User consent

User privacy is a central concern of Inloco. Regulations such as the General Data Protection Regulation (GDPR) require application developers to ask for permission before collecting user data. Inloco SDK provides a mechanism to handle this in a user friendly way.

💬Asking for the user consent

The Inloco SDK provides a way to delay data collection until the user has given privacy consent.

To wait for the user's privacy consent, you must set <bool name="inloco_privacy_consent_required">true</bool> on the inloco.xml (Android) file and privacyConsentRequired to YES on the InLocoOptions.plist (iOS) file. By doing this, the SDK will be initialized without data collection.

To check if a given set of consents has been explicitly set, the following method can be used. If the consents are missing, it is necessary to show the privacy policy to the user explaining why those consents are needed and what benefits are available with the granted consents.

JavaScript
JavaScript
InLocoEngage.checkConsent([
InLocoEngage.CONSENT_TYPES.CONTEXT_PROVIDER,
InLocoEngage.CONSENT_TYPES.ENGAGE,
InLocoEngage.CONSENT_TYPES.EVENTS,
InLocoEngage.CONSENT_TYPES.LOCATION,
InLocoEngage.CONSENT_TYPES.COVID_19_AID
]).then((data) => {
var hasFinished = "hasFinished: " + data.hasFinished + "\n";
var isWaitingConsent = "isWaitingConsent: " + data.isWaitingConsent + "\n";
var areAllConsentTypesGiven = "areAllConsentTypesGiven: " + data.areAllConsentTypesGiven;
alert(hasFinished + isWaitingConsent + areAllConsentTypesGiven);
});

🧠Note: The method InLocoEngage.checkConsentis called in the main thread.

After the user agrees to the privacy policy, one of the following methods must be called to allow or deny the SDK to begin collecting data:

Option 1:

Request privacy consent using Inloco's customized dialog

🧠Note: This is a consent dialog provided by Inloco but you can use your own consent dialog if you want.

The SDK provides a method that presents to the user a customized Dialog for consent request. If the user allows it, it will give the privacy consent for the consent types present on the given parameters. Otherwise, it will deny consent for the given consent types.

The dialog will appear only if the SDK is waiting for the user consent.

JavaScript
JavaScript
InLocoEngage.requestPrivacyConsent({
consentDialogTitle : "title text",
consentDialogMessage: "message text",
consentDialogAcceptText: "accept text",
consentDialogDenyText: "deny text"
},[
InLocoEngage.CONSENT_TYPES.CONTEXT_PROVIDER,
InLocoEngage.CONSENT_TYPES.ENGAGE,
InLocoEngage.CONSENT_TYPES.EVENTS,
InLocoEngage.CONSENT_TYPES.LOCATION,
InLocoEngage.CONSENT_TYPES.COVID_19_AID
]);
// It's possible to add a promise to retreive the consent result:
/* .then((data) => {
var hasFinished = "hasFinished: " + data.hasFinished + "\n";
var isWaitingConsent = "isWaitingConsent: " + data.isWaitingConsent + "\n";
var areAllConsentTypesGiven = "areAllConsentTypesGiven: " + data.areAllConsentTypesGiven;
alert(hasFinished + isWaitingConsent + areAllConsentTypesGiven);
}); */

Option 2:

setAllowedConsentTypes(Array)

This method sets the consent types allowed by the user and all other predefined consent types not present in the array are considered denied by the user.

JavaScript
JavaScript
//ENGAGE, CONTEXT_PROVIDER, COVID_19_AID explicitly granted
//EVENTS, LOCATION, INSTALLED_APPS implicitly denied
InLocoEngage.setAllowedConsentTypes([
InLocoEngage.CONSENT_TYPES.ENGAGE,
InLocoEngage.CONSENT_TYPES.CONTEXT_PROVIDER,
InLocoEngage.CONSENT_TYPES.COVID_19_AID
]);

Option 3:

allowConsentTypes(Array)

Similarly to setAllowedConsentTypes(Array), this method allows consent for the functionality types specified in an array, but does not modify the consent types that weren't present in the array. It should be used to enable functionalities in case the user has not given consent in the previous dialog.

JavaScript
JavaScript
InLocoEngage.allowConsentTypes([
InLocoEngage.CONSENT_TYPES.ENGAGE,
InLocoEngage.CONSENT_TYPES.CONTEXT_PROVIDER,
InLocoEngage.CONSENT_TYPES.EVENTS,
InLocoEngage.CONSENT_TYPES.LOCATION,
InLocoEngage.CONSENT_TYPES.INSTALLED_APPS,
InLocoEngage.CONSENT_TYPES.COVID_19_AID
]);

The privacy consent setting is persisted and requestPrivacyConsent or setAllowedConsentTypes can be called just once. If the privacy consent is given, the following SDK initializations will already start with data collection enabled.

🧩 Consent types

Name

Description

Plan

LOCATION

Enables the collection of location data from users.

Free

ENGAGE

Enables the usage of location data to send push notifications.

Free, Pro

EVENTS

Enables the usage of data in customized events.

Enterprise

CONTEXT_PROVIDER

Enables the context data delivery for engagement actions or analysis.

Enterprise

COVID_19_AID

Enables the collection of data from users for the COVID-19 aid.

Custom

If you wish to use all of them or none of them, you can use one of the following variables:

Name

Description

ALL

Enable all consent types except for COVID_19_AID.

NONE

Disable all consent types.

🧠Notes:

  • It is important to notice that without data collection, features won't be enabled for the user. For example, it won't be possible to send localized push notifications without location data.

  • ALL consent type enables all consent types except for the COVID_19 consent type, which still needs to be explicitly granted.

🚧Attention: The default value of inloco_privacy_consent_required is false. It means that not setting this property will make the SDK start data collection right away and you need to ask the user consent through your app's Privacy Policy. In following SDK versions, this setting will be removed and consent will be always required.

It is also possible for the user to revoke a privacy consent previously given. When this happens, you should call denyConsentTypes(Array<string>).

JavaScript
JavaScript
// This call should be made in your code after the user has revoke a previously given privacy consent
InLocoEngage.denyConsentTypes([
//Consents you want to revoke
]);