COPPA compliance
Online publishers have to take particular care when handling data collected from children. All apps and websites have to abide by applicable laws. You're advised to carefully review all requirements and take the necessary steps.
This documentation pertains only to the Children’s Online Privacy Protection Act (COPPA) passed in the United States. Other laws may also be applicable to your apps and websites, such as General Data Protection Regulation (GDPR) Article 8 passed in the European Union. Discuss with your counsel the most appropriate approach to comply with all applicable laws.
To learn more about how Adjust processes users' data, see section 1 of the privacy policy.
Who needs to be COPPA compliant?
COPPA is applicable for your app if your company is based in the U.S., and/or if your app has users located in the U.S., and your app collects personal information from users under the age of 13.
There are four categories of apps with respect to COPPA:
“Not applicable” – Both of these criteria are met:
- The company that publishes the app is not based in the U.S., and
- The app does not have users located in the U.S.
"General audience app" - The app meets both of these criteria:
- The app is not directed to children under the age of 13, and
- The app is not likely to appeal to children under the age of 13.
The COPPA Rule does not require operators of general audience apps to investigate the ages of users. However, if the app publisher does obtain actual knowledge that the app has collected personal information from children under 13, the app will have to comply with COPPA.
"Mixed audience app" - The app meets this criterion:
- The app is not primarily directed to children under the age of 13.
And, the app meets one or more of these criteria:
- The app, or portions of the app, are directed to children under the age of 13, or
- The app, or portions of the app, are likely to appeal to children under the age of 13
"Children's app" - The app is primarily directed to children under the age of 13.
If you have questions about which category your app falls into or have other COPPA-related questions, see the FTC COPPA FAQs.
How do I use Adjust’s services in a COPPA compliant manner?
The Adjust SDK has a COPPA compliance mode that allows advertisers to comply with COPPA regulations. When enabled, this mode restricts the SDK’s ability to collect advertising IDs (such as IDFA and Google Advertising ID) and disables third party data sharing. This limitation reduces attribution capabilities and may affect the availability of certain features (see details below).
For mixed audience apps with an age gate, you can activate the COPPA compliance mode at the device level after identifying the user’s age.
This information pertains solely to the Adjust SDK. If you are using other external SDKs or collecting sensitive information covered under COPPA, it is essential to conduct an assessment and consult with your legal counsel.
What are the implementation steps and features supported for each COPPA category?
Not applicable
No COPPA implementation is required for Adjust.
General audience app
All Adjust features are available. No COPPA implementation is required for Adjust, unless the app publisher has actual knowledge of users under the age of 13 on the app. If your app is a general audience app and you have actual knowledge that you have users under the age of 13, discuss with your counsel the most appropriate approach to comply with COPPA.
Mixed audience app with age gate
A “mixed audience app”, as defined in the “Who needs to be COPPA compliant?” section above, may or may not use an age gate. If your mixed audience app uses an age gate, the approach detailed in the section below applies.
App development
See the Apps for children developer guide for Adjust SDK implementation. This implementation requires an age gate. For users 13 and over, the app initializes the Adjust SDK normally. For users under 13, the app enables COPPA compliance mode in the Adjust SDK, which disables advertising ID collection and disables third party data sharing on Adjust's servers. The app then initializes the Adjust SDK.
Adjust Suite
In Adjust Suite, under App Details, check the "This app needs to comply with COPPA" box. Checking this box only labels your app as requiring COPPA compliance. It does not automatically make your app compliant. You still have to configure your app's implementation to meet COPPA requirements.
Campaign support
| Campaign type | Exceptions and Conditions |
|---|---|
| Link-based campaigns | You may not place dynamic callbacks in the URL. For module
partners, users under 13 are excluded from callbacks as a result of
Adjust SDK COPPA configuration. Advertising ID attribution is
disabled for users under 13 as a result of Adjust SDK COPPA
configuration. Other attribution methods, such as probabilistic modeling and store referrer, are supported for users under 13. |
| SAN app campaigns | Users under 13 are excluded as a result of Adjust SDK COPPA configuration. |
| SKAdNetwork campaigns | Supported for all users. |
| CTV to Mobile campaigns | Not supported due to the FTC’s guidance on cross device tracking . |
| CTV to CTV campaigns | Users under 13 are excluded as a result of Adjust SDK COPPA configuration. |
Feature support
The below features are supported for mixed audience apps, with the exceptions and conditions noted.
| Feature | Exceptions and Conditions |
|---|---|
| Raw data export | You may only use real-time callbacks and CSV exports to send data to your own endpoints. You may not configure raw data export to share with third parties, such as agencies or third party platforms. |
| Audience Builder | Users under 13 are excluded as a result of Adjust SDK COPPA configuration. |
| Module partners | Callbacks to partners are disabled for users under 13 as a result of Adjust SDK COPPA configuration. |
| S2S events | Do not include advertising ID (IDFA, Google Advertising ID, etc.) on S2S events for users under 13. For these users, use only backup identifiers, such as Adjust ADID. To ensure compliance, Adjust recommends using SDK events exclusively for mixed audience apps. |
| Ad revenue | SDK-to-SDK ad revenue integrations record data for all users. Be sure to properly set COPPA
configuration in the respective ad revenue SDK(s) you are using. API ad revenue integrations do not record data for users under 13 as a result of Adjust SDK COPPA configuration. Do not include advertising ID (IDFA, Google Advertising ID, etc.) when sending S2S ad revenue for users under 13. For all ad revenue integrations, users under 13 are excluded from ad revenue callbacks to partners, as a result of Adjust SDK COPPA configuration. For Google Play, you may use only certified ad SDKs to serve ads to users under 13. You may use non-certified ad SDKs to serve ads to users 13 and over. |
| Uninstall and reinstall measurement | Supported for all users. For users under 13, you may only use the push tokens that the Adjust SDK collects for uninstall and reinstall measurement and not for any other purposes. |
| Deep Linking | Supported. For deferred deep linking, Advertising ID attribution is disabled for users under 13 as a result of Adjust SDK COPPA configuration. Other attribution methods such as probabilistic modeling and store referrer are supported for users under 13. |
| Web Attribution | Supported for all users. |
Adjust does not support any Verifiable Parental Consent mechanism for mixed audience apps.
