Secure Privacy Changelog

You now have a fastest way to connect Secure Privacy as your consent management platform — directly inside the Google Ads or Google Tag Manager interface, using Google's built-in consent mode setup wizard. No manual gtag('consent', ...) code. No extra scripts to maintain.

Secure Privacy is listed as a fully integrated platform in Google's CMP picker, which means Google handles the consent signal wiring automatically. We have created a setup guide which walks through every step of that wizard — from opening the Admin tab on your Google tag, to selecting Secure Privacy under Fully integrated platforms (free tier available), to publishing your consent banner and verifying that ad_storage, analytics_storage, ad_user_data, and ad_personalization signals are passing correctly.

The article covers:

• Where to find the wizard — navigating to the Google tag Admin tab in Google Ads (via Data manager) or Google Tag Manager
• Step-by-step wizard walkthrough — all six screens, from "Set up consent mode" through to the confirmation screen
• Selecting Secure Privacy as your CMP — finding the free-tier option under Fully integrated platforms and completing the connection
• Publishing the consent banner — choosing between GTM container publishing and manual installation
• Testing consent signals — using Google's built-in signal tester to confirm the integration is live and correct
• Troubleshooting — what to check if the banner isn't detected or consent signals aren't registering

This is the simplest path to Google Consent Mode v2 compliance for sites using Google Ads or Analytics — no developer needed, no manual tag configuration, and the free tier means you can get started immediately.

Read the full setup guide →

If your site sits behind a firewall, WAF, or other access controls, our compliance website scanner must be able to reach your pages. Without the correct allowlist, scans can be blocked and results may be incomplete or inaccurate.

Current scanner IP addresses (add these to your allowlist):

What to do

1. Add the IPs above to your firewall, WAF, or hosting provider allowlist.
2. Allow traffic both inbound and outbound for these addresses.
3. If you use a CDN or DDoS layer (e.g. Cloudflare, Akamai, AWS WAF), add the same IPs there if they enforce separate rules.

Important: Scanner IPs may change as we scale or maintain infrastructure. Check the allowlisting documentation regularly or subscribe to updates so your allowlist stays current.

Still blocked after whitelisting? Contact support@secureprivacy.ai.

We’re excited to announce that Secure Privacy now has React Native SDK. The Secure Privacy React Native SDK provides a unified way to collect, manage, and signal user consent for Android and iOS from a single codebase.

Features

• Unified consent — Collect, manage, and signal consent across both platforms with one integration.
• Simple JavaScript API — Consent handling from your React Native app via a straightforward API; no need to bridge native code yourself.
• Compliance — Built to help you meet GDPR, CCPA, and other privacy regulations.
• Consent Recollection — Consent stays in sync with your CMP and expiry rules; re-collection is supported when configuration or consent expires.
• DSAR (Data Subject Access Request) — Request types aligned with backend and native implementations for consistent handling.
• Preference center & banner — Same consent and preference flows you get with our native iOS and Android SDKs.

Where to get it:

• Install from the npm registry: @secureprivacy/react-native-mobile-consent.
• Source and full README: github.com/secureprivacy/react-native-mobile-consent.
• Setup and configuration: docs.secureprivacy.ai — React Native SDK.

Native SDK support for the React Native layer

• Our iOS SDK v0.3.4 and Android SDK v0.4.5 support the React Native layer. Use these versions (or later) when building with the React Native SDK.

iOS v0.3.4 and Android v0.4.5 are now available, with DSAR form alignment to the Preference Center API, backend-driven validation, and standardised error handling.

DSAR form & Preference Center (iOS v0.3.4)

• Dynamic required fields — Required-field indicators on the DSAR form are now driven by your Preference Center API configuration.
• Backend validation — Validation happens on the backend at submission; the SDK displays returned error messages in the UI.
• Standardised DSAR types — DSAR type values match backend enum definitions across platforms.

