Starting March 6, 2024, Google will enforce a revised EU user consent policy aligned with the Digital Markets Act (DMA). Kochava equips advertisers with vital tools to relay consent signals to Google Ads and Google Marketing Platform, facilitating adherence to the updated policy and maintaining attribution for consenting European Economic Area (EEA) users.
SDK Integration
Kochava’s software development kit (SDK) seamlessly retrieves and transmits the consent string on install and event payloads when the SDK is implemented to send the install or event after the user has provided consent, and when you utilize a consent management platform that supports the Transparency & Consent Framework (TCF) v2.2 or the Global Privacy Platform API v1.1. The consent string is parsed upon receipt to populate Google’s required consent signals.
Supported SDK versions:
- iOS 7.5.0+ & 8.1.0+
- Android 5.3.0+
- Wrapped versions of the SDK built with Android 5.3.0 or iOS 7.5.0
Server-to-Server
Advertisers using a server-to-server integration to syndicate app installs and events to Kochava have the option to include a gdpr_privacy_consent object, supporting Google’s consent requirements. Kochava offers advertisers the flexibility to choose between passing the complete consent string or solely Google-specific consent signals.
Parameter Details
| Key | Required | Notes |
|---|---|---|
| gdpr_privacy_consent | Yes | Object to support Google’s Consent Signals requirement. |
| gdpr_applies | Yes/No | Required if not passing user IP. |
| tc_string | Yes/No | Required if not passing ad_user_data & ad_personalization. |
| ad_user_data | Yes/No | Required if not passing tc_string |
| ad_personalization | Yes/No | Required if not passing tc_string |
NOTE: Refer to our Server-to-Server Install Notification Setup and Post-Install Event Setup documents for further information and examples.
Consent
Kochava’s Intelligent Consent Manager and self-managed consent solutions.
Estimated Time to Complete
30 Minutes
DISCLAIMER: Kochava does not offer legal advice for businesses in relation to CCPA and/or GDPR compliance. Information herein is for reference only and businesses are encouraged to seek their own legal counsel regarding CCPA and/or GDPR compliance efforts and obligations.
The Kochava SDK deals with potentially sensitive data such as device identifiers, care should be taken to ensure that your use of the Kochava SDK remains compliant with any applicable laws and regulations.
CCPA:
For purposes of CCPA, the Kochava SDK follows IAB’s CCPA Compliance Framework by reading the U.S. Privacy String from local storage, when present. You do not need to take any action in the Kochava Measurement SDK for this functionality. However, it is your responsibility to ensure the U.S. Privacy String has been set within local storage when appropriate. The SDK will look for the U.S. Privacy String in local app storage under the key ‘IABUSPrivacy_String’ within default shared preferences on Android and default NSUserDefaults on iOS. As long as the value is present, the SDK will pick it up.
GDPR:
GDPR applies to users within the EU and requires users to opt-in to data collection. By using this feature, the Kochava SDK will handle determining when consent is required for any user. It is your responsibility to use that information to determine if and when to prompt for consent and to report the results back to the SDK. The SDK will automatically restrict the sending of data to Kochava’s servers unless consent is not required or has been granted.
Configure Dashboard Settings:
Within the Kochava dashboard, enable Intelligent Consent Management GDPR for this app and adjust other related settings. The SDK’s consent related features and API calls will only have any effect if the feature is enabled on the Kochava dashboard.
Current:
Subscribe to Consent Changes —
Subscribe to updates from the SDK on when the user is in an applicable consent region. This will be called once shortly after starting the SDK and may be called periodically thereafter. This listener is dependent on an active internet connection and may get delayed if it is not available.
Use this information to inform your consent logic on if the user should be prompted. Exact timing and location of prompting is application specific and left up to your implementation. If your consent logic already handles the if and when of prompting this listener can be omitted.
Example (Init Completed Handler) —
// Subscribe prior to starting the SDK.
Tracker.getInstance().setCompletedInitListener { init ->
val consentGdprApplies = init.isConsentGdprApplies
}// Subscribe prior to starting the SDK.
