{
    "schema": "https://saferpage.de/schemas/consent-ledger-readiness.v1",
    "generated_at": "2026-07-01T02:30:44+00:00",
    "domain": "adecco.de",
    "available": true,
    "scan": {
        "id": "2d548072-3178-463b-9000-0a15b889b0d3",
        "checked_at": "2026-07-01 00:00:17.846857+02"
    },
    "summary": "adecco.de: Consent-Ledger-Blueprint mit 14 Datenfeldern, 7 Ereignissen, 7 Log-Zeilen und 6 Kategorien für auditierbare Einwilligungsnachweise.",
    "score": 60,
    "categories": [
        {
            "id": "notwendig",
            "label": "Notwendig",
            "consent_mode_key": "security_storage",
            "default_state": "granted",
            "requires_ledger": true,
            "evidence": "Notwendige Dienste getrennt von optionalen Einwilligungen speichern."
        },
        {
            "id": "statistik",
            "label": "Statistik",
            "consent_mode_key": "analytics_storage",
            "default_state": "denied",
            "requires_ledger": true,
            "evidence": "0 Akzeptieren-Control(s), Consent-Zustände getrennt protokollieren."
        },
        {
            "id": "marketing",
            "label": "Marketing / Tracking",
            "consent_mode_key": "ad_storage",
            "default_state": "denied",
            "requires_ledger": true,
            "evidence": "0 Tracking-Cookie(s) vor Consent, 0 datenschutzrelevante Drittanbieter."
        },
        {
            "id": "externe_medien",
            "label": "Externe Medien",
            "consent_mode_key": "functionality_storage",
            "default_state": "denied",
            "requires_ledger": true,
            "evidence": "Kategorie als Consent-Ledger-Schlüssel vorbereiten."
        },
        {
            "id": "komfort",
            "label": "Komfort",
            "consent_mode_key": "functionality_storage",
            "default_state": "denied",
            "requires_ledger": true,
            "evidence": "Kategorie als Consent-Ledger-Schlüssel vorbereiten."
        },
        {
            "id": "unklar",
            "label": "Unklar / blockieren",
            "consent_mode_key": "functionality_storage",
            "default_state": "denied",
            "requires_ledger": true,
            "evidence": "Kategorie als Consent-Ledger-Schlüssel vorbereiten."
        }
    ],
    "events": [
        {
            "id": "banner_shown",
            "label": "Banner angezeigt",
            "trigger": "Erstaufruf ohne gespeicherte Entscheidung",
            "required_fields": [
                "domain",
                "banner_version",
                "policy_version",
                "region",
                "created_at"
            ],
            "evidence": "Belegt, welche Version Nutzer gesehen haben."
        },
        {
            "id": "consent_saved",
            "label": "Einwilligung gespeichert",
            "trigger": "Nutzer klickt Akzeptieren oder speichert Kategorien",
            "required_fields": [
                "consent_id",
                "categories",
                "services",
                "action",
                "created_at"
            ],
            "evidence": "Zentrale Nachweiszeile für aktive Einwilligung."
        },
        {
            "id": "consent_rejected",
            "label": "Ablehnung gespeichert",
            "trigger": "Nutzer klickt Ablehnen",
            "required_fields": [
                "consent_id",
                "categories",
                "action",
                "created_at"
            ],
            "evidence": "Ablehnen muss genauso auditierbar sein wie Akzeptieren."
        },
        {
            "id": "consent_withdrawn",
            "label": "Widerruf gespeichert",
            "trigger": "Privacy-Trigger oder Preference Center ändert Entscheidung",
            "required_fields": [
                "previous_consent_id",
                "withdrawn_at",
                "categories",
                "source"
            ],
            "evidence": "Widerruf überschreibt Downstream-Zustände und muss nachvollziehbar bleiben."
        },
        {
            "id": "gpc_seen",
            "label": "GPC-Signal berücksichtigt",
            "trigger": "Browser sendet Global Privacy Control",
            "required_fields": [
                "gpc_signal",
                "region",
                "action",
                "created_at"
            ],
            "evidence": "0 Datenschutz-Domain(s) im GPC-Kontext."
