Send consent for DMA compliance
Learn how to preserve user privacy in the iOS SDK.
For a general introduction to DMA consent data, see here.
The SDK offers two alternative methods for gathering consent data:
- Through a Consent Management Platform (CMP): If the app uses a CMP that complies with the Transparency and Consent Framework (TCF) v2.2 protocol, the SDK can automatically retrieve the consent details.
OR
- Through a dedicated SDK API: Developers can pass Google's required consent data directly to the SDK using a specific API designed for this purpose.
Note
AppsFlyer recommends using only one of the above methods per specific event sent. If both methods are sent for the same event, AppsFlyer will prioritize the consent data sent via the dedicated SDK API.
Use CMP to collect consent data
A CMP compatible with TCF v2.2 collects DMA consent data and stores it in NSUserDefaults. To enable the SDK to access this data and include it with every event, follow these steps:
- Initialize the SDK in
didFinishLaunchingWithOptionsas described here. - Call
enableTCFDataCollection(true)to instruct the SDK to collect the TCF data from the device. - In the
applicationDidBecomeActivelifecycle method, use the CMP to decide if you need the consent dialog in the current session to acquire the consent data. If you need the consent dialog move to step 4; otherwise move to step 5. - Get confirmation from the CMP that the user has made their consent decision and the data is available in
NSUserDefaults. - Call
start().
@main
class AppDelegate: UIResponder, UIApplicationDelegate , AppsFlyerLibDelegate {
var window: UIWindow?
func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?) -> Bool {
// Override point for customization after application launch.
window = UIWindow(frame: UIScreen.main.bounds)
let mainStoryboard = UIStoryboard(name: "Main", bundle: nil)
let viewController = mainStoryboard.instantiateViewController(withIdentifier: "RootViewController") // set this to your ViewController
window?.rootViewController = viewController
//YOUR_CMP_FLOW()
//Init the SDK
AppsFlyerLib.shared().waitForATTUserAuthorization(timeoutInterval: 60)
AppsFlyerLib.shared().enableTCFDataCollection(true)
return true
}
func applicationDidBecomeActive(_ application: UIApplication) {
if(cmpManager!.hasConsent()){
//CMP manager already has consent ready - you can start
AppsFlyerLib.shared().start()
}else{
//CMP doesn't have consent data ready yet
//Waiting for CMP completion and data ready and then start
cmpManager?.withOnCmpButtonClickedCallback({ CmpButtonEvent in
AppsFlyerLib.shared().start()
})
}
if #available(iOS 14, *) {
ATTrackingManager.requestTrackingAuthorization { (status) in
switch status {
case .denied:
print("AuthorizationSatus is denied")
case .notDetermined:
print("AuthorizationSatus is notDetermined")
case .restricted:
print("AuthorizationSatus is restricted")
case .authorized:
print("AuthorizationSatus is authorized")
@unknown default:
fatalError("Invalid authorization status")
}
}
}
}
}
Manually collect consent data
If your app does not use a CMP compatible with TCF v2.2, use the SDK API detailed below to provide the consent data directly to the SDK.
To manually collect consent data, perform the following:
- Initialize the SDK in
didFinishLaunchingWithOptionsas described here. - In the
applicationDidBecomeActivelifecycle method determine whether the GDPR applies or not to the user. - Determine whether the consent data is already stored for this session.
- If there is no consent data stored, show the consent dialog to capture the user consent decision.
- If there is consent data stored - continue to the next step.
- To transfer the consent data to the SDK create an object called
AppsFlyerConsentwith the following parameters:isUserSubjectToGDPR- Indicates whether GDPR applies to the user.hasConsentForDataUsage- Indicates whether the user has consented to use their data for advertising purposes.hasConsentForAdsPersonalization- Indicates whether the user has consented to use their data for personalized advertising.hasConsentForAdStorage- indicates whether the user has consented to store or access information on a device.
- Call
setConsentData()with theAppsFlyerConsent.
Note
SDK registers only parameters which are explicitly passed to the
setConsentData()method via theAppsFlyerConsentobject.
- Call
start().
// Set the consent data to the SDK:
// Collect the consent data
// or retrieve it from the storage
...
// Example for a user subject to GDPR
var gdprUser = AppsFlyerConsent(
isUserSubjectToGDPR: true,
hasConsentForDataUsage: false,
hasConsentForAdsPersonalization: true,
hasConsentForAdStorage: false
)
AppsFlyerLib.shared().setConsentData(gdprUser)
// Example for a user not subject to GDPR
var nonGdprUser = AppsFlyerConsent(
isUserSubjectToGDPR: false,
hasConsentForDataUsage: false,
hasConsentForAdsPersonalization: false,
hasConsentForAdStorage: false
)
AppsFlyerLib.shared().setConsentData(nonGdprUser)
// Start the SDK
AppsFlyerLib.shared().start()
Verify consent data is sent
To test whether your SDK sends DMA consent data with each event, perform the following steps:
- Enable the SDK debug mode.
- Search for
consent_datain the log of the outgoing request.
Logs snippet example for CMP flow
<~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~~+~>
<~+~ SEND Start: https://pgnjrq-launches.appsflyersdk.com/api/v6.13/iosevent?app_id=112223344&buildnumber=6.13.0.147
<~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~~+~>
{ ... "consent_data":{"tcf":{"cmp_sdk_version":1503,"tcstring":"XXXXXXX","cmp_sdk_id":31,"gdpr_applies":1,"policy_version":4}} ... }
Logs snippet example for manual flow
<~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~~+~>
<~+~ SEND Start: https://pgnjrq-launches.appsflyersdk.com/api/v6.13/iosevent?app_id=112223344&buildnumber=6.13.0.147
<~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~~+~>
{ ... "consent_data":{"manual":{"gdpr_applies":true,"ad_user_data_enabled":true,"ad_personalization_enabled":true}} ... }
Updated 3 days ago