-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgdpr.txt
executable file
·66 lines (39 loc) · 4.23 KB
/
gdpr.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# Enhance Drag & Drop Library by Enhance, Inc.
# https://enhance.co/documentation
#
# GDPR Information for OPENFL
Overview
--------
As of May 25th 2018, the new GDPR law will be fully enforced, which means that for your client in the EU you must ensure that your apps are compliant.
Service providers have been updating their SDKs to offer methods that allow you to opt in and out of data collection. Some service providers require users to provide their own "opt-in" dialog, which must present a clear choice to the end-user and allow them to either opt-in to having their data collected and processed, or opt-out entirely.
The GDPR does not permit automatically opting users in, even if an opt-out method is provided; it must be an explicit opt-in.
Enhance exposes some functionality to make it possible to use these GDPR compliancy features of the SDKs you include when Enhancing your app. Ultimately, the responsibility lies with you to ensure that you are meeting the appropriate regulation.
Implementation
--------------
For the majority of SDKs that support GDPR, you must present an appropriate choice to the user, clearly outlining what the user is agreeing to and giving them a clear choice to opt in or out. Once you have done this, you can use the methods provided in the Drag and Drop library, listed below, to convey the user's choice through to the SDKs you have integrated.
Methods:
Enhance.requiresDataConsentOptIn(
onServiceOptInRequirementCallback:Bool->Void
):Void
This method returns true to the callback method when any kind of opt-in is required by services that are included in your app. This will check if the user is within a country where GDPR regulations are enforced, and whether you have any services that require opt-in which are not already opted into. If this method returns false then all of your SDKs will be operating as normal, or the user has explicitly opted out of data collection/processing.
Enhance.showServiceOptInDialogs(
?onDialogsCompleteCallback:Void->Void,
?requestedSdks:Array<String>
):Void
This method will instruct any services which contain built-in opt-in dialogs to display them. The Enhance process will inform you about which services allow this type of opt-in. Using SDKs with built-in dialogs is the easiest way to ask your users whether they'd like to opt-in.
onDialogsCompleteCallback is optional and will be invoked after all opt-in dialogs are closed.
Requested SDKs specifies an optional array of SDK IDs for which you want to display opt-in dialogs.
Enhance.serviceTermsOptIn(
?requestedSdks:Array<String>
):Void
Calling this method will opt the current user in to using the services that you selected during the Enhance process. This should be used for any services which don't provide their own opt-in dialogs. You can optionally pass in an array of service IDs to be opted into. You should only call this method after showing a clear consent dialog which contains all of the details regarding consent required by the affected SDKs. See the "Displaying your own GDPR opt-in dialog" section below for more information.
Enhance.serviceTermsOptOut():Void
This explicit opt-out will instruct any GDPR compliant services that you're using that the user has specifically declined an opt-in to their data collection and processing. It can also be used to revert a previous opt-in decision by the user - if the user chooses to revoke their consent.
Displaying your own GDPR opt-in dialog
--------------------------------------
Some services require you to display your own opt-in dialog. During the Enhance process, you will be notified when you select a service that requires a custom opt-in dialog.
It's very important that you display an accurate opt-in dialog to your users. Here's what you need to do:
1. Visit the website of the service providers which require a custom opt-in to find information on wording and consent needed.
2. Build your own dialog in your app which clearly presents the user with the wording and clearly identifies what the user is giving consent to.
3. Allow the user to choose to opt-in, or to opt-out of the data collection and processing.
4. If the user chooses to opt-in, call the Enhance.serviceTermsOptIn() method, or if the user chooses to opt-out, call the Enhance.serviceTermsOptOut() method.