Aurion11’s Compliance Solution is a highly customizable solution designed to make adapting to a publisher’s specific needs simple and straightforward. It offers various types of customizations — focused on aligning the look and feel with the publisher’s brand.
Why we need customizations
Aurion11’s Compliance Solution was initially developed for internal use and is therefore somewhat tied to Outfit7’s specific needs. As we transition this module into a market-ready product, customization options will be incorporated. However, for the present and for testing purposes, these customizations will be handled manually.
User interface customizations
The graphical assets for the UI elements on the consent and age screening screens on the client (SDK) can be tailored to fit the visual style of the publisher’s app or game. The image assets should be straightforward and tell a clear story. To ensure a clean and attractive user interface, we recommend using the logo and general brand background assets for Aurion11’s Compliance Solution.
Legal disclosure customizations
Apps are required to include legal disclosures that explain the privacy implications of data processing and usage. These disclosures should be tailored to the app’s specific context. The examples provided below are not meant as legal advice, but rather as samples to assist in identifying the necessary customizations for the compliance module integration process.
TCF consent
Disclosures
The publisher must display the general disclosures on the first and second layers of the consent screens. These disclosures are located in the upper portion of both the initial and secondary layers.
The example for TCF 2.2 (GDPR) disclosures is shown below.
Consent collection
Publishers can choose which purposes (and legitimate interests) they will enable for consent collection. Since consent collection is focused on users giving consent for IBA advertising, the current setup allows for the collection of the following consents:
Purposes
- Purpose #1: Store and/or access information on a device
IAB Stack
- Stack #39: Personalised advertising, advertising measurement, audience research and services development
Special Purposes and Features
- Ensure security, prevent and detect fraud, and fix errors
- Deliver and present advertising and content
- Save and communicate privacy choices
The IAB has standardized the text used to describe purposes; publishers can only choose which ones to enable for data collection.
The set of purpose consents can be customized to meet the specific needs of each publisher.
Age limits
Configurable age values are used to assess whether a user meets the age requirement. Each country has its own age limit settings. During the integration process, the publisher’s legal team will need to provide age limits that align with their legal interpretation.
The following age limit template setup requires publisher’s review and potential modifications:
| Region | Countries | Age Limit |
|---|---|---|
| North America | US | 16 |
| European Market | HR, DE, HU, IE, LI, LU, NL, PL, RO, SK, CH | 16 |
| CZ, FR, GR, SI | 15 | |
| AT, BG, CY, IT, LT, ES | 14 | |
| BE, DK, EE, FI, IS, LV, MT, NO, PT, SE, GB | 13 | |
| Other | CN, KR | 14 |
| Rest of the world | 13 |
Note: The user’s age has to be greater than the age limit defined in order for the user to pass the age limit.
Compliance checks
Compliance checks are a set of rules that represent the legal interpretation of regulatory requirements. These checks are implemented separately for each piece of legislation, as the regulatory requirements vary between different laws.
The aim of having a well-defined set of compliance checks within Aurion11’s Compliance Solution platform is to centralize legal business logic in one place, offering the publisher’s legal team a transparent and efficient way to manage these rules. As a result, the content of each rule can be customized to the publisher’s needs, based on the legal team’s interpretation.
Example - Interest based advertising compliance check
To illustrate how the logic behind a compliance check works, consider the compliance check for “interest-based advertising” (IBA). This check is used wherever the game logic needs to determine whether IBA can be served to a user or not. This check is called from within the game to send the correct signals to ad provider integrations, ensuring the SDK serves ad traffic in compliance with regulatory restrictions.
| Countries | Compliance rule |
|---|---|
| North America | |
| US | If a user passes the age limit hasn’t opted out in the device settings then allow interest based advertising |
| European market (TCF) | |
| EU countries + Switzerland + UK | If a user passes the age limit hasn’t opted out in the device settings gives consent #1 for the vendor then allow interest based advertising for vendor (TCF string is also made available) |
| Other | |
| CN, KR | same as US |
| Rest of the world | same as US |
The compliance check involves straightforward logic, provided and verified by the publisher’s legal team, which operates based on the following conditions:
- “Opt-out”: considering the user’s opt-out preference.
- TCF consent: the TCF string is processed, with the publisher deciding which purposes and stacks are available to users in the CM. Additionally, vendors specify the purposes they require for interest-based advertising, with the final filtering taking place on their end.
- Age screening response: user’s answer to age verification.
- Consent/opt-out signals: compliance check takes into account consent or opt-out signals from the device or app settings, including ATT on iOS.