{"id":417,"date":"2025-10-06T15:36:38","date_gmt":"2025-10-06T13:36:38","guid":{"rendered":"https:\/\/stage.usercentrics.com\/?post_type=knowledge&#038;p=32206"},"modified":"2025-11-14T08:41:00","modified_gmt":"2025-11-14T07:41:00","slug":"digital-markets-act-dma-compliance-guide-for-companies","status":"publish","type":"knowledge","link":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/","title":{"rendered":"The Digital Markets Act (DMA): DMA compliance for companies"},"content":{"rendered":"\n<p>The Digital Markets Act has become a defining regulation for digital markets in the European Union, European Economic Area, and United Kingdom since it became enforceable in March 2024. It is designed to create fairer competition, give users more control over their personal data, and restrict monopolistic behaviors of the designated gatekeepers.&nbsp;<\/p>\n\n\n\n<p>While the primary targets are the largest tech platforms, businesses of all sizes are impacted by the requirements as the gatekeepers seek to achieve compliance across the digital ecosystem. To remain competitive, compliant, and trustworthy, companies must adapt their technical systems, legal practices, and user experiences to align with the DMA.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-key-takeaways\">Key takeaways<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The DMA explicitly applies to gatekeepers, but its requirements affect all businesses relying on their platforms and services and operating in EU digital markets.<\/li>\n\n\n\n<li>DMA compliance focuses on transparency, interoperability, and giving users meaningful control over their data.<\/li>\n\n\n\n<li>Explicit consent is required for combining or cross-using personal data across services.<\/li>\n\n\n\n<li>Companies must balance seamless user experience with strong privacy protections in consent flows. Users now have more rights and more ways to exercise them.<\/li>\n\n\n\n<li>APIs and CMS integrations play a critical role in ensuring interoperability and transparency.<\/li>\n\n\n\n<li>Noncompliance can result in fines up to 10 percent of global annual revenue, or 20 percent for repeat violations. DMA violations can also be violations under laws like the GDPR.<\/li>\n\n\n\n<li>Enforcement is intensifying across the EU, with regulators prioritizing user rights and fair competition. Fines have already been levied in the hundreds of millions to multiple billions of Euros.<\/li>\n\n\n\n<li>Consent management platforms (CMPs), like those from Usercentrics, help organizations operationalize DMA compliance.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-european-digital-markets-act-dma-the-basics\">The European Digital Markets Act (DMA): the basics<\/h2>\n\n\n\n<p>The Digital Markets Act is meant to better control the business practices of large tech platforms in European digital markets, and provide more protection and choice to consumers. We provide an overview of the purpose of the law, the gatekeepers, enforcement, and the DMA\u2019s timeline.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-purpose-and-goals-of-the-dma\">Purpose and goals of the DMA<\/h3>\n\n\n\n<p>The DMA\u2019s overarching mandate is to enable healthier competition in digital markets and reduce monopolistic practices. Specifically, it is meant to:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Provide smaller businesses with fairer opportunities to compete against dominant gatekeepers<\/li>\n\n\n\n<li>Give consumers greater transparency and genuine choice when choosing and interacting with digital services<\/li>\n\n\n\n<li>Strengthen privacy protections and require explicit consent before combining or cross-using personal data<\/li>\n\n\n\n<li>Ensure more open digital markets through measures such as interoperability, fair access, and data portability<\/li>\n<\/ul>\n\n\n\n<p>The DMA\u2019s requirements share similarities with the <a href=\"https:\/\/usercentrics.com\/knowledge-hub\/the-eu-general-data-protection-regulation\/\">General Data Protection Regulation (GDPR)<\/a>, particularly around consent, but the DMA goes further. It covers how platforms grant access, share data, and allow business users to compete, not just how they process personal data.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-who-does-the-dma-apply-to\">Who does the DMA apply to?<\/h3>\n\n\n\n<p>The DMA directly applies to companies that have been designated \u201cgatekeepers,\u201d which are large digital platforms providing <a href=\"https:\/\/usercentrics.com\/knowledge-hub\/digital-markets-act-dma-impacts-user-privacy-and-consent-management\/#digital-markets-act-gatekeepers-5\">core platform services<\/a>, such as search engines, app stores, online advertising, and social networking.