Supporting User Privacy Choices with Limit Data Sharing FAQ

“Limit Data Sharing” (LDS) is a feature that allows an optional true/false value to be sent to Singular, that should indicate a users consent to data use for advertising and marketing. “Limit Data Sharing” can be used by Singular customers to implement custom business logic in order to adhere to company or regulatory data & user privacy policies, such as CCPA, GDPR, etc.

"Limit Data Sharing" values are:

Disclaimer:

  • Use of "Limit Data Sharing" is only relevant if the Singular SDK is initialized. Your app’s data use policy may also include decisions when the Singular SDK should not be initialized or when the SDK should stop tracker. See our article on SDK Opt-in and Opt-out Practices.
  • Use of "Limit Data Sharing" should be advised by your app's data use and privacy policy. Although Singular cannot provide legal guidance on privacy policies, your Singular representative can advise on how best to implement "Limit Data Sharing" with Singular with provided privacy requirements.

FAQ

When should I use “Limit Data Sharing”?
LDS should be used for scenarios when Singular's SDK (or S2S API) implementation measures app activity, but you may want Singular’s platform to customize or restrict ways on how users' data is transmitted to partners which you have configured Singular integrations for.  
Note:
  • Your app’s data use policy may also include other requirements in addition to using LDS:
  • Singular’s integrations with partners do not include sending sensitive user information and adhere to industry standards of data privacy and use of mobile identifiers. "Limit Data Sharing" is to allow further customization of partner integrations beyond the standard privacy practices.
How do I implement “Limit Data Sharing”?

See our iOS, Android, and Server-to-Server API articles for technical documentation and example implementation

  • When and how to set LDS should adhere to your businesses and apps requirements for user privacy as it relates to user-level data transmitted to partners through Singular’s integrations you configure. Consult your businesses legal counsel on how your business and app needs to adhere to internal and regulatory privacy policies
  • Implementations vary according to your legal cousel's guidance on how to handle user consent, but it is generally recommended that:
    • LDS is set (true/false) only when the user has explicitly opted-in or out. It is recommended to leave LDS unset if a user did not make a choice. The absence of a user signal may be important for partners.
    • For features like “User Privacy Postbacks” that require an LDS value to function, the default LDS value in the absence of one, can be configured.
    • User signals for LDS are commonly collected through advertiser prompts via an app’s “Privacy Settings” or “Privacy Choices” pages.
    • When possible (and depending on your app's consent prompt design and strategy) set LDS prior to initializing the Singular’s SDK to ensure Singular has the most accurate signal at time of install. Depending on how "User Privacy Postbacks" are configured, having the signal at time of install may affect attribution (for example if LDS=true install postbacks are restricted from being sent to a self-attributing partner).
What partners support “Limit Data Sharing”?

Some partners can receive user consent signals usually in the form of “limit data use”. Singular’s integrations with these partners automatically pass the LDS value to these partners, if LDS is implemented. The following partners utilize Singular’s LDS in postbacks:

Partner What do they use it for?
Facebook (Meta)

Singular’s LDS is sent to Meta as “Limited Data Use”.

“Limited Data Use” allows advertisers to notify Meta if users allow or limit data processing for the following states in the United States:

  • California (as of July 2020)
  • Colorado (as of June 2023)
  • Connecticut (as of June 2023)

If LDS is unset for California, Colorado, Connceticut users, Singular defaults to notifying Meta that "Limited Data Use" should be applied. 

Google (Google Ads, 
Google Marketing Platform)

Starting March 2024, Google is requiring advertisers to pass consent signals for EEA users to help advertisers comply with Google's EU user consent policy that has been updated to support the Digital Markets Act. EEA users who opt-out of these user consent signals will not be attributable nor will their data be used in Google for advertising purposes. See "March 2024 - Google Updates for the EU Digital Markets Act".

Advertisers can choose to support these requirements via one of three ways in Singular:

  • Implement Singular's LDS, which is mapped to Google's "ad_user_data" and "ad_personalization" to support Google's consent policy for traffic in the EEA.
    • LDS=true maps to ad_user_data/ad_personalization=0
    • LDS=false maps to ad_user_data/ad_personalization=1
    • Unset LDS maps to unset ad_user_data/ad_personalization
  • If your business determines that EU privacy regulations don't apply to your app, check the "EEA opt-out" option under the "User Privacy" section in the partner configuration. LDS and user consent signals are not used by Google with this option.
  • (Not yet available) The Singular SDK/S2S will support Google certified Consent Management Platforms (CMP) who use the TCF 2.2 standard to automatically ingest user consent signals from implemented CMP SDKs. In the meantime, the user consent signals must be passed through "Limit Data Sharing" (first option).

 

Note that use of “User Privacy Postbacks” to restrict postbacks to partners prevents Singular from sharing all LDS values with them. See examples of how "User Privacy Postbacks" impacts the partner's ability to recieve LDS signals.