        },
        {
            "id": "vendor_sync",
            "label": "Downstream-Sync",
            "trigger": "Tag Manager, Analytics, Ads, CRM oder CMP erhält Status",
            "required_fields": [
                "destination",
                "categories",
                "sync_status",
                "created_at"
            ],
            "evidence": "0 datenschutzrelevante Browserkontakt(e) aus dem Scan."
        },
        {
            "id": "rescan_evidence",
            "label": "Re-Scan-Nachweis",
            "trigger": "Nach Ihrer Änderung erneut prüfen",
            "required_fields": [
                "scan_id",
                "checked_at",
                "result_url",
                "evidence_hash"
            ],
            "evidence": "Verbindet Betreiberentscheidung mit technischer Scan-Evidenz."
        }
    ],
    "fields": [
        {
            "field": "consent_id",
            "type": "uuid/string",
            "purpose": "Eindeutiger Nachweisdatensatz",
            "privacy_note": "Nicht als Klartext-Personenkennung verwenden."
        },
        {
            "field": "subject_key_hash",
            "type": "sha256/string",
            "purpose": "Wiedererkennung ohne Klartext-ID",
            "privacy_note": "Salt/Rotation und Zugriffsschutz dokumentieren."
        },
        {
            "field": "domain",
            "type": "string",
            "purpose": "Betroffene Website",
            "privacy_note": "Mandanten-/Domain-Trennung erzwingen."
        },
        {
            "field": "region",
            "type": "string",
            "purpose": "DE/EU/CH/AT oder CMP-Region",
            "privacy_note": "Regelbasiertes Verhalten nachvollziehbar machen."
        },
        {
            "field": "banner_version",
            "type": "string",
            "purpose": "Version der Consent-Oberfläche",
            "privacy_note": "Bei Text-/Layoutänderung erhöhen."
        },
        {
            "field": "policy_version",
            "type": "string",
            "purpose": "Datenschutz-/Cookie-Hinweis-Version",
            "privacy_note": "Mit veröffentlichtem Hinweis und Datum verbinden."
        },
        {
            "field": "categories_json",
            "type": "json",
            "purpose": "Status je Kategorie",
            "privacy_note": "Nur notwendige Kategorien speichern."
        },
        {
            "field": "services_json",
            "type": "json",
            "purpose": "Optionaler Status je Dienst",
            "privacy_note": "Dienste aus Anbieterregister synchronisieren."
        },
        {
            "field": "action",
            "type": "enum",
            "purpose": "accept, reject, save, withdraw, gpc",
            "privacy_note": "Ablehnung und Widerruf gleichwertig protokollieren."
        },
        {
            "field": "ip_hash",
            "type": "string/null",
            "purpose": "Missbrauchs-/Nachweisbezug",
            "privacy_note": "Klartext-IP vermeiden; Speicherfrist begrenzen."
        },
        {
            "field": "user_agent_hash",
            "type": "string/null",
            "purpose": "Technischer Kontext",
            "privacy_note": "Nicht für Tracking oder Profiling verwenden."
        },
        {
            "field": "evidence_ref",
            "type": "string",
            "purpose": "Verweis auf Scan, Screenshot oder Export",
            "privacy_note": "Keine sensiblen Rohdaten in öffentliche Exporte schreiben."
        },
        {
            "field": "created_at",
            "type": "datetime",
            "purpose": "Zeitpunkt der Entscheidung",
            "privacy_note": "Zeitzone und Serverzeit stabil halten."
        },
        {
            "field": "expires_at",
            "type": "datetime/null",
            "purpose": "Review-/Ablauffrist",
            "privacy_note": "Regelmäßige Erneuerung und Löschung planen."