<\/p>\n\n\n\n<p>There were six designated gatekeepers when the DMA came into effect in May 2023:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Alphabet (Google)<\/li>\n\n\n\n<li>Amazon<\/li>\n\n\n\n<li>Apple<\/li>\n\n\n\n<li>ByteDance (TikTok)<\/li>\n\n\n\n<li>Meta (Facebook, Instagram, WhatsApp)<\/li>\n\n\n\n<li>Microsoft<\/li>\n<\/ul>\n\n\n\n<p>Booking.com was added in May 2024. These gatekeepers owned and operated what have been designated as core platform services. These are defined as digital services provided by gatekeepers that play a critical role in linking businesses with consumers.&nbsp;<\/p>\n\n\n\n<p>They include online intermediation services, search engines, social networks, video-sharing platforms, operating systems, web browsers, cloud services, advertising services, and messaging or communication services.&nbsp;<\/p>\n\n\n\n<p>Because of their global scale, massive user base, and influence, these services are subject to stricter rules to ensure fair competition, transparency, and greater user choice.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" height=\"700\" width=\"900\" src=\"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2024\/07\/uc_blog_Core-platform-services-under-the-DMA-law.svg\" alt=\"\" class=\"wp-image-15971\"\/><\/figure>\n\n\n\n<p>As noted, however, the DMA\u2019s influence reaches third-party companies as well. As Tilman Harmeling, Senior Expert, Privacy at Usercentrics, explains:<\/p>\n\n\n<div class=\"uc-quote\">\n    <div class=\"uc-quote__inner\" style=\"--photo-size: var(--sz-128);\">\n                <div class=\"uc-quote__text\">\u201cThird-party companies are required to follow the guidelines of the gatekeepers, which are about providing a fair competitive market environment and prevention of market abuse. Therefore the gatekeepers adjusted their platform services on aspects like fair access, transparency, data portability and therefore non-exclusivity and so on. The users of the platform services have to comply.\u201d<\/div>\n        <\/div>\n<\/div>\n\n\n\n<p>For businesses that rely on gatekeeper platforms \u2014 for example, advertisers using Google Ads or app developers publishing in Apple\u2019s App Store \u2014 this means following the DMA-aligned rules those platforms implement.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-are-third-party-companies-rights-under-the-digital-markets-act\">What are third-party companies\u2019 rights under the Digital Markets Act?<\/h2>\n\n\n\n<p>In addition to the DMA requirements of gatekeepers and regarding the rights and protections for end users, there are a number of requirements that the gatekeepers must meet regarding third-party companies that use their core platform services.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enable the use of third-party apps on gatekeepers\u2019 operating system(s)<\/li>\n\n\n\n<li>Enable access to data generated on core platform services (CPS)<\/li>\n\n\n\n<li>Do not rank gatekeepers\u2019 services more favorably than third parties\u2019<\/li>\n\n\n\n<li>Do not track end users outside of the gatekeepers\u2019 CPS for the purpose of targeted advertising without obtaining consent<\/li>\n\n\n\n<li>Enable uninstallation of pre-installed apps<\/li>\n\n\n\n<li>Enable changes to default settings in operating systems or browsers that otherwise direct users to gatekeepers\u2019 products and services<\/li>\n\n\n\n<li>Enable business users to offer their products and services on third-party platforms or their own platform for the same price as on the gatekeepers\u2019 platforms and services<\/li>\n\n\n\n<li>Provide advertisers and publishers with information about advertisements placed, remuneration and fees, and metrics free of charge<\/li>\n<\/ul>\n\n\n\n<p>As Tilman Harmeling notes,<\/p>\n\n\n<div class=\"uc-quote\">\n    <div class=\"uc-quote__inner\" style=\"--photo-size: var(--sz-128);\">\n                <div class=\"uc-quote__text\">\u201cThe DMA provides third-party companies with several rights, which aim to create a more competitive and fair digital marketplace by preventing gatekeepers from abusing dominant positions and ensuring that third-party companies can compete on equal terms. These rights can be found in Chapter 3 of the DMA.\u201d<\/div>\n        <\/div>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-timeline-of-the-dma\">Timeline of the DMA<\/h3>\n\n\n\n<p>The DMA was passed in November 2022 and came into force in May 2023. However, there was a grace period before enforcement began in early 2024. Designated gatekeepers were required to comply by March 6, 2024.<\/p>\n\n\n\n<p>Booking.com, which was only designated in May 2024, has until November 2024 to comply. Enforcement actions began quickly, with investigations into Alphabet, Apple, and Meta launching the same month as compliance requirements began.<\/p>\n\n\n\n<p>For third-party businesses, the timeline is equally important. Any company operating in the EU, EEA, or UK that relies on gatekeeper platforms to process consumer data must ensure that its use of those services aligns with DMA-compliant practices.