GDPR and CCPA
The General Data Protection Regulation, better known as GDPR, took effect on May 25, 2018. It’s a set of rules designed to give EU citizens more control over their personal data. Any businesses established in the EU or with users based in Europe are required to comply with GDPR or risk facing heavy fines. The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020.We have put together some guidelines to help publishers understand better the steps they need to take to be GDPR compliant.
Here’s are two useful resources that you can utilize while working on your app compliance:
Please note that although we’re always eager to back you up with valuable information, we’re not authorized to provide any legal advice. It’s important to address your questions to lawyers who specialize in this area.
Step 2: Adding Consent Window
In order for Appodeal and our ad providers to deliver ads that are more relevant to your users, as a mobile app publisher, you need to collect explicit user consent in the regions covered by GDPR and CCPA.
Stack Consent Manager comes with a pre-made consent window that you can easily present to your users. That means you no longer need to create your own consent window.
2.1. Using Appodeal consent manager SDK
Minimal requirements: Appodeal SDK 2.7.0 or higher.
2.1.1. Choosing your type of installation
1.Add the following line into your Podfile
2.Run pod install
Consent manager SDK can be synchronized at any moment of application lifecycle. We recommend to synchronize it at application launch. Multiple synchronization calls are allowed.
StackConsentManager/StackConsentManager.h in AppDelegate.m
APP_KEY is required parameter (Appodeal APP Key)
completion is block that invokes after synchronization
After synchronization completion, you can receive information about the previous user consent and regulation zone. Before synchronization these parameters are
You can force consent manager to write iAB keys in
NSUserDefaults by setting up storage property before synchronization to
SDK does not remove iAB keys from NSUserDefaults and only overrides them
You can register yourself as a vendor before synchronization.
|id||Integer||iAB id. If you are not registered as iAB vendor you can use custom id|
|name||String||Display name. Will be displayed in the consent window|
|status||String||Custom string to check consent result for a specific vendor|
|purposesIds||Array of integers||iAB purposes ids array|
|featuresIds||Array of integers||iAB features ids array|
|legIntPurposeIds||Array of integers||iAB leg int purposes ids array|
SDK only allows calling consent window api after synchronization
After SDK has been synchronized, you can load the consent window. Loading is allowed in any regulation zone and independent from previous consent.
2.1.4. Displaying consent dialog
You can check if the consent window is ready.
When the consent window Is ready you can present it from the top view controller
Handling presentation callbacks
2.2. Creating your own Consent Window
If you don't want to use the Stack Content Manager SDK, you can create own consent window.
Tips on implementing a consent window:
To keep your UX as compelling as it was before, you can stylize your consent window to match the main app interface.
In order to avoid annoying users, save the returned consent result between sessions so they aren’t asked every time they open your app.
Once an end-user changes their mind and decides to withdraw their consent, they should proceed to “Settings” to limit ad tracking. You can add a special “Withdraw my consent” button to your app instead, so users won’t have to look for a setting themselves.
Remember that you are only required to collect consent in countries covered by GDPR
Step 3: Modifying Integration Code
You need to update your apps to collect the user consent prior to initializing our SDK
1. Starting from version 2.7.0, you can use the Stack Consent Manager SDK to process and pass user' consent:
Publishers need to pass the Consent result object from Stack Consent Manager SDK to the +
initialize method of our SDK.
2. If you don't want to use Stack Content Manager SDK, you can use the old version to pass the user's consent:
Publishers need to pass the boolean consent flag(with 'false' meaning that the user refused to give consent) to the +initialize method of our SDK.
3. Example of initializeAppodealSDK method:
You can use this example as reference or you can check our implementation in demo.