Making sure you’re compliant post-GDPR

ironSource are committed to ensuring compliance with GDPR. This means that publishers are able to confidently use the ironSource solution, both as a network and mediation platform, and rest assured that we process user data in accordance with the parameters set out in the GDPR.

When and Why Consent is Required

The bulk of mobile in-game video advertising today is based on techniques and methodologies that are considered by GDPR as ‘legitimate interest’ and therefore does not require user consent. However, some elements of advertising do require a specific consent from users. An example would be personalized ads, which were targeted to users based on a profile of their interests.

In cases where consent is required, the GDPR states that this consent should be communicated to users explicitly for each advertising party. Therefore, in order to legally leverage this kind of data and serve personalized ads, each and every demand source will need to independently collect informed and unambiguous consent from users – either directly or by proxy (such as from the publisher or its mediation solution).

Consent Support

ironSource SDK introduced a client-side API to allow publishers to pass consent to our network or mediation on behalf of their users. We then process this user data accordingly.

Due to a lack of standardization, each network has approached consent collection and management differently. ironSource’s commitment to providing its publishers with a single transparent interface required us to develop unique and specific integrations for every possible implementation from each network.

Below is a list of SDK networks which have adapters for ironSource mediation, and the relevant information regarding their approach to GDPR.

Network Solution Comments Reference
AdColony Consent API https://www.adcolony.com/gdpr/
Amazon Consent Management Platform (“CMP”) In order to use GDPR with Amazon Mobile Ad Network, please follow the instructions they provide inside this page, under Has your SDK been updated for GDPR?”. https://developer.amazon.com/docs/mobile-ads/mb-faq.html#general–overview
Vungle Consent API If consent is not requested, Vungle defaults to displaying  consent on its own
AppLovin Consent API https://www.applovin.com/gdprfaqs/
InMobi Consent API https://support.inmobi.com/monetize/faqs/migrating-to-sdk-710-gdpr-compliant/
Chartboost Consent API https://answers.chartboost.com/en-us/articles/115001489613
UnityAds Consent API https://unity3d.com/legal/gdpr
MoPub Consent API https://www.mopub.com/resources/gdpr-faq/
AdMob Consent SDK https://support.google.com/admob/answer/7666366
Tapjoy Consent API https://dev.tapjoy.com/sdk-integration/#if_a_user_from_a_country_that_is_not_covered_by_gdpr_does_not_consent_or_withdraws_consent_would_tapjoy_limit_advertising_to_non-interest-based_ads_for_such_a_user
Facebook Do not require consent Facebook manages users on its own. Please advise with your Facebook representative for official information. https://www.facebook.com/business/gdpr
HyprMX Consent API
Maio Do not support consent Publisher should not target this network for users who are subject for GDPR
Fyber Pending https://www.fyber.com/legal/gdpr-faqs/
Server Side Sources Consent Macro Work In Process

Mapping of consent integrated adapters versions per network (Relevant only once using ironSource SDK V6.7.9 and above):

Network Earliest consent support adapter version
iOS Android Unity
AdMob 4.1.4 (SDK 7.28) 4.1.6 (SDK 12.0.1) 4.1.5
Amazon 4.3.0 (SDK 2.2.17.0) 4.3.0 (SDK 5.9.0) 4.3.0
AppLovin 4.1.4 (SDK 5.0.1) 4.1.4 (SDK 8.0.1) 4.1.4
Chartboost 4.1.2 (SDK 7.2.0) 4.1.2 (SDK 7.2.0) 4.1.3
InMobi 4.1.3 (SDK 7.1.1) 4.1.3 (SDK 7.1.0) 4.1.2
UnityAds 4.1.1 (SDK 2.1.1) 4.1.1 (SDK 2.1.1) 4.1.1
Vungle 4.1.5 (SDK 6.2.0) 4.1.3 (SDK 6.3.17) 4.1.5
TapJoy 4.1.1 (SDK 11.12.2) 4.1.1 (SDK11.12.2)
4.1.1
MoPub 4.1.2 – (SDK 5.2.0) 4.1.3 – (SDK 5.2.0) 4.1.4
AdColony 4.1.2 (SDK 3.3.4) 4.1.2 (SDK 3.3.4) 4.1.2 (SDK 3.3.4)
HyprMX 4.1.2 (SDK 5.0) 4.1.2 (SDK 5.0) 4.1.2
Facebook All versions
Maio All versions
MediaBrix All versions


For publishers who prefer not to collect consent,
the ironSource solution – both the network and the mediation platform – is built to ensure compliance with the GDPR.

  • On the network level, ironSource will serve your users who are subject to GDPR with ads that are non-personalized
  • On the mediation level, ironSource is working closely with all the networks to confirm that they too have the technical solution to address serving your users who are subject to GDPR with ads that are not personalized if no consent was provided. Nonetheless, we advise every publisher to reach out to their other networks to receive additional legal assurances