Regulations

The Didomi SDK offers consent notices for GDPR and CCPA.

GDPR

GDPR support is always enabled and can be configured to apply to visitors from the EU or to all visitors.

If you are an EU-based company, you must display the notice and collect consent no matter what country the user is from. Make sure that the gdprAppliesGlobally variable is set to true at the beginning of our tag (it's a separate variable than window.didomiConfig):

window.gdprAppliesGlobally=true;

Conversely, if you are not in the EU, you are not required to apply GDPR to non EU-based visitors (although you can if you want to). In that case, you can set the gdprAppliesGlobally variable to false.

CCPA

CCPA support is disabled by default and can be enabled by setting the regulations.ccpa.enabled property to true:

<script type="text/javascript">
window.didomiConfig = {
regulations: {
ccpa: {
enabled: true,
lspa: false, // Whether your company has signed the LSPA or not (defaults to false)
}
}
};
</script>

When enabled, visitors from California will be exposed to a CCPA notice allowing them to opt out of data sharing ("Do Not Sell").

IAB CCPA Compliance Framework

Stub

When enabling support for the IAB CCPA Compliance Framework, make sure to add the dedicated stub to your page: Read our dedicated documentation

Limited Service Provider Agreement

As part of the CCPA Compliance Framework, you can sign a Limited Service Provider Agreement. The property regulations.ccpa.lspa allows you to indicate whether your company is a signatory to the agreement and whether that agreement applies to transactions on the current page.