Documentation

Support

User Privacy

Implement user privacy features in the Web Offerwall to comply with global data protection regulations.
Read time 2 minutesLast updated 3 hours ago

GDPR

Tapjoy is GDPR-compliant based on "legitimate interest," therefore the following functions are not mandatory. However, we offer these functions for those publishers who want to pass consent information to Tapjoy. If the publisher implements these functions and the user does not consent, Tapjoy will serve non-interest based content to that user.

CCPA

Tapjoy has features that help publishers comply with the California Consumer Privacy Act (CCPA).

Implementation

A
userConsent
parameter takes
true
(user does consent),
false
(user does not consent) or a more detailed consent string. This more detailed string is the consent string as described in the Transparency and Consent Framework as supported by the IAB.
An optional
userSubjectToGdpr
flag takes a boolean value that can be set to
true
(if the user is subject to GDPR rules) or
false
(if the user is not subject to GDPR rules). Only call this function if the application has made its own determination as to whether GDPR is applicable to the user or not. If this function is not called, Tapjoy assumes the application has not made such a determination, and therefore Tapjoy makes its own determination of GDPR applicability.
A
ageRestrictedUser
flag takes a boolean value and can either be
true
or
false
. This flag can be used to inform us of COPPA compliance and also GDPR age compliance. It will also inform Tapjoy's ad tracking policy.
The
usPrivacy
flag takes a string value, which is derived from the IAB's US Privacy String Format and encodes the string in an enum.
1YNN
where 1 is char in string for the version, Y = YES, N = No, – = Not Applicable Refer to the IAB documentation on US Privacy String Format
This example shows the setting of all privacy flags:
Tapjoy('init', {
    userSubjectToGdpr: true,
    userConsent: true,
    ageRestrictedUser: true,
    usPrivacy: '1YNN',
});
https://<DEEPLINK_URL>?gdpr=1&cgdpr=1&below_consent_age=1&us_privacy=1YNN
For more information, refer to Deep linking implementation.

GDPR FAQ

If a user from a country that is not covered by GDPR does not consent or withdraws consent, would Tapjoy limit advertising to non-interest-based ads for such a user?
  • The Tapjoy SDK provides flexibility to handle different types applications, including applications that have no in-app method for determining whether the user is subject to GDPR or not.
  • Therefore, when an Application does not make any determination (for example, the subjectToGDPR function is not called), Tapjoy servers determine whether the user is subject to GDPR. Then, Tapjoy honors the user's consent preferences only for ad requests that Tapjoy determines are coming from GDPR-covered users.
  • If the intent is to allow users from any country to withdraw consent as if they were governed by GDPR, this can be done by calling the subjectToGDPR method with TRUE for all non-consenting users. In this case, Tapjoy's servers will honor the content of the subjectToGDPR method call, and will not make its own determination as to whether or not the user is covered by GDPR. The publisher can also contact support@tapjoy.com and request that Tapjoy honor the consent preferences of all users of their application, regardless of whether they are covered by GDPR or not.