Error handling (Android v0.4.5)

• Error codes — New and standardised error codes with the ACP prefix for clearer diagnostics.
• DSAR type fix — Request type selection now correctly submits the user’s chosen DSAR type.

Where to get it: iOS — v0.3.4 on CocoaPods / Swift Package Manager. Android — v0.4.5.

Consent expiry and re-collection are now available across iOS, Android, and tvOS, so you can keep consent in sync with your configuration and expiry rules on all platforms.

Consent expiry & re-collection (iOS v0.3.3, Android v0.4.1, tvOS v0.1.5-beta)

Dynamic consent expiry — Consent can expire based on your configuration; the SDK automatically marks status for re-collection so users see the banner again when needed.

Re-collection on config change — When your package/category structure changes in the CMP, the SDK triggers re-collection so consent stays in sync.

More reliable consent state — Consent state is evaluated more reliably across app launches.

Do Not Store Consent — Option to avoid storing consent locally when your privacy policy requires it; the SDK skips local persistence when enabled.

Android only — DSAR form improvements (February patch)

Optional fields no longer block submission — The DSAR form no longer fails when optional fields are left empty; submissions succeed with required fields only.

Clearer validation messages — Better feedback when something needs to be corrected.

Where to get it:

• iOS — v0.3.3 on CocoaPods / Swift Package Manager
• Android — v0.4.1 for consent/re-collection; v0.4.3 for the DSAR patch
• tvOS — v0.1.5-beta

We’re thrilled to announce the Secure Privacy tvOS SDK is now available via Swift Package Manager! 📢

To get started, just add the package in Xcode and initialise the consent engine with your Application ID(s) to unlock a polished, compliant user experience.

You can integrate integrate the proprietary Secure Privacy Consent Management SDK into Apple TV apps via Xcode’s File → Add Packages… workflow. The package repository hosts the Package.swift and license.

A companion Setup & Initialization guide (same API shape used on iOS, applicable to tvOS) documents the quick-start flow and shows how to initialise the consent engine with your Application ID(s).

What’s new

• Swift Package for tvOS
  • Repo: secureprivacy/tvos-sdk-spm on GitHub.
  • Contents: Package.swift, LICENSE, README.
• Documented setup & initialisation flow (APIs shared with iOS)
  • Obtain your Application ID from Secure Privacy.
  • Initialise the SDK using the SPConsentEngineFactory with your auth key (supports optional secondaryApplicationId for a secondary banner).

Documentation & Links

• tvOS Swift Package (manifest): secureprivacy/tvos-sdk-spm
• Setup & Initialization (API shape used by tvOS): Secure Privacy SDK – Setup & Installation
• Secure Privacy Docs home: docs.secureprivacy.ai 
• Support email: support@secureprivacy.ai

Wishing everyone a very happy new year 2026! 🎉

We are pleased to announce that the IAB TCF v2.3 update is now available to all our customers.

Aligned with changes in v2.3, we now support mandatory inclusion of the Disclosed-Vendors segment in every TC string, immediately following the Core segment. This update impacts encoding/decoding, UI flows, SDKs, validators, and vendor behavior.

You can see the availability of IAB TCF v2.3 under Domain Settings -> Advanced -> Framework -> Type dropdown

Key Updates

1. Disclosed-Vendors Segment Now Mandatory
   • The disclosedVendors segment is now included in all TC strings and shared with vendors in production.
   • The segment appears after the Core segment in the serialized TC string.
2. Updated TC String Format & Parsing
   • All encoding and decoding logic has been updated to support the new segment.
   • Vendors can now reliably parse the disclosedVendors segment, eliminating ambiguity.
3. Vendor Disclosure & Legitimate Interest
   • Vendors declaring Legitimate Interest for special purposes can now definitively determine if they were disclosed in the CMP UI.
4. Compatibility & Migration
   • Both v2.2 and v2.3 formats are supported during the transition period, with v2.3 now live in production.

