General Data Protection Regulation (GDPR) compliance
As the May 25 deadline looms closer, we are all starting to feel the pressure rise. The good news for publishers is that all their major partners, including Appodeal, have made it their aim to assist with GDPR compliance.
To that effect, we are sharing this article to answer all those last minute questions you may have about what comes next, so that you can keep working with Appodeal as usual, and avoid future headaches related to the new regulations.
Should I collect consent from end-users and how can I implement it in my apps?
To make the process easier, we have added consent windows to our demo projects for iOS, Android, Unity and Corona platforms. Please follow the links below to see demo projects.
Tips on implementing a consent window:
To keep your UX as compelling as it was before, you can stylize your consent window to match the main app interface.
In order to avoid annoying users, save the returned consent result between sessions so they aren’t asked every time they open your app.
Once an end-user changes their mind and decides to withdraw their consent, they should proceed to “Settings” to limit ad tracking. You can add a special “Withdraw my consent” button to your app instead, so users won’t have to look for a setting themselves.
Remember that you are only required to collect consent in countries covered by GDPR.
What happens if we don’t implement a consent window by May 25, 2018? Will you stop serving ads? What if a user rejects our notification about personal data, will they still be able to see ads?
There are two scenarios: the first one is for older versions of Appodeal SDK, the second is for an updated SDK 2.4 version with both Parallel Bidding and GDPR-compliance that will be ready before May 25, 2018. Please note that both scenarios require integration of a consent window into your app.
1. Older SDK versions
As for older versions of the SDK, we will continue to support them moving forward. It’s important to know that if an end-user doesn’t provide their consent to sharing personal information, you shouldn’t initialize Appodeal SDK and show ads to such end-users.
2. SDK 2.4.1 with a GDPR-related functionality and Parallel Bidding
The updated 2.4 version of the Parallel Bidding SDK can be initialized whether or not an end-user provides their consent. Publishers will still be responsible for collecting this consent and passing it to our SDK.
In case an end-user doesn’t agree on processing their personal data, Appodeal SDK 2.4 will notify all ad demand partners so they won’t collect any information from this user and our ad demand partners will just show non-targeted and less relevant ads to such users. If consent is given, they will personalize an end-user ad experience in accordance with shared information.
Will all networks be initialized and GDPR compliant?
Unfortunately, we can’t speak on behalf of all demand partners, but the majority of them have already taken actions in order to be GDPR-compliant. If any particular partners are not GDPR-compliant after May 25, 2018, we will notify users and disable the SDK of those partners in countries covered by GDPR.
Please feel free to reach out to us with any questions if something is not clear. We’re always happy to help you at firstname.lastname@example.org. To confirm what your next steps toward compliance might involve, please consult your lawyers to make sure you’re on the right path.