Privacy & Regulations
Auto-Read (No Code Required)
The SDK automatically reads IAB-standard privacy signals from SharedPreferences (Android) and UserDefaults (iOS). If your app uses a certified CMP (Consent Management Platform), no privacy-related API calls are needed.
| Standard | Keys | Coverage |
|---|---|---|
| IAB TCF v2 | IABTCF_TCString, IABTCF_gdprApplies | GDPR (EU/EEA/UK) |
| IAB US Privacy | IABUSPrivacy_String | CCPA (California) |
| IAB GPP | IABGPP_HDR_GppString, IABGPP_GppSID | All US states, Brazil, Canada, etc. |
The CMP writes these values; the SDK reads them before every ad request. Publisher-side code is not involved.
Manual API
Two signals have no standard IAB storage key and must be set explicitly by the publisher when applicable.
SetCoppa
Marks the app as child-directed for COPPA purposes. Internally also enables non-personalized mode — all sensitive user identifiers are suppressed from bid requests.
sdk.Regulations.SetCoppa(true);
SetNonPersonalized
Suppresses all sensitive user identifiers (GAID/IDFA, geo, user-agent, etc.) from bid requests without setting the COPPA flag. Use this for age-based content restrictions or any scenario where the publisher wants to omit user IDs.
sdk.Regulations.SetNonPersonalized(true);
When to Use Which
| Scenario | Method |
|---|---|
| Children's app (under 13, US) | SetCoppa(true) |
| User under 18 (UK AADC, Brazil Digital ECA) | SetNonPersonalized(true) |
| User under 16 (US state laws — TX, UT, LA) | SetNonPersonalized(true) |
| Publisher wants to suppress IDs for any reason | SetNonPersonalized(true) |
| GDPR consent | No code needed — auto-read from CMP (IAB TCF v2) |
| CCPA opt-out | No code needed — auto-read from CMP (IAB US Privacy / GPP) |
SetCoppa(true)automatically enablesSetNonPersonalized(true)internally. You do not need to call both.