Introducing Android TV support

• Includes comprehensive D-Pad navigation and robust focus management for lean-back interfaces.

Optimized mobile UI layouts 

• Added fix for landscape orientation issues on Android 15

Enhanced consent banner behavior

• Includes proper scrolling for content exceeding viewport dimensions

In addition, we have implemented minor UI and focus handling improvements across multiple screens for better consistency and usability.

Laws Report

We have improved the Laws Report from the aspect of performance, accuracy, and overall user experience.

With this improvement, we are looking at enhanced visitor tracking and UI/UX consistency. Head over to Domain Settings -> Laws report. 

Refactored Data Mapping Logic:
Previously, the chart was mapped through template names. The new implementation maps data based on predefined regions, ensuring cleaner, more meaningful visualizations.

Visitor Tracking Update:
The report now tracks visitor data instead of only consent data. This change is supported by an improved backend logic for more accurate reporting and region-specific insights.

Cookie Classification Quality of Life (QoL) Improvement

You can now jump straight from a cookie in the scan report to its classification screen with a single click.

Review the Scan Report -> Cookies section today!

We’re thrilled to announce the Secure Privacy Mobile Consent SDK for Flutter is live on Pub.dev!

Now you can ship fast, compliant consent experiences across Android and iOS with a single, unified Flutter API—just add the package to your pubspec.yaml, initialise with your Application ID(s), and you’re ready to collect, manage, and signal consent from the very first app launch.

Secure Privacy's secure_privacy_mobile_consent plugin on Pub.dev provides a cross‑platform Flutter API that wraps the proprietary Mobile Consent SDK for Android and iOS.

The package includes setup guidance (minimum iOS version, Android Gradle and permissions) plus example usage for initialisation and banner display.

What’s new

• Flutter package published on Pub.dev
  • Package: secure_privacy_mobile_consent
• Unified API for Android & iOS
  • Initialise the SDK once from Flutter, then present consent UI, read consent status, and check package‑level opt‑ins using one cross‑platform API surface.
• Example app & quick start
  • Check the working example and code snippets for initialisation and banner display to help you get up and running quickly.

Licensing & source

• The Flutter plugin wraps Secure Privacy’s proprietary Mobile Consent SDK. Usage and distribution are governed by Secure Privacy’s licensing terms; see package page for license note.

Documentation & Links

• Pub.dev package: secure_privacy_mobile_consent
• Setup & initialisation (Flutter docs): Secure Privacy Flutter SDK – Setup
• Advanced usage: Events, logging, client ID, locale, session

We have introduced support for a fallback template to ensure seamless legal coverage across all domains when no other active template applies to a user's country.

What’s New:

• Fallback Template Identification:
  • A legal template can now be marked as a fallback from the specific template screen.
  • Only one fallback template is allowed per account.
  • When enabled, this template will automatically apply to users visiting from countries not covered by any other active template, across all domains.

• Default Behavior:
  • The "Global Coverage" template is now automatically set as the fallback for master accounts.
  • If no other template covers a country, the fallback template will take over.

We’re excited to announce that Meta Consent Mode is now supported in Secure Privacy! 🎉

With this update, you can:

• Control how the Meta Pixel and Conversions API behave based on your users’ consent choices.
• Ensure no Facebook requests or cookies are sent until consent is granted.
• Automatically send grant or revoke signals to Meta when users update their preferences.
• Stay compliant with GDPR and other privacy regulations while continuing to measure ad performance.

For a full guide on setup and usage, see our Support Article on Implementing Meta Consent Mode.

We’ve also introduced the ability to fully customize your Data Subject Access Request (DSAR) form in Secure Privacy.

What’s new?

• Add custom controls such as textboxes, checkboxes, and more
• Reorder or remove fields to match your business needs
• Provide clearer instructions to users directly on the form
• Save changes instantly and update your live form with one click

Head over to our support article for more information on How to Customize the Data Request Form in Secure Privacy