Re-initialize the SDK after a GDPR request for erasure

Acoustic Mobile App Messaging supports General Data Protection Regulation (GDPR) requests for erasure. When a GDPR request for erasure is made by a user, Acoustic Campaign customers can use the GDPR Right to Erasure API to erase the user’s personal data from Campaign, Mobile Customer Engagement (MCE), and the user’s device. The API sets the user’s status to “GDPR forget” and the SDK’s state to “GDPR reset”. If the SDK is not re-registered with the MCE server, the SDK stops performing specific functions for the user, such as:

  • Delivering mobile app messages
  • Updating and deleting user attributes
  • Sending events
  • Displaying inbox messages and in-app messages

To determine “GDPR reset” state, developers can check the response/callback from the following APIs:

  • iOS – MCERegistrationDetails.sharedInstance.userInvalidated
  • Android – MceApplication.onSdkReinitializeNeeded
  • Cordova – MCEPlugin.userInvalidated
  • Xamarin.Forms – SDK.Instance.UserInvalidated

Responding to users in “GDPR reset” state

If “GDPR reset” state is true, you can use the 'autoReinitialize' option to specify how the SDK behaves after erasing the user’s personal data. In iOS, Android, and Xamarin.Forms, the option is set in MceConfig.json, and in Cordova, the 'AUTO_REINITIALIZE' variable is set when adding the Cordova plug-in.

Set 'autoReinitialize' to one of the following values:

  • true (default value) – Automatically registers the SDK with MCE and obtains a new userId and channelId for anonymous application use when the application is next brought to the foreground. The SDK resumes functions, such as delivering messages and sending events, and collects the user’s personal data anonymously.

  • false – Restricts the SDK from automatically registering with MCE. Developers must decide how they want the SDK to respond on application startup. For example:

    • Continue to restrict SDK functionality and data collection for the user.
    • Request permission from the user to collect data anonymously. If the user grants permission, the developer can re-enable MCE integration, re-register with MCE, and start collecting new user ids. See the following sections for instructions for your platform.

iOS
Execute the 'MCESdk.sharedInstance.manualInitialization' method in iOS.

if(MCERegistrationDetails.sharedInstance.userInvalidated) {
                [MCESdk.sharedInstance manualInitialization];
            }

Android
Override 'MceApplication.onSdkReinitializeNeeded' by calling the 'MceApplication.reinitialize' method.

If you want to override the application, you can call 'Mce.init' with a 'SdkInitLifecycleCallbacks' instance that implements 'onSdkReinitializeNeeded'.

Override MceApplication.onSdkReinitializeNeeded by calling the MceApplication.reinitialize method.

If you want to override the application, you can call Mce.init with a SdkInitLifecycleCallbacks instance that implements onSdkReinitializeNeeded.

                    @Override
                    public void onSdkReinitializeNeeded(Context context) {
                        // In this method the decision whether to reinitialize the sdk is made
                        boolean reInit = shouldReinitializeSdk();
                        if(reInit) {
                            MceApplication.reinitialize(context);
                        }
                    }

Cordova

MCEPlugin.userInvalidated(function(invalidated) {
        	if (invalidated) {
        		MCEPlugin.manualInitialization();
        	}
        });

Xamarin.Forms

if (SDK.Instance.UserInvalidated())
            {
                SDK.Instance.ManualSdkInitialization();
            }

Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsible for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients’ business and any actions the clients may need to take to comply with such laws and regulations.

The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. Acoustic does not provide legal, accounting or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.