Privacy
Publishers are responsible for maintaining compliance with applicable privacy laws and regulations. The HyprMX SDK provides a number of flags publishers can use to pass the appropriate value to HyprMX to protect and maintain user's data and privacy.
These flags support compliance with the General Data Protection Regulation (GDPR), US privacy laws (CPRA, CCPA, VCDPA, etc.), Children's Online Privacy Protection Act (COPPA), and other regional privacy laws. However, consent and privacy requirements may extend beyond these circumstances and should be applied accordingly.
Consent Signaling
HyprMX supports multiple industry standards and methods for signaling user privacy preferences. These signals determine how the SDK processes personal data and delivers ads in compliance with privacy regulations.
Transparency and Consent Framework v2
HyprMX SDK supports the IAB Europe Transparency and Consent Framework (TCF) v2. This enables publishers in GDPR-applicable regions to provide a TCF v2 consent string that the SDK will use to determine whether personal data can be processed for advertising.
The SDK will automatically read the TCF v2 consent string if it is stored using the standard IAB keys in SharedPreferences on Android. No extra integration code is required if your CMP stores the string using these keys.
IABTCF_gdprApplies
1 : GDPR applies in current context
0 : GDPR does not apply in current context
Unset: undetermined
IABTCF_TCString
Base64-encoded consent string as defined in IAB Tech Lab – Consent string and vendor list formats v2
Consent Flag
HyprMX SDK provides an API with a consentStatus parameter with the following values for jurisdictions that require passing consent that takes a ConsentStatus value depending on the user consent collected by your app. This flag will be used to indicate a user’s opt-in or opt-out consent for the collection and use of personal data under applicable laws and jurisdictions (CCPA, CPRA, etc.).
If a user provided consent in jurisdictions that require opt-in consent or did not opt out of collection or usage of personal data in jurisdictions operating under opt-out consent rules, set a user’s consent status as below in the setter:
HyprMX.INSTANCE.setConsentStatus(ConsentStatus.CONSENT_GIVEN); // If user provided consent, set this to CONSENT_GIVENHyprMX.setConsentStatus(ConsentStatus.CONSENT_GIVEN) // If user provided consent, set this to CONSENT_GIVENHyprMX.INSTANCE.setConsentStatus(ConsentStatus.CONSENT_DECLINED); // If user declined consent, set this to CONSENT_DECLINEDHyprMX.setConsentStatus(ConsentStatus.CONSENT_DECLINED) // If user declined consent, set this to CONSENT_DECLINEDIf you do not know the user’s consent status set it as unknown in the setter:
Global Privacy Platform (GPP)
HyprMX’s current version of GPP support is not meant to replace TCF 2.2 or Consent Flag. Publishers are responsible for setting the appropriate flags based on privacy laws and regulations users are subject to in all requests.
GPP is supported in HyprMX SDK 6.2+.
HyprMX SDK currently only supports the EU TCF v2 and US National strings within GPP.
The Global Privacy Platform (GPP) is a protocol developed by the IAB Tech Lab to standardize the communication of user consent and preference signaling throughout the digital supply chain.
HyprMX SDK supports GPP parameters so that GPP data can be used during transactions when applicable. To set GPP parameters in HyprMX SDK, store the GPP data within SharedPreferences. HyprMX SDK will read the values in SharedPreferences, which are then passed to the ad call.
IABGPP_HDR_GppString
Full consent string in its encoded form
IABGPP_GppSID
Section ID(s) considered to be in force. Multiple IDs are separated by an underscore.
Age-restricted User Flag
To adhere to the strictest laws and policies, HyprMX treats users under 16 as children. HyprMX SDK provides an API to assist publishers with child-directed treatment of users to support compliance with applicable regional laws and regulations such as COPPA and Google Play Store policies. The publisher is responsible for determining when to flag the end user as age-restricted user and adhering to applicable laws and policies that require child-directed treatment.
If the user requires a child-directed treatment, set the ageRestrictedUser parameter to true.
If the user doesn't require a child-directed treatment, set the ageRestrictedUser parameter to false.
Google Play Families policy
Google sets forth guidelines and requirements for publishers to follow if their target audience includes children. It is the responsibility of the app developer to ensure compliance with Google Play's Families Program, including, but not limited to, Google Play Families Policies.
If your app is primarily directed at children, you must indicate to your HyprMX Account Manager so the app can be designated as a child-directed app in the backend. Additionally, you may use the Age-restricted User Flag to prevent access to the AAID for end-users flagged as children.
Last updated