ChangelogBook a demoSign up

OneTrust Snowflake Native App

This guide explains how to use consent data collected and stored in OneTrust, and passed to Hightouch via the OneTrust Snowflake Native App. Once the app is configured, Hightouch can reference this data in subsets, destination rules, and sync behavior to enforce consent across downstream tools.

Overview

If you’re using OneTrust Universal Consent and Preference Management (UCPM) to manage customer consent and communication preferences, you can use the OneTrust Snowflake Native App to automatically sync consent and preference data into your Snowflake warehouse. This keeps your data warehouse up-to-date in near real-time with the latest opt-ins, opt-outs, and preference changes. Snowflake’s data governance controls are used to mask rows and filter columns to ensure that specific roles can only access the data they are permissioned for.

Once centralized, consent becomes available in Hightouch, where it can be used to:

  • Filter audiences with Subsets

  • Block unconsented records with Destination Rules

  • Remove records from downstream tools (Destinations) when consent is revoked

This workflow ensures that downstream tools only receive and act on data from users who have given the appropriate consent, automating compliance and improving campaign targeting.

Diagram of the OneTrust Snowflake Native App workflow

Setup

To start using OneTrust consent data in Hightouch:

  1. Install and configure the OneTrust Snowflake Native App in your Snowflake account.
    • This streams real-time consent and preference updates from OneTrust into a Snowflake table in your warehouse.
    • You can read OneTrusts complete documentation Universal Consent and Preferences Management here
  2. Set up Snowflake as a Source in Hightouch
    • Follow Snowflake source setup instructions to connect your warehouse and make the OneTrust data accessible to Hightouch.
  3. Create a Parent Model in Customer Studio Schema
    • Go to Customer Studio → Schema
    • Click Create parent model and select your primary user table (e.g., users)
  4. Add your consent table as a related model
    • Depending on your OneTrust setup, you may choose to perform some transformations on this table or create a new view before exposing it to Hightouch.
    • Click on the + button next to the parent model
    • Select the consent table (e.g., DATASUBJECT_CONSENT_VIEW)
    • Define the join condition between your parent model and this consent table
    • Choose the appropriate relationship type
      • If you only have one “consent purpose” in OneTrust, you can use a 1:1 relationship
      • If you have different “consent purposes,” you should choose 1:Many, as OneTrust stores different consent types in different rows
  5. Select relevant consent columns
    • Once the tables are joined, select the consent fields you want to expose in your schema—such as email_opt_in, sms_opt_in, or ad_sharing_opt_in.

These fields will then be available throughout Hightouch to:

  • Filter audiences using Subsets

  • Enforce rules with Destination Rules

  • Configure sync behavior based on consent status

Use Subsets to define reusable filters based on consent preferences. You can apply subsets across audiences, journeys, and syncs to ensure only users who meet consent criteria are included.

Example use case:
Create a subset that includes only records where email_opt_in = true.

Once created, this subset can be:

  • Applied to multiple audiences to enforce consistent filtering across marketing use cases.
  • Set as mandatory for specific user groups (e.g., your email marketing team), so they cannot build audiences without referencing the required consent field.
  • Restricted to certain values, ensuring end users can only select approved options (e.g. forcing the selection of “Opted In” from a consent dropdown).

This helps prevent accidental inclusion of unconsented users in downstream tools.

Consent selection

2. Suppress unconsented records with Destination Rules

Use Destination Rules to define conditions under which Hightouch will block records from syncing to specific destinations.

Example rule:
Block all records where sms_opt_in != true from syncing to your SMS tool.

This acts as a fallback safeguard to prevent unintentional delivery of unconsented data.

Example rule

When a user revokes consent, Hightouch can remove their data from downstream tools—but only if your model is filtered by consent and your sync is configured to support deletions.

Removal options

1. Recurring syncs
On the next scheduled run, Hightouch will remove any records that no longer match your model’s filter.

Requirements:

  • Your model or audience includes a consent-based filter (e.g., email_opt_in = TRUE).
  • Use a sync mode that supports removals
  • Enable record removal in the sync configuration

Removal options

2. Triggered deletions (real-time)
Hightouch will automatically configure a sync as Triggered if your model and destination support real-time updates (e.g., using a CDC or event stream).

If your sync is a Triggered Sync:

  • You’ll see the option:

    Delete records when they no longer match the model

  • Enable this to remove records from the destination as soon as a consent change is detected (e.g., email_opt_in becomes FALSE)

The OneTrust Snowflake Native App can sync a wide range of consent and preference fields into your warehouse—not just binary opt-ins. Modeling these fields effectively allows you to enforce consent logic across multiple tools using Hightouch.

When defining your schema, consider including:

  • Channel-specific consent fields
    Example: email_opt_in, sms_opt_in, push_opt_in
    These allow you to enforce channel-level rules in Destination Rules or Subsets.

  • Communication frequency preferences
    Example: email_frequency= weekly You can use these to suppress over-messaging by filtering for lower-frequency segments.

  • Content or category preferences
    Example: category_preference= mens_clothing Supports targeting users based on stated interests.

  • Consent for data sharing
    Example: ad_sharing_platform_opt_in= true
    Ensures records are only sent to third-party platforms (e.g., Meta, Google) when appropriate consent exists.

Use OneTrust data in Hightouch:

Modeling consent data:

Event-based consent management:

OneTrust documentation:

Ready to get started?

Jump right in or a book a demo. Your first destination is always free.

Book a demoSign upBook a demo

Need help?

Our team is relentlessly focused on your success. Don't hesitate to reach out!

Feature requests?

We'd love to hear your suggestions for integrations and other features.

Privacy PolicyTerms of Service
On this page
  • Overview
  • Setup
  • Enforcing consent in Hightouch
  • 1. Filter audience segments by consent with Subsets
  • 2. Suppress unconsented records with Destination Rules
  • 3. Remove data when consent is revoked
  • Modeling consent and preference data
  • Related documentation

Was this page helpful?