Skip to content

Privacy Laws

Michał Kluszewski edited this page Jul 8, 2020 · 3 revisions

This documentation is provided for compliance with various privacy laws. If you are collecting consent from your users, you can make use of APIs discussed below to inform AdColony and all downstream consumers of this information.

GDPR

This documentation is provided for compliance with the European Union's General Data Protection Regulation (GDPR). In order to pass GDPR consent from your users, you should make use of the APIs and methods discussed below to inform AdColony and all downstream consumers of this information. Please see our GDPR FAQ for more information.

Passing Consent

In the iOS SDK v4.2, we've modified the existing methods available to our AdColonyAppOptions API for additional support in GDPR compliance. We’ve also added support for version 2.0 of the IAB Transparency and Consent Framework (TCF).

To successfully pass us a consent signal, the publisher will need to provide AdColony a signal to indicate whether GDPR legislation is applicable to the user in addition to the actual consent value.

We require the GDPR consent string to have one of the following:

The IAB Consent String (passed via AdColonyAppOptions API)

For optimal fill rate we recommend using an IAB consent string to pass consent. More information about the most recent version of the IAB consent string (TCF v.2.0) can be found here.

AdColony supports ingestion of the IAB TCF v1.1 and TCF v2.0 versions of the consent string to our AdColonyAppOptions API.

The IAB Consent String (passed via NSUserDefaults)

IAB TCF v2.0 specifications recommend storing the IAB consent string to NSUserDefaults for in-app iOS environments after consent has been gathered. Our iOS SDK v4.2 will check NSUserDefaults for the presence of an IAB TCF v2.0, and will ingest the string if found.

More information on IAB requirements for storing and accessing consent strings via NSUserDefaults can be found here.

A value of "1" or "0"

A value of "1" implies the user has given consent to store and process personal information and a value of "0" means the user has declined consent. Please note that this is not compliant with IAB standards and may reduce your ad fill rate for demand providers which accept IAB consent signals exclusively.

Code Example

// Your user's consent String. In this case, the user has given consent to store
// and process personal information. This value may be either O, 1, or an IAB consent string.
NSString *consent = @"1";

// The value passed via setPrivacyFrameworkRequired() will determine the GDPR requirement of 
// the user. If it's set to true, the user is subject to the GDPR laws.
AdColonyAppOptions *options = AdColonyAppOptions.new;
[options setPrivacyFrameworkOfType:ADC_GDPR isRequired:YES];
[options setPrivacyConsentString:consent forType:ADC_GDPR];

// Pass options object to AdColony in configure call, or later in the session via
// [AdColony setAppOptions:options].
[AdColony configureWithAppID:appId zoneIDs:zoneIDs options:options completion:^(NSArray<AdColonyZone *> *zones){
    // ...
}];

CCPA

This documentation is provided for compliance with the California Consumer Privacy Act (CCPA). In order to pass CCPA opt-outs from your users, you should make use of the APIs discussed below to inform AdColony and all downstream consumers of this information. Please see our CCPA FAQ for more information.

Passing Opt-outs

In the iOS SDK v4.2, we added generic privacy methods to our AdColonyAppOptions API for additional support in CCPA compliance. To successfully pass us an opt-out signal, the publisher will need to provide AdColony a signal to indicate whether CCPA legislation is applicable to the user in addition to the actual consent value.

We require the CCPA consent string to have one of the following:

The IAB (CCPA) US Privacy String (passed via AdColonyAppOptions API)

More information on the IAB US Privacy String can be found here.

The IAB (CCPA) US Privacy String (passed via NSUserDefaults)

Similarly to GDPR, it is recommended storing the IAB (CCPA) US Privacy String in NSUserDefaults. Our iOS SDK v4.2 will check NSUserDefaults for the presence of this String, and will ingest it if found.

More information can be found here.

A value of "1" or "0"

A value of "1" implies the user has not opted-out to the sale of their data, as defined by the CCPA, and AdColony should continue with our standard processing of user information. A value of "0" means the user has opted-out to the sale of their data.

Code Example

// Your user's consent String. In this case, the user has not opted-out to the sale of their information.
NSString *consent = @"1";

// The value passed via setPrivacyFrameworkRequired() will indicate to AdColony whether CCPA is applicable legislation for the user. 
// If it's set to true, the user is subject to the CCPA. Note that IAB US Privacy String has information embedded into the string to 
// indicate whether CCPA is applicable. In the event of conflicting signals between the IAB US Privacy String and setPrivacyFrameworkRequired(), 
// we will interpret as CCPA being applicable.
AdColonyAppOptions *options = AdColonyAppOptions.new;
[options setPrivacyFrameworkOfType:ADC_CCPA isRequired:YES];
[options setPrivacyConsentString:consent forType:ADC_CCPA];


// Pass options object to AdColony in configure call, or later in the session via
// [AdColony setAppOptions:options].
[AdColony configureWithAppID:appId zoneIDs:zoneIDs options:options completion:^(NSArray<AdColonyZone *> *zones){
    // ...
}];

COPPA

This documentation is provided for additional compliance with the Children’s Online Privacy Protection Act (COPPA). Publishers may designate all inventory within their applications as being child-directed or as COPPA-applicable though our UI. Publishers who have knowledge of specific individuals as being COPPA-applicable should make use of the API discussed below to inform AdColony and all downstream consumers of this information. Please see our privacy policy for more information regarding AdColony and COPPA.

Passing Consent

In the iOS SDK v4.2, we added generic privacy methods to our AdColonyAppOptions API to designate specific users as being COPPA-applicable.

Code Example

// The value passed via setPrivacyFrameworkRequired() will determine whether COPPA is applicable for the user.
// If it's set to true, AdColony will behave with the understanding COPPA is applicable for the user.
AdColonyAppOptions *options = AdColonyAppOptions.new;
[options setPrivacyFrameworkOfType:ADC_COPPA isRequired:YES];

// Pass options object to AdColony in configure call, or later in the session via
// [AdColony setAppOptions:options].
[AdColony configureWithAppID:appId zoneIDs:zoneIDs options:options completion:^(NSArray<AdColonyZone *> *zones){
    // ...
}];