        }
    ],
    "transaction_log_template": [
        {
            "transaction_id": "6440287de6a9fb3c5cd58d2a",
            "domain": "adecco.de",
            "scan_id": "2d548072-3178-463b-9000-0a15b889b0d3",
            "event_id": "banner_shown",
            "label": "Banner angezeigt",
            "action": "show",
            "region": "DE/EU",
            "subject_key_hash": "sha256:template-not-a-user-id",
            "categories": {
                "notwendig": "granted",
                "statistik": "denied_until_choice",
                "marketing": "denied"
            },
            "services": "aus Anbieterregister synchronisieren",
            "evidence_ref": "https://saferpage.de/nachweise/adecco.de/export",
            "created_at": "2026-06-30T22:00:17+00:00",
            "required_fields": [
                "domain",
                "banner_version",
                "policy_version",
                "region",
                "created_at"
            ],
            "previous_hash": "43e00c0f38ece87e2296f9552eab070493038d67c7a21155d5c48d58d8ff2df2",
            "row_hash": "8b7c3859b03a83f9d67feb92e08213b76fbb233c9a9008f768a530a7de43eade"
        },
        {
            "transaction_id": "8912d3fe3fef3cadff396b9d",
            "domain": "adecco.de",
            "scan_id": "2d548072-3178-463b-9000-0a15b889b0d3",
            "event_id": "consent_saved",
            "label": "Einwilligung gespeichert",
            "action": "accept_or_save",
            "region": "DE/EU",
            "subject_key_hash": "sha256:template-not-a-user-id",
            "categories": {
                "notwendig": "granted",
                "statistik": "granted_if_selected",
                "marketing": "granted_if_selected"
            },
            "services": "aus Anbieterregister synchronisieren",
            "evidence_ref": "https://saferpage.de/nachweise/adecco.de/export",
            "created_at": "2026-06-30T22:01:17+00:00",
            "required_fields": [
                "consent_id",
                "categories",
                "services",
                "action",
                "created_at"
            ],
            "previous_hash": "8b7c3859b03a83f9d67feb92e08213b76fbb233c9a9008f768a530a7de43eade",
            "row_hash": "a32da77d5179745b6f2d36bd3e9abcbc994854e108cc6c3db493ec509403876d"
        },
        {
            "transaction_id": "f60dbcd795c41d75cf51bd31",
            "domain": "adecco.de",
            "scan_id": "2d548072-3178-463b-9000-0a15b889b0d3",
            "event_id": "consent_rejected",
            "label": "Ablehnung gespeichert",
            "action": "reject",
            "region": "DE/EU",
            "subject_key_hash": "sha256:template-not-a-user-id",
            "categories": {
                "notwendig": "granted",
                "statistik": "denied_until_choice",
                "marketing": "denied"
            },
            "services": "aus Anbieterregister synchronisieren",
            "evidence_ref": "https://saferpage.de/nachweise/adecco.de/export",
            "created_at": "2026-06-30T22:02:17+00:00",
            "required_fields": [
                "consent_id",
                "categories",
                "action",
                "created_at"
            ],
            "previous_hash": "a32da77d5179745b6f2d36bd3e9abcbc994854e108cc6c3db493ec509403876d",
            "row_hash": "42bec04a48e25087600c9020444f0dc7c4e4807d1455f185445de02f7814abda"
        },
        {
            "transaction_id": "e3cf908a02b45833b8f8519e",
            "domain": "adecco.de",
            "scan_id": "2d548072-3178-463b-9000-0a15b889b0d3",
            "event_id": "consent_withdrawn",
            "label": "Widerruf gespeichert",
            "action": "withdraw",
            "region": "DE/EU",
            "subject_key_hash": "sha256:template-not-a-user-id",
            "categories": {
                "notwendig": "granted",
                "statistik": "denied_until_choice",
                "marketing": "denied"
            },
            "services": "aus Anbieterregister synchronisieren",
            "evidence_ref": "https://saferpage.de/nachweise/adecco.de/export",
            "created_at": "2026-06-30T22:03:17+00:00",
            "required_fields": [
                "previous_consent_id",
                "withdrawn_at",
                "categories",
                "source"
            ],
            "previous_hash": "42bec04a48e25087600c9020444f0dc7c4e4807d1455f185445de02f7814abda",
            "row_hash": "aa32372d4874a39f6a0e485eca4ba2e44f07206affdc033eafd26860f4a189c0"
        },
        {
            "transaction_id": "0a5b75c5af626ab127cbf990",
            "domain": "adecco.de",
            "scan_id": "2d548072-3178-463b-9000-0a15b889b0d3",
