Regulation Advanced Settings

GDPR – Managing Consent

LevelPlay’s mediation platform supports publisher communication of a user’s consent choice to mediated networks (for supported networks).

Starting from ironSource SDK 7.7.0, GDPR consent from the Google UMP (Google’s CMP solution) and CMPs that support Google Additional Consent, is automatically passed to the ironSource SDK. Learn more here

To use ironSource’s API to update a user’s consent status, use this function:

If the user provided consent, please set the following flag to true:

IronSource.setConsent(true);

If the user did not consent, please set the following flag to false:

IronSource.setConsent(false);

A detailed article regarding ironSource’s approach to GDPR and user consent can be found here.

US Privacy compliance

LevelPlay’s mediation platform (SDK Version 6.14.0 and above) supports publishers to restrict the sale or sharing of end users personal information under U.S. state privacy laws, such as the California Privacy Rights Act (CPRA).

The notification about personal information of specific users located in California, Virginia, Connecticut, Colorado or Utah, should be handled based on a “do not sell” setting by setting its value to “true” or “false”.

The API should be set before initializing the SDK.

If the user has opted out of “sale” or “sharing” of personal information:

 IronSource.setMetaData({'do_not_sell': ['true']});

If “sale” of personal information is permitted:

 IronSource.setMetaData({'do_not_sell': ['false']});

A detailed article regarding ironSource’s approach to U.S state privacy laws can be found here.

User-Level Settings for Child-Directed Apps with Age Gates

LevelPlay’s mediation platform (SDK Version 7.1.0+) enables publishers of child-directed apps to flag specific end-users as children, as may be permitted or required by applicable law (e.g. COPPA). Publishers of child-directed apps are responsible for determining whether an app is permitted to flag at the end-user level or must treat all end-users as children. Publishers should consult with their legal counsel accordingly.

The indication of whether a specific end-user is a child should be done using a “is_child_directed” flag, by setting its value to “true” or “false”.

The API should be set before initializing the SDK.

If the end-user is a child (as defined by applicable regulations):

 IronSource.setMetaData({'is_child_directed': ['true']});

If the end-user is not a child:

 IronSource.setMetaData({'is_child_directed': ['false']});

A detailed article regarding ironSource’s approach to child-directed apps can be found here.

Google Play Families policy

Follow these steps if any of your apps participate in Google Play’s Designed for Families program, are listed in Google Play’s Family section, or include children as one of the target audiences.

In addition, make sure you flag your apps for COPPA compliance on the LevelPlay platform. You can learn more here.

Guidance for apps directed at children

If your apps are primarily directed at children, follow these steps:

  1. Integrate ironSource SDK 7.2.1+
  2. Update your apps’ manifest files to prevent access to the Android Advertising ID (AAID):
    <uses-permission android:name="com.google.android.gms.permission.AD_ID" tools:node="remove"/>

  3. Use the ironSource Metadata API to prevent access to the AAID for end-users flagged as children. Make sure you do this before initializing the ironSource SDK.
    IronSource.setMetaData({
          'is_deviceid_optout': ['true'],
          'is_child_directed': ['true']
        });

  4. Update apps’ Gradle:
    implementation 'com.google.android.gms:play-services-appset:16.0.0'

Guidance for apps directed at a mixed audience

If your apps are directed at a mixed audience, follow these steps:

  1. Integrate ironSource SDK 7.2.1+
  2. Update your apps’ manifest files to allow access to the Android Advertising ID (AAID):
    <uses-permission android:name="com.google.android.gms.permission.AD_ID"/>

  3. Use the ironSource Metadata API to prevent access to the AAID only for children or users of unknown age, and flag those users as children. Make sure you do this before initializing the ironSource SDK.
    IronSource.setMetaData({
          'is_deviceid_optout': ['true'],
          'is_child_directed': ['true'],
          'Google_Family_Self_Certified_SDKS': ['true']
        });

  4. Update apps’ Gradle:
    implementation 'com.google.android.gms:play-services-appset:16.0.0'
    implementation 'com.google.android.gms:play-services-ads-identifier:17.0.0'

Important! Preventing access to the GAID (Android Advertising ID) might impact your monetization performance. Make sure these integration changes are made for required apps and users only.