline’ and ‘TRUE / FALSE’ to ‘Yes / No’. Rules can then be configured to ensure consent and marketing preferences are applied to different marketing channels (like Google or Facebook). This gives brands the ability to create universal rules at the channel level.

3. Consent Activation
Finally, consent choices are correctly reflected in all marketing and advertising platforms through Consent Activation. The automation of this final phase allows the marketer to operate at speed and scale, assured in the knowledge that all customer data includes the correct consent choices (minimising the continued oversight of the Data Protection Officer too).

Do I need Consent Management AND Consent Orchestration?

In one word, ‘yes’. Here’s why:

Consent needs a 360° view, too

In marketing, it’s now a received wisdom that a 360° customer view is a critical foundation, resolving cross-channels conflicts and providing a clear, actionable view of the customer. What’s less well understood is that consent needs the same approach – after all, many businesses allow for the giving (and retraction) of consent at multiple touchpoints (i.e. email and account creation), which if left unresolved can result in inaccurate reflection of consent (and therefore potential regulatory violations).

Solving this problem is more or less what Consent Orchestration does: the unification and standardisation of consent from multiple sources allows a business to have a holistic view of customer consent across its organisation. Consent Orchestration solves channel conflict, meaning that the channel with the most recent timestamp overrides previous selections, giving marketers the guardrails they need to always honour the most up-to-date consent choices of its customers.

Operating at speed and scale is critical

At the heart of a Customer Data Platform (CDP) is the value that unified customer data brings to support marketing goals. This unified data is of little value if it does not include customer consent, as each campaign will still require manual effort and sign off from the DPO. Marketers must increase the speed and scale of their automation initiatives in order to be efficient and meet KPIs. Including consent purposes and marketing preferences in the unification process ensures consented data is always accessible in the platform, ready to be activated in martech and adtech channels. ‘Always-on data’ increases the speed of campaign activation as well as the number of parallel campaigns live at one time (scale).

In short, scale helps solve for more simultaneous active campaigns and speed helps get results faster.

Data Protection Officers need oversight – but not too much

A constant requirement of marketers when building campaigns is to ensure customer data includes the most accurate and up-to-date consent choices. Not only that, marketers must also have the ability to engage with customers in their preferred channels. This requires a DPO’s involvement and final approval for each campaign, as their job is to monitor compliance and mitigate risk. An orchestrated process delivers complete compliance in a ‘one and done’ approach that improves cross-departmental efficiency and minimises the involvement of the DPO in marketing-led initiatives.


Without Consent Management and Consent Orchestration, businesses risk being non-compliant with today’s strict data privacy and security regulations and delivering a poor customer experience.

Zeotap’s Consent Orchestration module, when paired with a reliable Consent Management Platform, can help ensure an organisation remains compliant with constantly evolving consumer data regulations, whilst delivering an omnichannel experience capable of bolstering brand loyalty and providing personalised customer experiences.

Upgrade from the desired state of a single customer view to a single customer consent view, built with scalable consent rails.

Want to learn more about Consent Orchestration? Reach out for a free demo today.

Share this post

Related blog posts

Sign up for our newsletter

Be the first to get access to our marketing resources and keep up to date with the latest CDP best practices, privacy standards, marketing, and customer data.

Industry recognitions

Trusted by

What our customers say

Schedule a Demo

It is simple to deliver amazing customer experiences without compromising user privacy. Complete the short form, and we’ll be in touch to schedule your demo.