Send consent for DMA compliance
Learn how to preserve user privacy in the iOS SDK.
For a general introduction to DMA consent data, see here.
The SDK offers two alternative methods for gathering consent data:
-
Through a Consent Management Platform (CMP): If the app uses a CMP that complies with the Transparency and Consent Framework (TCF) v2.2 protocol, the SDK can automatically retrieve the consent details.
OR
-
Through a dedicated SDK API: Developers can pass Google's required consent data directly to the SDK using a specific API designed for this purpose.
Use CMP to collect consent data
A CMP compatible with TCF v2.2 collects DMA consent data and stores it in NSUserDefaults. To enable the SDK to access this data and include it with every event, follow these steps:
- Initialize the SDK in
didFinishLaunchingWithOptionsas described here. - Call
enableTCFDataCollection(true)to instruct the SDK to collect the TCF data from the device. - In the
applicationDidBecomeActivelifecycle method, use the CMP to decide if you need the consent dialog in the current session to acquire the consent data. If you need the consent dialog move to step 4; otherwise move to step 5. - Get confirmation from the CMP that the user has made their consent decision and the data is available in
NSUserDefaults. - Call
start().
@main
class AppDelegate: UIResponder, UIApplicationDelegate , AppsFlyerLibDelegate {
var window: UIWindow?
func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?) -> Bool {
// Override point for customization after application launch.
window = UIWindow(frame: UIScreen.main.bounds)
let mainStoryboard = UIStoryboard(name: "Main", bundle: nil)
let viewController = mainStoryboard.instantiateViewController(withIdentifier: "RootViewController") // set this to your ViewController
window?.rootViewController = viewController
//YOUR_CMP_FLOW()
//Init the SDK
AppsFlyerLib.shared().waitForATTUserAuthorization(timeoutInterval: 60)
AppsFlyerLib.shared().enableTCFDataCollection(true)
return true
}
func applicationDidBecomeActive(_ application: UIApplication) {
if(cmpManager!.hasConsent()){
//CMP manager already has consent ready - you can start
AppsFlyerLib.shared().start()
}else{
//CMP doesn't have consent data ready yet
//Waiting for CMP completion and data ready and then start
cmpManager?.withOnCmpButtonClickedCallback({ CmpButtonEvent in
AppsFlyerLib.shared().start()
})
}
if #available(iOS 14, *) {
ATTrackingManager.requestTrackingAuthorization { (status) in
switch status {
case .denied:
print("AuthorizationSatus is denied")
case .notDetermined:
print("AuthorizationSatus is notDetermined")
case .restricted:
print("AuthorizationSatus is restricted")
case .authorized:
print("AuthorizationSatus is authorized")
@unknown default:
fatalError("Invalid authorization status")
}
}
}
}
}
Manually collect consent data
If your app does not use a CMP compatible with TCF v2.2, use the SDK API detailed below to provide the consent data directly to the SDK.
- Initialize the SDK in
didFinishLaunchingWithOptionsas described here. - In the
applicationDidBecomeActivelifecycle method determine whether the GDPR applies or not to the user.
When GDPR applies to the user
If GDPR applies to the user, perform the following:
- Given that GDPR is applicable to the user, determine whether the consent data is already stored for this session.
- If there is no consent data stored, show the consent dialog to capture the user consent decision.
- If there is consent data stored continue to the next step.
- To transfer the consent data to the SDK create an
AppsFlyerConsentobject with the following parameters:forGDPRUserWithHasConsentForDataUsage- Indicates whether the user has consented to use their data for advertising purposes.hasConsentForAdsPersonalization- Indicates whether the user has consented to use their data for personalized advertising.
- Call
setConsentData()with theAppsFlyerConsentobject. - Call
start().
// If the user is subject to GDPR - collect the consent data
// or retrieve it from the storage
...
// Set the consent data to the SDK:
var gdprConsent = AppsFlyerConsent(forGDPRUserWithHasConsentForDataUsage: << true / false >>, hasConsentForAdsPersonalization: << true / false >>)
AppsFlyerLib.shared().setConsentData(gdprConsent)
// Start the AppsFlyer SDK
When GDPR does not apply to the user
If GDPR doesn’t apply to the user perform the following:
- Create an
AppsFlyerConsentobject using thenonGDPRUser()initializer. This initializer doesn’t accept any parameters. - Pass the empty
AppsFlyerConsentobject tosetConsentData(). - Call
start().
// If the user is not subject to GDPR:
var nonGdprUser = AppsFlyerConsent(nonGDPRUser: ())
AppsFlyerLib.shared().setConsentData(nonGdprUser)
// If the user is not subject to GDPR:
AppsFlyerConsent *consentNonGDPR = [[AppsFlyerConsent alloc] initNonGDPRUser];
[[AppsFlyerLib shared] setConsentData:consentNonGDPR];
Verify consent data is sent
To test whether your SDK sends DMA consent data with each event, perform the following steps:
- Enable the SDK debug mode.
- Search for
consent_datain the log of the outgoing request.
Logs snippet example for CMP flow
<~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~~+~>
<~+~ SEND Start: https://pgnjrq-launches.appsflyersdk.com/api/v6.13/iosevent?app_id=112223344&buildnumber=6.13.0.147
<~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~~+~>
{ ... "consent_data":{"tcf":{"cmp_sdk_version":1503,"tcstring":"XXXXXXX","cmp_sdk_id":31,"gdpr_applies":1,"policy_version":4}} ... }
Logs snippet example for manual flow
<~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~~+~>
<~+~ SEND Start: https://pgnjrq-launches.appsflyersdk.com/api/v6.13/iosevent?app_id=112223344&buildnumber=6.13.0.147
<~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~~+~>
{ ... "consent_data":{"manual":{"gdpr_applies":true,"ad_user_data_enabled":true,"ad_personalization_enabled":true}} ... }
Updated about 2 months ago