GDPR and CCPA
Keep in mind that it’s best to contact qualified legal professionals, if you haven’t done so already, to get more information and be well-prepared for compliance.
The General Data Protection Regulation, better known as GDPR, took effect on May 25, 2018. It's a set of rules designed to give EU citizens more control over their personal data. Any businesses established in the EU or with users based in Europe are required to comply with GDPR or risk facing heavy fines. The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020. We have put together some guidelines to help publishers understand better the steps they need to take to be GDPR compliant.
Step 1. Update Privacy Policy
Include Additional Information To Your Privacy Policy
Don’t forget to add information about IP address and advertising ID collection, as well as the link to Appodeal’s privacy policy to your app’s privacy policy on the App Store.
To speed up the process, you could use privacy policy generators - just insert advertising ID, IP address, and location (if you collect users’ location) in the Personally Identifiable Information you collect field (in line with other information about your app) and the link to Appodeal’s privacy policy in the Link to the privacy policy of third party service providers used by the app field.
Add A Privacy Policy To Your Mobile App
You must add your explicit privacy policies in two places: on your app’s Store Listing page and within your app.
You can find detailed instructions on adding your privacy policy to your app on legal service websites. For example, Iubenda, the solution tailored to legal compliance, provides a comprehensive guide on including a privacy policy in your app.
Make sure that your privacy policy website has an SSL certificate—this point might seem obvious, but it’s still essential.
Here are two useful resources that you can utilize while working on your app compliance:
- Privacy, Security and Deception regulations (by Google Play)
- Recommendations on Developing a Meaningful Privacy Policy (by Attorney General California Department of Justice)
Please note that although we’re always eager to back you up with valuable information, we’re not authorized to provide any legal advice. It’s important to address your questions to lawyers who specialize in this area.
Step 2. Configure Stack Consent Manager with TCF v2 Support
Since Appodeal SDK 3.2.1
it is fully compatible with Google UMP and supports IAB TCF v2.
In order for Appodeal and our ad providers to deliver ads that are more relevant to your users, as a mobile app publisher, you need to collect explicit user consent in the regions covered by GDPR.
To get consent for collecting personal data of your users, we suggest you use a ready-made solution - Stack Consent Manager based on Google User Messaging Platform (UMP).
Before you start, you need to configure Google UMP. Follow this instruction to setup a consent form.
Step 3. Integrate Stack Consent Manager
Stack Consent Manager comes with a pre-made consent window that you can easily present to your users. That means you no longer need to create your own consent window.
Consent will be requested automatically on SDK initialization, and consent form will be shown if it is necessary without any additional calls.
Please keep in mind that Consent will be shown only in the EU region, you can use VPN for testing.
This means that Appodeal SDK integration code remains the same:
- Kotlin
- Java
override fun onCreate(savedInstanceState: Bundle?) {
super.onCreate(savedInstanceState)
Appodeal.initialize(activity, appKey, adTypes, object : ApdInitializationCallback {
override fun onInitializationFinished(list: List<ApdInitializationError>?) {
//Appodeal initialization finished
}
})
}
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
Appodeal.initialize(activity, appKey, adTypes, new ApdInitializationCallback() {
@Override public void onInitializationFinished(List<? extends ApdInitializationError> list) {
//Appodeal initialization finished
}
});
}
Advanced
Stack Consent Manager is included in Appodeal SDK by default. Consent will be requested automatically on SDK initialization , and consent form will be shown if it is necessary without any additional calls.
You can still use your own Consent Manager or customize ours by following the steps below.
If you wish, you can manage and update consent manually using Stack Consent Manager calls.
Update Consent Status
To update the consent, call the method:
- Kotlin
- Java
override fun onCreate(savedInstanceState: Bundle?) {
ConsentManager.requestConsentInfoUpdate(
parameters = ConsentUpdateRequestParameters(
activity = YourActivity@ this,
key = YOUR_APP_KEY,
tagForUnderAgeOfConsent = false,
sdk = "Appodeal",
sdkVersion = Appodeal.getVersion()
),
callback = object : ConsentInfoUpdateCallback {
override fun onUpdated() {
// User's consent status successfully updated.
}
override fun onFailed(error: ConsentManagerError) {
// Initialize the Appodeal SDK with default params.
}
}
)
}
@Override
protected void onCreate(Bundle savedInstanceState) {
ConsentManager.requestConsentInfoUpdate(
new ConsentUpdateRequestParameters(
YourActivity.this,
YOUR_APP_KEY,
false,
"Appodeal",
Appodeal.getVersion()),
new ConsentInfoUpdateCallback() {
@Override
public void onUpdated() {
// User's consent status successfully updated.
