VAST macros / Identity and privacy

[GDPR] VAST macro

Short answer: Binary flag for whether GDPR applies to this request (1) or not (0). Introduced in VAST 4.1.

What it means

Signals whether the request is subject to the EU GDPR. A value of 1 means GDPR applies and a valid consent string should accompany the request via [GDPRCONSENT].

Example value

After the player substitutes the macro, [GDPR] becomes something like:

Where it is valid

Impression, tracking, click, and verification URLs.

Macros are case-sensitive and substituted only inside URL fields. A macro written in the wrong case, or placed where it has no defined value, is sent to the server as literal text instead of a value.

Using it in a tag

<Impression><![CDATA[https://t.example.com/i?val=[GDPR]&cb=[CACHEBUSTING]]]></Impression>

<Impression><![CDATA[https://t.example.com/i?val=[GDPR]&cb=[CACHEBUSTING]]]></Impression>

VAST XML fragment only. This excerpt belongs inside a complete VAST document, so standalone validation will fail until it is wrapped in a full <VAST>response.

Related vastlint rules

VAST-2.0-macro-unknown: URL contains a [MACRO] that is not a recognised IAB VAST macro
VAST-2.0-macro-lowercase: Recognised macro is not uppercase — players match macro names case-sensitively

Related macros

Validate your macros

vastlint flags unknown, mis-cased, deprecated, out-of-context, and unencoded macros in any tracking, click, error, impression, or media URL:

# CLI: exits non-zero on errors, ideal for pipelines
vastlint check creative.xml

# CLI: exits non-zero on errors, ideal for pipelines
vastlint check creative.xml

Use the right tool for this failure

If you already have the resolved XML, run a pure spec check. If you only have a live tag URL, test that endpoint first. If the failure happens in the wrapper chain, inspect each hop.

Validate this XML →Test this live URL →Inspect this wrapper chain →