Privacy & Consent
GameRebellion's SDK includes built-in privacy controls that respect player consent and comply with GDPR, CCPA, and other privacy regulations.
Consent States
GameRebellion.SetConsent(Consent.Granted); // Full data collection
GameRebellion.SetConsent(Consent.Denied); // PII stripped, anonymous analytics only
GameRebellion.SetConsent(Consent.Unknown); // Default — same behavior as Denied
| State | Behavior |
|---|---|
Granted | Full data collection including advertising IDs (IDFA, GAID), IP address, and player identity |
Denied | The Redactor stage strips all PII before events leave the device. Anonymous analytics still flow. |
Unknown | Treated as Denied until the player makes a choice |
The Consent Gate
The Consent Gate is the first stage of the client-side pipeline. When consent is Denied or Unknown:
- Advertising IDs (IDFA, GAID) are not collected
- IP address is not attached to events
- Player ID is hashed before transmission
- Events still flow for aggregate analytics
The Redactor
When consent is denied, the Redactor strips PII fields before events enter the batcher:
| Field | Action when denied |
|---|---|
idfa | Removed |
gaid | Removed |
ip | Removed |
player_id | Hashed (one-way) |
email | Removed |
iOS App Tracking Transparency
On iOS, the SDK integrates with Apple's ATT framework:
- When consent is
Granted, the SDK callsATTrackingManager.requestTrackingAuthorization()if not already prompted. - IDFA is only collected when the player has granted ATT permission and SDK consent is
Granted.
Server-Side Privacy
On the server side, additional privacy measures are applied:
- IP Anonymization: The last octet of IPv4 addresses (or last 80 bits of IPv6) is masked before storage.
- GeoIP Resolution: Country and region are resolved from the IP address before anonymization.
- Data Retention: Configurable per environment. Raw events are retained for the configured period, then aggregated.