            "event_id": "gpc_seen",
            "label": "GPC-Signal berücksichtigt",
            "action": "gpc",
            "region": "DE/EU",
            "subject_key_hash": "sha256:template-not-a-user-id",
            "categories": {
                "notwendig": "granted",
                "statistik": "denied_until_choice",
                "marketing": "denied"
            },
            "services": "aus Anbieterregister synchronisieren",
            "evidence_ref": "https://saferpage.de/nachweise/adecco.de/export",
            "created_at": "2026-06-30T22:04:17+00:00",
            "required_fields": [
                "gpc_signal",
                "region",
                "action",
                "created_at"
            ],
            "previous_hash": "aa32372d4874a39f6a0e485eca4ba2e44f07206affdc033eafd26860f4a189c0",
            "row_hash": "5d62761737115e4f2a473d19ad5c3542bf30a0850951ca11e37f180987c5a8c8"
        },
        {
            "transaction_id": "7bc5213e8ccddd4a6a7670ff",
            "domain": "adecco.de",
            "scan_id": "2d548072-3178-463b-9000-0a15b889b0d3",
            "event_id": "vendor_sync",
            "label": "Downstream-Sync",
            "action": "sync",
            "region": "DE/EU",
            "subject_key_hash": "sha256:template-not-a-user-id",
            "categories": {
                "notwendig": "granted",
                "statistik": "granted_if_selected",
                "marketing": "denied"
            },
            "services": "aus Anbieterregister synchronisieren",
            "evidence_ref": "https://saferpage.de/nachweise/adecco.de/export",
            "created_at": "2026-06-30T22:05:17+00:00",
            "required_fields": [
                "destination",
                "categories",
                "sync_status",
                "created_at"
            ],
            "previous_hash": "5d62761737115e4f2a473d19ad5c3542bf30a0850951ca11e37f180987c5a8c8",
            "row_hash": "0c5eae191c8d579b4307832d277411ac01808fcc4a2831334d6cacada8034ade"
        },
        {
            "transaction_id": "08d200d05f95f0867c8efb1e",
            "domain": "adecco.de",
            "scan_id": "2d548072-3178-463b-9000-0a15b889b0d3",
            "event_id": "rescan_evidence",
            "label": "Re-Scan-Nachweis",
            "action": "rescan",
            "region": "DE/EU",
            "subject_key_hash": "sha256:template-not-a-user-id",
            "categories": {
                "notwendig": "granted",
                "statistik": "denied_until_choice",
                "marketing": "denied"
            },
            "services": "aus Anbieterregister synchronisieren",
            "evidence_ref": "https://saferpage.de/nachweise/adecco.de/export",
            "created_at": "2026-06-30T22:06:17+00:00",
            "required_fields": [
                "scan_id",
                "checked_at",
                "result_url",
                "evidence_hash"
            ],
            "previous_hash": "0c5eae191c8d579b4307832d277411ac01808fcc4a2831334d6cacada8034ade",
            "row_hash": "dd2f209091acd8991170d5dd83a3982d8c2705c6ceac2a32b513c7f3816fc421"
        }
    ],
    "log_export_controls": [
        {
            "id": "domain_period",
            "label": "Domain und Zeitraum",
            "control": "Export immer nach Domain, Zeitraum und Rechtsraum filtern; keine domainübergreifenden Rohlogs ohne Zweckfreigabe."
        },
        {
            "id": "pseudonymization",
            "label": "Pseudonymisierung",
            "control": "Subject-, IP- und User-Agent-Bezug nur gehasht und mit Zugriffsschutz exportieren."
        },
        {
            "id": "hash_chain",
            "label": "Hashkette",
            "control": "Jede Zeile enthält previous_hash und row_hash, damit nachträgliche Änderungen auffallen."
        },
        {
            "id": "dsar_scope",
            "label": "Betroffenenrechte",
            "control": "DSAR-Export trennt Nachweiszweck, technische Logs und Lösch-/Sperrentscheidungen."
        },
        {
            "id": "retention_window",
            "label": "Aufbewahrung",
            "control": "Nachweisfrist und Löschfristen je Zweck dokumentieren; abgelaufene Rohdaten aggregieren oder löschen."
        }
    ],
    "storage_controls": [
        {
            "id": "minimize",
            "label": "Daten minimieren",
            "action": "Klartext-IP, User-Agent und Personenkennung vermeiden; Hash/Salt und kurze Fristen verwenden."
        },
        {
            "id": "versioning",
            "label": "Versionen speichern",
            "action": "Banner-, Policy-, Kategorie- und Anbieterregister-Version bei jeder Entscheidung speichern."
