Last updated on September 7, 2021 - Back to blog home page
The General Data Protection Regulation (GDPR) is a regulation in European Union (EU) law on data protection and privacy in the EU and the European Economic Area (EEA). The GDPR's primary aim is to give control to individuals over their personal data.
Long-story short, if you are targeting an audience for your video app in the European Union and you are collecting personal data (you likely are), you need to comply with GDPR terms and you need to request consent from your viewers before collecting personal data.
Since we have had requests from some of our customers on how to best deal with GDPR compliancy while using our player, we are sharing our finding here.
Note that you may have other legal obligations under GDPR than those discussed in this blog post. Please review the European Union's guidance and consult with your legal counsel. This blog post is designed to help with compliance with GDPR guidelines when using Radiant Media Player and do not relieve any publisher of its obligations under the law.
The player uses localStorage
by default with the
rememberVolume setting. localStorage are also used with the player when the
Stack Overflow question. If you want to turn off localStorage altogether you can set
allowLocalStorage setting to false.
The player also uses IndexedDB when using offline storage & playback.
If you use localStorage or IndexedDB with our player and to be compliant with GDPR terms you need to request consent from your viewers first.
Note that our player does not collect any personal data from the viewer (no IP address, device type or navigation history is collected).
Further to this some strict interpretation of GDPR compliance may require all servers deliverying content to viewers in the European Union to be located IN the European Union. To comply with this case scenario you must:
3rd-party services used with the player, like video advertisement or analytics services may require additional steps, read on to find out.
When using Google IMA you need to request cookie consent in all cases. If you are using personalized ads you also need to request user consent for ads personalization. For Google Ad Manager
users you may request non-personalized ads, by appending
&npa=1 to your ad tag. If you are using another ad-serving service than Google Ad Manager then please refer to the documentation of that ad-serving service to know how to request non-personalized ads. See more information on
Google site here.
When using our rmp-vast parser you need to request cookie consent as well.