Skip to content

This library provides methods to identify the relevant regulatory framework based on the user's IP or location and request consent from the user.

License

Notifications You must be signed in to change notification settings

DewminaUdayashan/flutter_consent_flow

Repository files navigation

Flutter Consent Flow ⚒

This library provides methods to identify the relevant regulatory framework based on the user's IP or location and request consent from the user. It can detect users who fall into the following categories:

  • GDPR
  • CCPA
  • LGPD

FlutterConsentFlow

We use Nominatim API, ipgeolocation API & Geocoder for detect these data.

Getting Started 🚀

Add flutter_consent_flow:1.0.0 to your pubspec.yaml file. To use Flutter Consent Flow, you need to initialize the library first using the initialize method. This step is necessary before using other functionalities of the library.

FlutterConsentFlow.initialize(
	httpReferer:  'Your HTTP Referer',
	userAgent:  'Your User Agent',
	enableLogs:  true,  // Set to false to disable logs
);
  • httpReferer: The HTTP referer to be used for API requests. You can use your website url or app's url for this. This is required only for the getRegulatoryFrameworkByCoordinates method.
  • userAgent: The user agent to be used for API requests. You can pass some unique indentifer for your app. This is required only for the getRegulatoryFrameworkByCoordinates method.

Regulatory Frameworks 🗺️

The RegulatoryFramework enum provides a way to represent different regulatory frameworks related to user data protection and privacy laws. This enum is used as a return type for methods that determine the applicable regulatory framework based on the user's location.

Enum Values

  • gdpr: Represents the European Union's General Data Protection Regulation (GDPR). This regulation aims to protect the personal data and privacy of EU citizens.
  • ccpa: Represents the California Consumer Privacy Act (CCPA). This regulation grants California residents specific rights and control over their personal information.
  • lgpd: Represents Brazil's Lei Geral de Proteção de Dados (LGPD). This framework establishes rules for the collection, processing, and sharing of personal data in Brazil.
  • notApplied: Indicates that none of the above regulatory frameworks are applicable or detected based on the user's location.

These enum values allow you to easily identify and handle the relevant regulatory framework for your users. Depending on the framework detected, you can tailor your app's data usage and consent mechanisms accordingly.

Identify Regulatory Framework

Flutter Consent Flow offers two methods to identify the regulatory framework applicable to the use

  1. IP Address-based Method: You can use the getRegulatoryFrameworkByIP method to identify the regulatory framework based on the user's IP address. This method requires an API key from ipgeolocation.io.

Example:

final RegulatoryFramework? framework = await FlutterConsentFlow.getRegulatoryFrameworkByIP(
  apiKey: 'Your IPGeolocation.io API Key',
);
  1. Coordinates-based Method: Use the getRegulatoryFrameworkByCoordinates method to identify the regulatory framework based on the user's device coordinates. This method also supports a fallback to the geocoder API, but using it as a fallback is NOT RECOMMENDED BY GOOGLE.

IMPORTANT: You must attribute & follow Nominatim Usage Policy in order to use their free APIs.

final RegulatoryFramework? framework = await FlutterConsentFlow.getRegulatoryFrameworkByCoordinates();

Note: The accuracy and availability of the regulatory framework information may vary based on the chosen method.

Geolocation Permissions

If you choose to go with checkRegulatoryFrameworkByCoordinates method, you must check location permissions & handle permission states before use this method. You can also use Flutter Consent Flow to check and request geolocation permissions on the user's device.

  • checkPermissions: Check the current geolocation permission status.
final LocationPermission permission = await FlutterConsentFlow.checkPermissions();
  • requestPermission: Request geolocation permission from the user.
final LocationPermission permission = await FlutterConsentFlow.requestPermission();

Note: To find the coordinates of the user, we use Geolocator plugin inside FlutterConsentFlow package. You may have to do platform specific configurations if you want to go with getRegulatoryFrameworkByCoordinates method. Follow Geolocator documentation to continue.

Showing the Consent Dialog

The FlutterConsentFlow package provides a built-in consent dialog that you can use to request user consent based on the detected regulatory framework. Before using this dialog, ensure that you have determined the applicable RegulatoryFramework using the package's methods.

Using the Built-in Consent Dialog

To show the built-in consent dialog, follow these steps:

  1. Determine the applicable regulatory framework using the package's methods.
  2. Pass the result to the consent dialog as a parameter.
  3. You can customise all of the text by passing your custom strings to the dialog.
  4. privacyPolicyLink is required & make sure to pass a valid privacy policy link to your app.

Here's an example of how to use the built-in consent dialog:

// Determine the applicable regulatory framework (e.g., GDPR)
final RegulatoryFramework? framework = await FlutterConsentFlow.getRegulatoryFrameworkByIP(
  apiKey: 'Your IPGeolocation.io API Key',
);
//It is not essential to show consent dialog if user not within
//the regulated country or state
if(framework == RegulatoryFramework.notApplied) return;
// Show the consent dialog
final bool? userGrantedConsent = await showDialog<bool?>(
  context: context,
  builder: (_) => const FlutterConsentDialog(
    regulatoryFramework: RegulatoryFramework.gdpr,
    appIcon: AssetImage('assets/ic_launcher.png'),
    appName: 'Test App',
    privacyPolicyLink: 'https://www.testapp.com/privacy-policy/',
  ),
);

Using a Custom Consent Dialog

If you prefer, you can design and use a custom consent dialog by incorporating your UI components. This gives you the flexibility to create a consent dialog that matches your app's design and branding.

To use a custom consent dialog, implement your own dialog and integrate it with the package's methods.

Note: Regardless of using the built-in or custom consent dialog, ensure that you follow the relevant regulatory framework's guidelines and provide users with clear and accurate information regarding data usage and consent options. This package will not save user consent, You can use SharedPreferences or FlutterSecureStorage to store user consent within app.

Important Notices ‼️

  • This package does not constitute legal advice or a legal entity. Users are responsible for managing their own data and ensuring compliance with relevant regulations.
  • Flutter Consent Flow identifies geographical areas and relevant legal frameworks based on provided APIs. It does not guarantee accuracy or legal compliance.

Contribution and Issues 🤝

Please feel free to contribute to this project by submitting pull requests or reporting issues. Your feedback is valuable in improving the library for all users.

License 🪪

This library is open-source and released under the MIT License.

About

This library provides methods to identify the relevant regulatory framework based on the user's IP or location and request consent from the user.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published