Overview

The United States Children’s Online Privacy Protection Act (COPPA) protects children’s privacy and applies to websites directed at children under the age of 13. On such child-directed websites, personal information must not be collected, including precise geo-location information and persistent IDs to recognize users over time and across different sites. The provisions in COPPA are also included in the European GDPR.

Declaring a website as child-directed

To comply with COPPA/GDPR regulations, you can declare a website as child-directed in Equativ's Monetization Platform (EMP).

• sign in to Monetization
• go to Inventory > Sites & pages
• navigate to the website you intend to declare as child-directed and edit it (read Create placements to learn more about site creation/editing)
• enable the checkbox Child-directed
• in the opening field, enter the Site location, i. e. where the server is located (hosted)
• read the next chapter below for a full understanding of the resulting behavior 

Bid requests from child-directed websites

In bid requests originating from a website you have declared as child-directed, Equativ will suppress/truncate personal information if: 

• the end user’s ad call originates from the USA or a GDPR country
• the server location you have defined on website level (in Administration > Websites & pages) is the USA or a GDPR country; suppression/truncation is applied even if the end user’s ad call originates from a country other than the USA or a GDPR country

Equativ suppresses/truncates the following personal information:

• in the Device Object
  • didmd5 and didsha1 device ID fields suppressed
  • ip field truncated (lowest 8 bits removed)
  • ipv6 field truncated (lowest 32 bits removed)
• in the Geo Object
  • lat and lon fields suppressed
  • metro, city, and zip fields suppressed
• in the User Object
  • id, buyerid, yob and gender fields suppressed