Regulations

In 4Comply, Regulation refers to the compliance and data privacy laws applying to a specific region.

For API calls where regulation-specific functionality occurs, 4Comply uses a Regulation Selection Algorithm to determine the proper Regulation.

The inputs to this algorithm are:

  1. Request Values (Headers, Body Fields, Parameters).
  2. Your specific Regulation Configuration (Geo Regulation Maps, Geo Priorities, Geo IP Exceptions).

The algorithm works in two steps:

  1. Determine the Standard Country/State for the request
  2. Determine the Regulation which best matches the Standard Country/State

First, the algorithm will look at your configured Geo Priorities. Based on the highest-rank priority, the algorithm will fetch the value to use as Standard Country/State.

As an example, if your top-rank geo priority is a Header Value for geo_override, then the algorithm will select the value contained in the request header for that header name. For example, you can send “IT” for Italy, or “CA” for Canada. If the algorithm does not find a specific value in that header, it will move to the next geo priority.

Next, after finding a Standard Country/State from the priorities, the algorithm will check the IP Address of the request against any Geo IP Exceptions configured.

If it finds a match, the algorithm will proceed with the Value found in the Geo Ip Exception instead of the previously matched Standard Country/State.

Either way, the algorithm will now move into the Regulation selection phase.

Third, the algorithm looks through all your configured Geo Regulation Maps to find a match. It then selects matching Regulation.

Each entry in Geo Regulation Maps has a Input Country, Standard Country (Input State and Standard State are optional), a Regulation, and a Value. The “value” field is the key to find a matching Geo, which in turn identifies the correct Regulation. The Standard Country/State specifies is used to check for a match.

Configurations

4comply also offers some useful endpoints in case you want to make updates to the regulation or the Geo settings.

For every regulation, you can update specific values via the PUT /regulations/{id}/config endpoint or via the 4Comply Dashboard. You can update the Time-to-live (in months), the bases for processing, and the processing purposes.

You can also make a call to the POST /geo/exceptions endpoint to add a Geo IP Exception to the system.

You can change or update the Geo Priorities by making a call to the POST /geo/priorities endpoint.

  • You may also update Geo activities in the 4Comply Dashboard under Configuration in the Geo section.

You can refer to the API Reference for more information.