Tracker.getInstance().setCompletedInitListener(new CompletedInitListener() {
@Override
public void onCompletedInit(@NonNull InitApi init) {
boolean consentGdprApplies = init.isConsentGdprApplies();
}
});Reporting Consent Results —
When the user responds to your consent prompt dialog or if the user otherwise grants or declines consent, the Kochava SDK must be notified of the result. If the user dismisses or ignores the dialog and does not provide a response no action should be taken.
Example (User Granted Consent) —
Tracker.getInstance().setIntelligentConsentGranted(true)Tracker.getInstance().setIntelligentConsentGranted(true);Example (User Declined Consent) —
Tracker.getInstance().setIntelligentConsentGranted(false)Tracker.getInstance().setIntelligentConsentGranted(false);v3 (Legacy):
For complete details on how this feature works, refer to our Intelligent Consent Manager topic within this support documentation.
Self-Managed:
If you choose not to use our Intelligent Consent Management feature and you are handling consent on your own or using a 3rd party tool, startup and use of the SDK (when integrated with an Tracking features) should not occur until after you have determined consent is not required or consent has been granted. Any calls to the SDK should be wrapped in this check, so that if a user revokes consent later calls to the SDK will stop. Ensure that you have started the SDK when moving forward to make any API calls when going this route.
Example (Starting the Tracker Only When Consent Allows) —
Do not start the SDK unless consent is allowed.
if (!consentRequired || consentGranted) {
// we will not initialize Kochava unless consent requirements are met
Tracker.getInstance().startWithAppGuid(context, "YOUR_APP_GUID")
}if(!consentRequired || consentGranted) {
// we will not initialize Kochava unless consent requirements are met
Tracker.getInstance().startWithAppGuid(context, "YOUR_APP_GUID");
}if (!consentRequired || consentGranted) {
// we will not initialize Kochava unless consent requirements are met
Tracker.configure(Tracker.Configuration(context)
.setAppGuid("YOUR_APP_GUID")
)
}if(!consentRequired || consentGranted) {
// we will not initialize Kochava unless consent requirements are met
Tracker.configure(new Tracker.Configuration(context)
.setAppGuid("YOUR_APP_GUID")
);
}Example (Calling Tracker Methods Only When Consent Allows) —
Do not send events or otherwise attempt any tracking with the SDK unless consent is allowed.
if (!consentRequired || consentGranted) {
// we will not call Kochava methods unless consent requirements are met
// and we will make sure the tracker has been started.
if (Tracker.getInstance().isStarted) {
Events.getInstance().send("My Event")
}
}if(!consentRequired || consentGranted) {
// we will not call Kochava methods unless consent requirements are met
// and we will make sure the tracker has been started.
if(Tracker.getInstance().isStarted()) {
Events.getInstance().send("My Event");
}
}if (!consentRequired || consentGranted) {
// we will not call Kochava methods unless consent requirements are met
// and we will make sure the tracker has been started.
if (Tracker.isConfigured()) {
Tracker.sendEvent("My Event", "")
}
}if (!consentRequired || consentGranted) {
// we will not call Kochava methods unless consent requirements are met
// and we will make sure the tracker has been started.
if (Tracker.isConfigured()) {
Tracker.sendEvent("My Event", "");
}
}Example (Shutdown the Tracker if Consent is Revoked) —
Shutdown the SDK and optionally delete data if consent requirements are no longer met.
// Shutdown the tracker and optionally delete data if consent requirements are no longer met.
if (consentRequired && !consentGranted) {
Tracker.getInstance().shutdown(context, /*delete data*/true)
}// Shutdown the tracker and optionally delete data if consent requirements are no longer met.
if(consentRequired && !consentGranted) {
Tracker.getInstance().shutdown(context, /*delete data*/ true);
}// Shutdown the tracker and optionally delete data if consent requirements are no longer met.
if (consentRequired && !consentGranted) {
Tracker.unConfigure(/*delete data*/true)
}// Shutdown the tracker and optionally delete data if consent requirements are no longer met.
if(consentRequired && !consentGranted) {
Tracker.unConfigure(/*delete data*/ true);
}NOTE: All consent-related API calls (such as granting or declining consent) will have no effect unless the Intelligent Consent Manager feature has been enabled in your Kochava dashboard. Do not use these methods if you are handling consent on your own or through a 3rd party tool.