Regulations

Supported Regulations

The Didomi API and SDK currently provide consent notices for the regulations outlined in the following table:

Regulation
Regulation ID
Default Country/Region

General Data Protection Regulation (GDPR)

gdpr

AD, AT, BE, BG, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GF, GG, GI, GP, GR, HR, HU, IE, IS, IT, JE, LI, LT, LU, LV, MC, MF, MQ, MT, NL, NO, PL, PT, RE, RO, SE, SI, SK, SM, VA, YT

California Privacy Rights Act (CPRA)

cpra

US_CA

Colorado Privacy Act (CPA)

cpa

US_CO

Connecticut Data Privacy Act (CTDPA)

ctdpa

US_CT

Virginia Consumer Data Protection Act (VCDPA)

vcdpa

US_VA

Regulation ID refers to the internal identifier or acronym utilized within the SDK configuration objects.

Default Country/Region column lists geo-location codes (based on ISO country/region standards) which are employed to automatically determine the display of a specific regulation based on the visitor's location.

For further information on using the API to handle multi-regulation notices and their associated configuration objects, please refer to the Multi-Regulation Configurations guide.

Compliance API

The Compliance API is designed to inform you about the various privacy regulations supported by Didomi.

It offers detailed insights into each privacy law, including its status, full name, and the legal frameworks it supports.

Additionally, the API provides information about the countries and regions where each regulation is applicable, making it a comprehensive resource for understanding global compliance requirements.

Regulations available

Regulation
ID

General Data Protection Regulation (GDPR)

gdpr

California Privacy Rights Act (CPRA)

cpra

Colorado Privacy Act (CPA)

cpa

Connecticut Data Privacy Act (CTDPA)

ctdpa

Virginia Consumer Data Protection Act (VCDPA)

vcdpa

To retrieve the regulations supported by Didomi, send a GET request on /compliance/v1/regulations?$search[releaseStatus]=stable.

Consents must only be collected for regulations that are supported.

GET https://api.didomi.io/compliance/v1/regulations?$search[releaseStatus]=stable

Response

{
    "data": [
				{
            "id": "gdpr",
            "archived": false,
	    "geos": [
		{
                    "country": {
                        "id": "FR",
                        "name": "France"
                    },
                    "region": {
                        "id": "*",
                        "name": "All"
                    }
                },
	        ...
	    ],
	    "name": "General Data Protection Regulation",
            "frameworks": [
                "iab"
            ],
            "platforms": [
                "amp",
                "app",
                "ctv",
                "web"
            ],
            "regulation_type": "optin",
            "release_status": "stable",
				},
        {
            "id": "cpa",
            "archived": false,
	    "geos": [
                {
                    "country": {
                        "id": "US",
                        "name": "United States"
                    },
                    "region": {
                        "id": "CO",
                        "name": "Colorado"
                    }
                }
            ],
            "name": "Colorado Privacy Act",
	    "release_status": "beta"
        },
	...
    ]
}

Regulation schema

The full schema of Regulations is as follows.


{
   /**
    * A unique identifier
    */      
    "id": "String",
    
   /**
    * Whether this regulation is archived or not
    */      
    "archived": Boolean,
    
   /**
    * Regulations geolocations that the regulation 
    * is associated with (jurisdiction)
    */      
    "geos": [
        {
            "country": {
            
               /**
                * Contains the 2-letter ISO 3166-1 
                * alpha-2 country codes
                */              
                "id": "String",
                
               /**
                * Country name
                */                  
                "name": "String"
            },
            "region": {
            
                /**
                 * Contains a code (up to three characters) 
                 * that represent the viewer's region. 
                 * The region is the first-level subdivision 
                 * (the broadest or least specific) 
                 * of the ISO 3166-2 code.
                 */              
                "id": "String",
                
                /**
                 * Region name that corresponds to the code
                 */                  
                "name": "String"
            }
        }
    ],
    
   /**
    * The name of the regulation
    */      
    "name": "String",
    
   /**
    * The frameworks supported by the regulation
    */      
    "frameworks": [],
    
   /**
    * The platforms supported by the regulation
    * Are supported: amp, app, ctv, web
    */      
    "platforms": [
        "String"
    ],
    
   /**
    * The regulation type associated with the group
    * Possible values: disclose, mixed, optin, optout
    */      
    "regulation_type": "String",
    
   /**
    * The release status of the regulation. 
    * Only regulations in a stable status 
    * are intended to be used in production.
    * Possible status: stable, release-candidate, beta, alpha
    */      
    "release_status": "String",
    
   /**
    * User rights linked to the regulation
    */      
    "user_rights": []
},

Last updated