User Privacy
Set up privacy compliance in Flutter by configuring flags like GDPR, CCPA, consent age, and advertising ID opt-out using Tapjoy’s privacy APIs to support regional regulations.
Read time 3 minutesLast updated 3 hours ago
GDPR
Publishers using the Tapjoy Offerwall and associated Unity Technologies SF services, including the Unity Rewards offerwall, should ensure their consent mechanisms gather consent for these services and data processing where required. These measures must be reflective of any relevant legal requirements, and comply with the applicable Data Protection Addendum with Tapjoy. Publishers using the Unity Rewards offerwall, should specifically ensure that their consent mechanisms collect consent for such services and the processing of data in accordance with Unity's Game Player and App User Privacy Policy.CCPA
Tapjoy has features that help publishers comply with the California Consumer Privacy Act (CCPA). The “TJPrivacyPolicy” class allows you to manage all privacy flags (GDPR, user consent, below consent age, and US privacy).Android Advertising ID Opt Out
To comply with the Google Families Program rules, where apps targetting children should not access the advertising id, Tapjoy has added a new privacy flag you can choose to implement. This flag can be set any time, before or after connect, and can be changed at any time during the session.Tapjoy.optOutAdvertisingID(bool optOut); Tapjoy.getOptOutAdvertisingID()
Implementation
A setUserConsent function takes aTJStatus
TJStatus.False
TJStatus.True
TJStatus.Unknown
TJStatus
TJStatus.True
TJStatus.False
TJStatus.Unknown
TJStatus
TJStatus.True
TJStatus.False
TJStatus.Unknown
1YNN
Tapjoy.getPrivacyPolicy().setSubjectToGDPR(TJStatus.trueStatus); Tapjoy.getPrivacyPolicy().setUserConsent(TJStatus.falseStatus); Tapjoy.getPrivacyPolicy().setBelowConsentAge(TJStatus.unknownStatus); Tapjoy.getPrivacyPolicy().setUSPrivacy('1---');
GDPR FAQ
- If a user does not consent or withdraws existing consent, will the Offerwall SDK still send advertising identifiers to Tapjoy?**
- Yes. The functions listed above are designed for interest-based advertising, and they send the user consent status for interest-based advertising to Tapjoy. Therefore, the status of the consent does not disable the Offerwall SDK from sending advertising identifier at SDK initialization or during ad requests.*
- Tapjoy’s legal basis for compliance is ‘legitimate interest’. However, the publisher’s legal basis for compliance, and consequently their requirement for advertiser identifier collection, might be different than Tapjoy’s.*
- It is left to application to determine if the Offerwall SDK should be initialized or not, depending on the application’s compliance need. For example, if an application’s legitimate basis for collection of advertising identifier is consent, and user has not consented, then the Offerwall SDK should not be initialized for such users.*
- If a user from a country that is not covered by GDPR does not consent or withdraws consent, would Tapjoy limit advertising to non-interest-based ads for such a user?**
- The Offerwall SDK provides flexibility to handle different types applications, including applications that have no in-app method for determining whether the user is subject to GDPR or not.*
- Therefore, when an Application does not make any determination (for example, the subjectToGDPR function is not called), Tapjoy servers determine whether the user is subject to GDPR. Then, Tapjoy honors the user’s consent preferences only for ad requests that Tapjoy determines are coming from GDPR-covered users.*
- If the intent is to allow users from any country to withdraw consent as if they were governed by GDPR, this can be done by calling the subjectToGDPR method with TRUE for all non-consenting users. In this case, Tapjoy’s servers will honor the content of the subjectToGDPR method call, and will not make its own determination as to whether or not the user is covered by GDPR. The publisher can also contact support@tapjoy.com and request that Tapjoy honor the consent preferences of all users of their application, regardless of whether they are covered by GDPR or not.*