}
@Override
public void onFailed(ConsentManagerError error) {
// Initialize the Appodeal SDK with default params.
}
}
);
}
requestConsentInfoUpdate
can be requested at any moment of the application lifecycle.
We recommend call request it at the application launch. Multiple request calls are allowed.
Required parameters:
YOUR_APP_KEY
- Appodeal app key, you can get it in your personal account;
ConsentUpdateRequestParameters
- Data class representing the parameters for a consent update
request in the Appodeal Consent Manager. Use this class to encapsulate the necessary information
for updating consent preferences.
Params:
activity
- Activity The activity in which the consent update is requested.key
- The key associated with the user for whom the consent is being updated.tagForUnderAgeOfConsent
- Optional. Indicates whether the user is tagged for under the age of consent. Set to true if the user is under the age of consent, otherwise set to false or null.sdk
- Optional. The identifier for the SDK making the consent update request.sdkVersion
- Optional. The version of the SDK making the consent update request.
ConsentInfoUpdateCallback
- listener for result request.
Current consent status
After consent info was updated you may check the current consent status:
- Kotlin
- Java
val status: ConsentStatus = ConsentManager.status
ConsentStatus status = ConsentManager.getStatus();
Enum class representing the possible consent statuses in the Appodeal Consent Manager.
Unknown
- Represents an unknown consent status;Required
- Represents a required consent status;NotRequired
- Represents a not required consent status;Obtained
- Represents an obtained consent status.
Can show personalized ads
You may check whether ads can be shown based on the current consent status using:
- Kotlin
- Java
ConsentManager.canShowAds()
ConsentManager.canShowAds();
If the user is not within the scope of laws restricting the collection of personal data (ConsentStatus.NotRequired
)
or the consent form has already been displayed and a response from the user has been
received(ConsentStatus.Obtained
) then canShowAds()
returns true
, indicating, that the
ad can be shown, otherwise it returns false
.
Load Consent Form
You may load and receive ConsentForm
using following code:
- Kotlin
- Java
ConsentManager.load(
context = YourActivity@this,
successListener = object : OnConsentFormLoadSuccessListener {
override fun onConsentFormLoadSuccess(consentForm: ConsentForm) {
// Consent form was loaded. Now you can display consent form as dialog
}
},
failureListener = object : OnConsentFormLoadFailureListener {
override fun onConsentFormLoadFailure(error: ConsentManagerError) {
// Consent form loading or showing failed. More info can be found in 'error' object
// Initialize the Appodeal SDK with default params.
}
}
)
ConsentManager.load(
YourActivity.this,
new OnConsentFormLoadSuccessListener() {
@Override
public void onConsentFormLoadSuccess(ConsentForm consentForm) {
// Consent form was loaded. Now you can display consent form as dialog
}
},
new OnConsentFormLoadFailureListener() {
@Override
public void onConsentFormLoadFailure(ConsentManagerError error) {
// Consent form loading or showing failed. More info can be found in 'error' object
// Initialize the Appodeal SDK with default params.
}
}
);
Show consent form
After the consent window Is ready you can show it.
- Kotlin
- Java
consentForm.show(
activity = InterstitialActivity@this,
listener = object : OnConsentFormDismissedListener {
override fun onConsentFormDismissed(error: ConsentManagerError?) {
// Consent form loading or showing failed, or it does not required.
// More info can be found in 'error' object
}
}
)
consentForm.show(
InterstitialActivity.this,
new OnConsentFormDismissedListener() {
@Override
public void onConsentFormDismissed(ConsentManagerError error) {
// Consent form loading or showing failed, or it does not required.
// More info can be found in 'error' object
}
}
);
Load and show if required
You may also load the form and immediately show it if required
- Kotlin
- Java
ConsentManager.loadAndShowConsentFormIfRequired(
activity = YourActivity@this,
dismissedListener = object : OnConsentFormDismissedListener {
override fun onConsentFormDismissed(error: ConsentManagerError?) {
// Consent form loading or showing failed, or it does not required. More info can be found in 'error' object
}
}
)
ConsentManager.loadAndShowConsentFormIfRequired(
YourActivity.this,
new OnConsentFormDismissedListener() {
@Override
public void onConsentFormDismissed(ConsentManagerError error) {
// Consent form loading or showing failed, or it does not required. More info can be found in 'error' object
}
}
);
Revokes consent
You may reset the consent status to unknown
, using method:
- Kotlin
- Java
ConsentManager.revoke(context = YourActivity@this)
ConsentManager.revoke(YourActivity.this)
Params:
context
- The context in which consent is revoked.