Children's app
App development
See the Apps for children developer guide for Adjust SDK implementation. This implementation doesn't use an age gate. For all users, the app enables COPPA compliance mode in the Adjust SDK, which disables advertising ID collection and disables third party data sharing on Adjust's servers. The app then initializes the Adjust SDK.
Adjust Suite
In Adjust Suite, under App Details, check the "This app needs to comply with COPPA" box. Checking this box only labels your app as requiring COPPA compliance. It does not automatically make your app compliant. You still have to configure your app's implementation to meet COPPA requirements.
Campaign support
| Campaign type | Exceptions and Conditions |
|---|---|
| Link-based campaigns | You may not place dynamic callbacks in the URL. Module partner callbacks are disabled as a result of SDK configuration. |
| SAN app campaigns | Not supported, as these campaigns rely on advertising ID. |
| SKAdNetwork campaigns | Supported. |
| CTV to Mobile campaigns | Not supported due to the FTC’s guidance on cross device tracking. |
| CTV to CTV campaigns | Not supported, as these campaigns rely on advertising ID. |
Feature support
The below features are supported for children's apps, with the exceptions and conditions noted.
| Feature | Exceptions and Conditions |
|---|---|
| Raw data export | You may only use real-time callbacks and CSV exports to send data to your own endpoints. You may not configure raw data export to share with third parties, such as agencies or third party platforms. |
| Audience Builder | Not supported, as this feature requires advertising ID. The feature is disabled as a result of Adjust SDK COPPA configuration. |
| Module partners | Not supported, as this feature requires callbacks to partners. This feature is disabled as a result of Adjust SDK COPPA configuration. |
| S2S events | Do not include advertising ID (IDFA, Google Advertising ID, etc.) on S2S events. Use only backup identifiers, such as Adjust ADID. To ensure compliance, Adjust recommends using SDK events exclusively for children's apps. |
| Ad revenue | SDK-to-SDK ad revenue integrations are supported. Be sure to properly set COPPA configuration in the
respective ad revenue SDK(s) you are using. API ad revenue integrations are not supported, as they require advertising ID. This feature is disabled as a result of Adjust SDK COPPA configuration. Do not include advertising ID (IDFA, Google Advertising ID, etc.) when sending S2S ad revenue. If your iOS app is in the Kids category, the App Store generally does not allow third party ads to be displayed in the app, with some exceptions. See App Store Review Guidelines for details. For Google Play, you may use only certified ad SDKs. |
| Uninstall and reinstall measurement | Supported. You may only use the push tokens that the Adjust SDK collects for uninstall and reinstall measurement and not for any other purposes. |
| Deep Linking | Supported. For deferred deep linking, advertising ID attribution is disabled as a result of Adjust SDK COPPA configuration. Other attribution methods, such as probabilistic modeling and store referrer, are supported. |
| Web Attribution | Supported. |
Adjust does not support any Verifiable Parental Consent mechanism for children's apps.
App Store Submission
App Store
For iOS, Apple reviews all apps and determines whether or not to classify them in the Kids category in the App Store. If Apple classifies your app in the Kids category, then they require your app to meet more stringent criteria. To help comply with these criteria, you should use the children's app configuration for Adjust as described above.
If Apple has not classified your app in the Kids category, then you should use the configuration for the COPPA category that is appropriate for your app, as defined above.
If you have already submitted your app to the App Store, you can determine if your app is in the Kids category by following these steps:
On the web, visit the app page on the App Store.
Scroll to the bottom of the page.
If the Age Rating section displays one of the following signifiers, the app is in the Kids category:
- Made for Ages 0-5
- Made for Ages 6-8
- Made for Ages 9-11
If the Age Rating section doesn't display one of the above signifiers (for example: it just says 4+), the app is not in the Kids category.
Google Play
For Google Play, Google reviews all apps and determines whether their assessment of the app's target audience aligns with the information you submitted. For example, in Google Play you might set a target audience of adults only, but during app review Google might assert that your app is primarily directed to children. In such a case, Google provides some means to modify your app (for example: changing copy or creative elements, or applying a "Not designed for children" banner to your store listing) so that it aligns with the target audience.
However, Google may ultimately decide that your app is primarily directed to children and require you to change your audience targeting. In this case, you should use the children's app configuration for Adjust as described above. If Google has not restricted the target audience age groups for your app, then you should use the Adjust configuration for the COPPA category that is appropriate for your app, as defined above.
If your app has at least one target audience age group that includes users under 13 in Google Play, your app has to comply with Google Play’s Families Policy Requirements.
Google Play has a Kids tab, which is specifically for apps that have been "Teacher Approved". This is a separate process and designation that works in a different way than the App Store Kids category. Additionally unlike the App Store, there is no external way to check if Google Play has designated that an app is primarily directed to children. You have to check this information in the Google Play console.
An app can still be considered directed to children and/or likely to appeal to children under COPPA even if the App Store or Google Play do not designate it as such. Review your app carefully to determine whether it may be directed to children and/or likely to appeal to children.