The General Data Protection Regulations (GDPR) require more transparency and openness from companies in how they use consumer data. The regulations are intended to protect the data rights of residents in the European Union (EU) but affect companies worldwide. Marketers must have a way to regularly request user consent when there are any in-app changes. Intelligent Consent Management “intelligently triggers” consent, that is, the tool consists of logic as to when to prompt a user for consent. It then informs all other parties in the app. To assist marketers with compliance, Kochava has developed Intelligent Consent Management, which sends a signal about user consent via the latest Kochava SDK.

Topics:



Answers

1. How do I integrate Intelligent Consent Management?
Upgrade to SDK versions available May 1, 2018. Subscribe to the consent status indicators provided by our SDK as well as the data partners that require consent.

2. How do you store consent in a way that is GDPR compliant?
The Kochava SDK stores positive consent status, timestamps, and agreed-to partners locally on the device. If consent is not received, no status other than “opt out” is stored, and no device or user data is transmitted from the device or collected.

3. What will the user experience be like for my users?
The UX/UI that is used to prompt for consent, when indicated to do so by our SDK, is at the discretion of the client.

4. How do you handle when I make a change to consent prompt terms?
Consent can be retriggered server side. Apart from a partner list, the terms that you present to an end-user are at your discretion.

5. What events cause the consent prompt to trigger?
The SDK will prompt for consent in the following scenarios:
  • No consent is stored
  • Reprompting based on timeout
  • Configured partner changes within your Kochava dashboard

6. How do you detect if my media partners have changed?
Your media partner list is pulled from the Partner Configuration part of the Kochava dashboard for your app(s). Each media partner that you list under your consent terms will have a partner configuration created in order to inform of consent.

7. What does the signal (postback) to media partners contain? Can I customize my postback for each partner?
If no consent is valid, no data is ever transmitted. Once consent is received, all payloads (events, installs, etc.) will be timestamped with the consent time from the user and can be forwarded to all configured and agreed-to partners.

8. Can I configure my expiration period in order to prompt for consent?
Yes. The default will be 30 days.

9. Can I track how many of my users have agreed/declined to consent? By version?
We can track all users who have agreed to consent.
  • These will be proper analytics events/dimensions, so all segmentation is possible.
We will NOT track users who have declined to consent.

10. What impact did this have on the SDK in terms of size?
Up to a 9% increase in size.

11. How does this solution differ from other solutions?
There is only one other solution available on the market, and it is merely a signal mechanism to inform media partners when they receive a user who has agreed to consent. That solution will collect the agreed consent and share with partners. It requires the marketer to setup every media partner individually, and it has no intelligence or detection for adding or removing partners. It does not contain any consent triggering to inform app to display consent prompt. Relies on the app having an integrated a solution like Intelligent Consent Management or your proprietary solution in your app for prompting and collecting consent.

12. Can I only trigger consent based on location of a user (detected in the EU)?
You can choose to trigger based on a prompt by correlating the network request to a specific geographic region, or prompt for all users of the app.

13. Can I integrate the latest SDK with Intelligent Consent Management and choose not to use the solution?
For consent-disabled scenarios, where the developer does not turn on this feature, the SDK behaves as it would have previously without restriction or any concept of consent.

14. Do you have an audit trail of consent?
Yes. We collect the agreed to consent with datetime stamp and associated to every event sent from the SDK.