Verizon Media is committed to ensuring our services comply with all regulatory laws and requirements. This guide will provide information for publishers to comply with these regulations.
Even though SDK’s COPPA and Privacy settings can be set and changed at any time, it is recommended they be initially set after SDK initialization and prior to ad retrieval. Any changes to the settings will impact subsequent ad requests. Any ads that are retrieved prior to a change (including ads that may have been cached) are not impacted by changed settings and may not be in immediate compliance with the user’s status.
Children’s Online Privacy Protection Act (COPPA)
Children’s Online Privacy Protection Act (COPPA) helps ensure that child-directed apps or children in general are not exposed to inapproriate ads or ad targeting. The Verizon Ads SDK provides an API to indicate the COPPA status of a user. By default, COPPA is set to false, which indicates the user does not fall under COPPA. It is important for the value to be set to true if the user is protected by COPPA to ensure legal compliance.
The Privacy API and GDPR
The General Data Protection Regulation (GDPR) is a regulatory framework designed to give people in Europe more control over their data. Its requirements apply to any organization that processes the personal data of European Union (EU) residents. To learn more about Verizon Media’s approach to privacy and data protection, we recommend visiting Verizon Media and GDPR: Resources for our advertisers and publishers.
In order to use the Verizon Ads SDK to serve personalized advertising (based on information such as device advertising identifiers, location, and other personal data) to EU users, publishers need to obtain consent for the use of Verizon Media products. The Verizon Ads SDK exposes a Privacy API that allows publishers to provide information about the user’s consent permissions.
Because every app’s user experience is different, the Verizon Ads SDK does not prompt or provide a mechanism to prompt users for their consent. Once consent has been obtained for a user, the
setPrivacyData API should be set prior to making an ad or bid request.
Although the Verizon Ads SDK will perform a geo-IP lookup on startup (and periodically over the app’s lifecycle), there are situations and edge cases where the SDK cannot determine if a user falls under GDPR jurisdiction based on their IP address. To ensure compliance, publishers can set
collectionMode to “DoNotCollect” (as shown in the example code above). Setting
collectionMode to “DoNotCollect” prevents the SDK from collecting or sending personal data on its ad or bid requests.
Sending EU Consent Strings
For users that have consented to the use of Verizon Media ad products for advertising personalization, the Privacy API provides a generic mechanism to pass that consent information. Please note that Verizon Media currrently supports the IAB’s GDPR Transparency and Consent Framework. Please reach out to your account manager or our Support team for the most up-to-date guidance on consent string formats and support plans.
Depending on the platform,
setPrivacyData takes a generic Map or Dictionary. Please refer to the example code above for how to set the EU Consent string for the user so that it can be sent on ad or bid requests to the Verizon Media SSP.
Please note that the Verizon Media SSP will verify the format and validity of any EU Consent strings prior to processing any personal data. If consent cannot be verified, the SSP will drop any personal data contained in the request.