<\/p>\n\n\n<div class=\"uc-notice\">\n    <div class=\"uc-notice__icon\">\n        <svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n<path d=\"M10.8177 17.0093H12.8177V11.0093H10.8177V17.0093ZM11.8177 9.00928C12.1011 9.00928 12.3386 8.91344 12.5302 8.72178C12.7219 8.53011 12.8177 8.29261 12.8177 8.00928C12.8177 7.72594 12.7219 7.48844 12.5302 7.29678C12.3386 7.10511 12.1011 7.00928 11.8177 7.00928C11.5344 7.00928 11.2969 7.10511 11.1052 7.29678C10.9136 7.48844 10.8177 7.72594 10.8177 8.00928C10.8177 8.29261 10.9136 8.53011 11.1052 8.72178C11.2969 8.91344 11.5344 9.00928 11.8177 9.00928ZM11.8177 22.0093C10.4344 22.0093 9.13442 21.7468 7.91775 21.2218C6.70108 20.6968 5.64275 19.9843 4.74275 19.0843C3.84275 18.1843 3.13025 17.1259 2.60525 15.9093C2.08025 14.6926 1.81775 13.3926 1.81775 12.0093C1.81775 10.6259 2.08025 9.32594 2.60525 8.10928C3.13025 6.89261 3.84275 5.83428 4.74275 4.93428C5.64275 4.03428 6.70108 3.32178 7.91775 2.79678C9.13442 2.27178 10.4344 2.00928 11.8177 2.00928C13.2011 2.00928 14.5011 2.27178 15.7177 2.79678C16.9344 3.32178 17.9928 4.03428 18.8927 4.93428C19.7927 5.83428 20.5052 6.89261 21.0302 8.10928C21.5552 9.32594 21.8177 10.6259 21.8177 12.0093C21.8177 13.3926 21.5552 14.6926 21.0302 15.9093C20.5052 17.1259 19.7927 18.1843 18.8927 19.0843C17.9928 19.9843 16.9344 20.6968 15.7177 21.2218C14.5011 21.7468 13.2011 22.0093 11.8177 22.0093Z\" fill=\"black\"\/>\n<\/svg>\n    <\/div>\n    <div class=\"uc-notice__content\">\n                <p><span style=\"font-weight: 400;\">Learn more about the <\/span><a href=\"https:\/\/usercentrics.com\/knowledge-hub\/digital-markets-act-dma-impacts-user-privacy-and-consent-management\/\"><span style=\"font-weight: 400;\">DMA and its impacts on businesses<\/span><\/a><span style=\"font-weight: 400;\">, from startups to global enterprises.<\/span><\/p>\n            <\/div>\n<\/div>\n\n\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-who-enforces-the-dma\">Who enforces the DMA?<\/h3>\n\n\n\n<p>The European Commission (EC) is the body responsible for designating gatekeepers, monitoring compliance, and enforcing penalties. Its enforcement powers are extensive:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Fines of up to 10 percent of a gatekeeper\u2019s global annual turnover, rising to 20 percent for repeat infringements<\/li>\n\n\n\n<li>Behavioral or structural remedies, including forcing a company to divest part of its business<\/li>\n\n\n\n<li>Blocking acquisitions that could reinforce anti-competitive behavior<\/li>\n<\/ul>\n\n\n\n<p>Noncompliance could result not only in lost platform access, but also in reduced personalization functionality for advertising, leading to significant losses in data, audience, and revenue.<\/p>\n\n\n\n<p>The EC has already demonstrated its willingness to act. In April 2025, it <a href=\"https:\/\/ec.europa.eu\/commission\/presscorner\/detail\/en\/ip_25_1085\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">fined Apple and Meta<\/a> EUR 500 million and 200 million, respectively. In September 2025, it <a href=\"https:\/\/ec.europa.eu\/commission\/presscorner\/detail\/en\/ip_25_1992\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">fined Google EUR 2.95 billion<\/a> for abusive practices with online ad tech.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-digital-markets-act-impact-on-core-platform-services-and-users\">Digital Markets Act impact on core platform services and users<\/h2>\n\n\n\n<p>The Digital Markets Act (DMA) directly affects the gatekeepers\u2019 core platform services, which include the digital tools and environments people use every day \u2014 from search engines and browsers to messaging apps and social networks.&nbsp;<\/p>\n\n\n\n<p>These changes influence how platforms collect and use data, how they treat competitors, how users experience online services, and how the services themselves will evolve. The regulation emphasizes transparency, consent, interoperability, and fair competition, reshaping the relationship between platforms and their users.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-dma-and-social-media-platforms-tiktok-facebook-instagram-linkedin\">DMA and social media platforms: TikTok, Facebook, Instagram, LinkedIn<\/h3>\n\n\n\n<p>Social media companies rely heavily on personal data to target advertising and personalize content. Under the DMA, they must adopt clearer consent processes and limit how data is shared across services.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Platforms must obtain explicit, informed consent before processing data for advertising.<\/li>\n\n\n\n<li>Users can decline or withdraw consent without losing access to core functionality.<\/li>\n\n\n\n<li>Gatekeepers cannot freely combine data from multiple platforms they own, e.g., Facebook, Instagram, and WhatsApp from Meta, without explicit user consent.<\/li>\n\n\n\n<li>Data portability enables users to move their data to competing platforms.