Introduction to GDPR
GDPR stands for the General Data Protection Regulation act. This act requires you to protect all users of your app within the EU by giving them more privacy and allowing them to 'opt-in' to using your app.
We've implemented internal processes to anonymize user data in a way that still makes it useful for you, while ensuring that user identity is protected. For example, whenever the updated Fyber SDK receives an indication that a user declined consent, it automatically anonymizes the GPS coordinate data and/or IP addresses before passing the ad request to demand partners for ad delivery, to ensure that no personal information is processed.
In addition, Fyber will flag its demand partners that the user did not provide the consent required under GDPR and does not wish to be served with targeted ads on the app. In such cases, only contextual ads will be shown to that user. Contextual ads are ads that are served based on the content of the page, app or site the user is viewing, and not based on personal data of a user.
All of Fyber’s SDKs will be updated prior to May 25, 2018. Fyber will send all publishers an update when a new SDK is available for download.
GDPR SDK APIs
All new SDK will include new APIs to communicate user consent provided on the app to Fyber and will also include features to propagate consent to Fyber’s demand partners.
Updating your apps to Fyber’s latest SDK is essential to ensure your compliance with GDPR.
We strongly recommend notifying your users that they must update their app to the latest version to ensure compliance with the new EU regulation.
During the SDK update transition period, Fyber will enable only contextual ads (see above) to your EEA users or, if requested by the publisher, to all users, by removing all personal data of users who have not provided explicit consent.
Will I have to update to the new SDK if I have already signed Fyber’s DPA?
Yes, we’ll ensure you’re GDPR compliant regardless of which SDK version you have, but in order to ensure you’re not limited on ad monetization potential, we recommend updating to the latest SDKs
I need more time to present my own consent form to users, what happens in the meantime?
No worries, you are still in compliance. However ad monetization in EU may be severely impacted as user consent is crucial for most advertisers.
What happens if a user withdraws his/her consent?
The publisher should provide the user with an option in the app or site to withdraw consent. If a user withdraws consent, the Fyber SDK will treat it as if the user declined consent. In such cases, the SDK automatically anonymizes GPS coordinate data and/or IP address before passing the ad request to demand partners for ad delivery, to ensure that no personal information is processed. In addition, Fyber will flag to its demand partners that the user did not provide the consent required under GDPR and does not wish to be served with targeted ads in the app. This user will receive contextual ads only.
What are contextual ads?
Contextual ads are ads that are based on the context of the app rather than on the behavioural preferences, or personal data of a particular app’s user. These ads may potentially generate less revenue for the publisher.
What if I integrate with Fyber through a server-to-server API or a tag?
Fyber’s API and JS tags will be updated to support a placeholder to communicate user consent.
What is Fyber’s data retention policy?