General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a set of requirements generally designed to give people in Europe more protection of and control over their data. The requirements apply to all organizations, in any location and industry, that process the personal data of European Union (EU) residents. To help ensure compliance, there are SDK APIs that allow the publisher to identify users that fall under GDPR. For such users, the publisher can provide a ‘Consent String’ which allows more discrete control over the user’s information.

ConsentRequired

Android
public static void setConsentRequired(boolean consentRequired)
iOS
-(void)setConsentRequired:(BOOL)consentRequired

ConsentRequired is a boolean that is set to true when a user falls under GDPR jurisdiction. Setting this to true restricts information about the user from being used or passed over the network in order to comply with GDPR. ConsentRequired must be set to true if any of the following apply:

  1. the user of the app is currently located in the EU.
  2. the user has registered with the app as a EU resident.
  3. the app is specifically targeted to EU users.

ConsentRequired must be set after initialization of the SDK and prior to making the first ad request. If none of the preceding rules are true then neither the app nor user fall into EU jurisdiction. In this case, the default value of FALSE applies and setting ConsentRequired is not required. Should information about the user or location change during the application lifecycle, then the value should be updated via the setConsentRequired method.

ConsentData

Android
public static void setConsentData(String key, String value)
iOS
-(void)setConsentDataValue:(nullable NSString *)consentDataValue forKey:(nonnull NSString *)consentDataKey

ConsentData is a set of key-value pairs and serves as a mechanism to provide one or more ‘consent strings’ to the SDK and downstream demand sources where applicable. Consent strings contain specifics on the consent provided by the user. ConsentData is only persisted for the lifecycle of the app and must be set in conjunction with ConsentRequired, after SDK initialization and before requesting the first ad. Should the user’s consent information change during the application lifecycle then ConsentData should be updated accordingly.

Adding Items to the set: Setting ‘ConsentData’ with a key that does not already exist in the set will add that key-value pair to the set.

Updating values in the set: Setting ‘ConsentData’ with a key that already exists will overwrite the current value.

Removing items from the set: Setting ‘ConsentData’ using a key that already exists in the set and a value of NULL will remove the item with the matching key from the set.

Android
IAB_CONSENT_KEY
iOS
MMIABConsentKey

To ensure consistency adding an IAB consent string, a constant was created to be used for the key. The IAB Consent Key constant must be used for the key when providing an IAB formatted consent string.

For Example:

Android
setConsentData(IAB_CONSENT_KEY,”{IAB Consent Data}”)
iOS
setConsentDataValue:@”{IAB Consent Data}” forKey:MMIABConsentKey
Android
public static void clearConsentData()
iOS
(void)clearConsentData

These methods can be used in cases where you want to clear the entire set of ‘ConsentData’.