When setting rules for tags you want to block, we provide default categories that guide the system on how to handle and block them. Here's what each category means.
📌 Note: This is for users of Privacy Edge Protection and Blocking
- For those that have Privacy Edge Protection and Blocking, you will need to configure blocking settings for the third parties detected on your website. The 3rd party categories are available on the 3rd party module in Privacy Edge.
Category Descriptions
Unclassified
This category temporarily stores newly discovered third-party domains for evaluation before they are moved to a predefined category. If no existing category fits, a new one can be created with custom Guardian rules. While domains in this category are not blocked, they undergo privacy risk assessments. The following checks are conducted: fingerprinting (whether the domain’s scripts perform browser fingerprinting), PII (whether requests contain sensitive data), young domains (whether the domain is recently registered), bad geos (whether the domain operates from undesirable regions), trackers (whether requests have tracking characteristics), session replay capabilities, and malware (whether flagged in known malware lists).
Trusted
Domains in this category are fully trusted by Guardian. Guardian will not intercept, check, or block these domains. Typically, authentication services or payment processors are placed here. Use this category for domains you trust completely and are confident in their behavior. The Trusted category is typically assigned to all strictly necessary tags.
Basic Protection
Domains in this category are permitted to operate with specific restrictions. Guardian allows traffic from these domains only if they follow defined rules, such as avoiding certain geographic regions and blocking requests that contain sensitive, user-specified data. This category applies conditional blocking based on the set criteria. Avoid placing critical domains here if they need to handle personal information.
Blocked
Domains in this category are fully blocked by Guardian when encountered. This is a strict blocking rule, independent of user consent or any consent management platforms (CMP) in use. Use this category for domains you absolutely do not want to operate on your site.
Approved
Domains placed in this category are known to your organization and have been specifically approved to operate on your site. You have full control over the Guardian rules assigned to this category. Initially, this category will default to the following rules:- Requests containing sensitive data in their outbound payloads will not be blocked.
- Domains matched to a malware list will be blocked.
- Domains operating in undesirable geographies will be blocked.
Creating a Custom Category
If none of the predefined categories are suitable, you have the option to create one or more custom categories. However, we recommend against this at the current stage, as managing granular rules across many categories can become complex.
In Privacy Edge, when creating a custom category, you define both a name and the Guardian rules that apply. Conditional checks can be enabled, and if a domain fails any of these checks, Guardian will block the request.
Example: Some customers create custom categories for platforms like YouTube or Vimeo. They configure the category to block requests related to analytics or telemetry data, while still allowing core functionality—like video playback—to continue without interruption.