        },
        {
            "id": "withdrawal",
            "label": "Widerruf aktiv synchronisieren",
            "action": "Widerruf an Tag Manager, CMP, Analytics, Ads und CRM weitergeben und Synchronisierung protokollieren."
        },
        {
            "id": "retention",
            "label": "Löschfrist festlegen",
            "action": "Nachweisfrist, Zweckende, erneute Einwilligung und DSAR-Löschung als Löschtrigger definieren."
        },
        {
            "id": "access",
            "label": "Zugriff beschränken",
            "action": "Ledger nur für Datenschutz/Compliance/IT freigeben; Exportzugriffe protokollieren."
        }
    ],
    "snippets": [
        {
            "id": "sql_table",
            "label": "SQL Ledger Tabelle",
            "placement": "Backend-Datenbank oder Consent-Service",
            "code": "CREATE TABLE consent_ledger_adecco_de (\n  consent_id text PRIMARY KEY,\n  subject_key_hash text NOT NULL,\n  domain text NOT NULL,\n  region text NOT NULL,\n  banner_version text NOT NULL,\n  policy_version text NOT NULL,\n  action text NOT NULL CHECK (action IN ('accept','reject','save','withdraw','gpc')),\n  categories_json jsonb NOT NULL,\n  services_json jsonb NOT NULL DEFAULT '{}'::jsonb,\n  gpc_signal boolean NOT NULL DEFAULT false,\n  ip_hash text,\n  user_agent_hash text,\n  evidence_ref text,\n  created_at timestamptz NOT NULL DEFAULT now(),\n  expires_at timestamptz\n);\nCREATE INDEX consent_ledger_adecco_de_subject_idx ON consent_ledger_adecco_de (subject_key_hash, created_at DESC);"
        },
        {
            "id": "browser_event",
            "label": "Browser Event Bridge",
            "placement": "Nach Banner-Entscheidung, serverseitig validieren",
            "code": "window.addEventListener('saferpage-consent-update', function (event) {\n  fetch('/privacy/consent-ledger', {\n    method: 'POST',\n    headers: {'Content-Type': 'application/json'},\n    credentials: 'same-origin',\n    body: JSON.stringify({\n      domain: 'adecco.de',\n      banner_version: 'v1',\n      policy_version: 'privacy-notice-current',\n      action: 'save',\n      categories: event.detail,\n      evidence_ref: window.location.href\n    })\n  });\n});"
        }
    ],
    "links": {
        "ledger_center": "https://saferpage.de/consent-ledger/adecco.de",
        "json": "https://saferpage.de/consent-ledger/adecco.de/export",
        "csv": "https://saferpage.de/consent-ledger/adecco.de/export-csv",
        "markdown": "https://saferpage.de/consent-ledger/adecco.de/runbook-md",
        "transactions_jsonl": "https://saferpage.de/consent-ledger/adecco.de/transactions-jsonl",
        "banner_template": "https://saferpage.de/consent-banner/adecco.de",
        "consent_region": "https://saferpage.de/consent-region/adecco.de",
        "consent_center": "https://saferpage.de/consent/adecco.de",
        "consent_journey": "https://saferpage.de/consent-journey/adecco.de",
        "consent_mode": "https://saferpage.de/consent-mode/adecco.de",
        "operator_board": "https://saferpage.de/betreiber/adecco.de",
        "report": "https://saferpage.de/adecco.de"
    },
    "sources": [
        {
            "title": "iubenda Consent Database",
            "url": "https://www.iubenda.com/privacy-policy/252372/cookie-policy.pdf",
            "note": "Orientierung für Consent-Datenbank als Nachweisfunktion."
        },
        {
            "title": "OneTrust Privacy Operations",
            "url": "https://www.onetrust.com/products/privacy-operations/",
            "note": "Orientierung für Workflows, Risk Mitigation und Privacy Operations."
        },
        {
            "title": "Cookiebot scan reports",
            "url": "https://support.cookiebot.com/hc/en-us/articles/5007079527580-Understanding-the-scan-report",
            "note": "Orientierung für wiederkehrende Scan- und Report-Nachweise."
        }
    ],
    "disclaimer": "Der Ledger-Blueprint ist eine technische Betreiber-Vorlage. Rechtsgrundlage, Speicherfrist, Zugriffsschutz und Integration in CMP/Backend müssen fachlich freigegeben werden."
}