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-dma-and-search-google-search\">DMA and search: Google Search<\/h3>\n\n\n\n<p>As the only search engine currently designated a core platform service, Google faces strict new obligations:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Search results may no longer prioritize Google\u2019s own services over competitors\u2019 (\u201cno self-preferencing\u201d).<\/li>\n\n\n\n<li>Users can more easily switch to competing search engines.<\/li>\n\n\n\n<li>Data portability helps ensure that search history and preferences can be transferred to alternatives such as Bing or DuckDuckGo.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-dma-and-advertising-google-microsoft-amazon-and-meta\">DMA and advertising: Google, Microsoft, Amazon, and Meta<\/h3>\n\n\n\n<p>Digital advertising is central to gatekeepers\u2019 \u2014 and their customers\u2019 \u2014 revenue, and the DMA raises the bar for transparency and consent requirements:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Explicit user consent is required before personal data can be processed for advertising or profiling.<\/li>\n\n\n\n<li>Pre-ticked boxes or inactivity can no longer count as consent.<\/li>\n\n\n\n<li>Platforms must be transparent about how advertising data is used and provide easy-to-understand policies.<\/li>\n\n\n\n<li>Sharing personal data across services for ad targeting requires clear opt-in consent.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-dma-and-web-browsers-chrome-and-safari\">DMA and web browsers: Chrome and Safari<\/h3>\n\n\n\n<p>Browsers are many people\u2019s main gateways to the internet, and the DMA introduces obligations to ensure user privacy, improved user experience, and better competition.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Users must be informed and give consent before personal data such as browsing history or autofill information is collected.<\/li>\n\n\n\n<li>Browsers must ensure fair treatment of websites and services, avoiding preferential treatment.<\/li>\n\n\n\n<li>Interoperability requirements may mean more support for third-party plugins and extensions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-dma-and-operating-systems-google-android-ios-windows-pc-os\">DMA and operating systems: Google Android, iOS, Windows PC OS<\/h3>\n\n\n\n<p>Operating systems are under scrutiny because of their control over browsers, app ecosystems, and default settings.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Gatekeepers must allow the installation of third-party app stores, increasing consumer choice and developer opportunities.<\/li>\n\n\n\n<li>Users should be able to uninstall pre-installed apps and change default settings more easily.<\/li>\n\n\n\n<li>Choice screens must let users select preferred apps (e.g., maps or browsers) during setup, reducing lock-in.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-dma-and-messaging-services-whatsapp-and-facebook-messenger\">DMA and messaging services: WhatsApp and Facebook Messenger<\/h3>\n\n\n\n<p>Messaging apps are central to user communications and will need to adapt to interoperability requirements.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Gatekeepers must enable messaging across platforms, so users of apps like Signal or Telegram can exchange messages with WhatsApp or Messenger users.<\/li>\n\n\n\n<li>Meta is already developing features like \u201cthird-party chats\u201d to meet this obligation.<\/li>\n\n\n\n<li>While this expands choice and competition, it raises concerns about the impact on end-to-end encryption and security.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-dma-compliance\">What is DMA compliance?<\/h2>\n\n\n\n<p>The Digital Markets Act (DMA) is a European Union regulation that sets out obligations for gatekeepers that have entrenched market power. These companies must follow strict rules to ensure fair competition, and those effects ripple outward to the many businesses that depend on them.&nbsp;<\/p>\n\n\n\n<p>For example, advertisers using Google Ads or developers publishing apps in Apple\u2019s App Store must follow DMA-aligned processes to keep access to those platforms.<\/p>\n\n\n\n<p>DMA compliance, therefore, means more than following the letter of the law. It encompasses adopting practices that enable transparency, interoperability, and user choice. Even small and midsize businesses need to pay attention, as their operations often intersect with gatekeeper-controlled environments.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-dma-compliance-requirements\">DMA compliance requirements<\/h2>\n\n\n\n<p>The DMA introduced a broad set of requirements, but several areas are especially relevant for businesses. These focus on how personal data can be used, how services interoperate, and how users are treated when interacting with digital platforms.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-data-privacy-and-compliant-consent\">Data privacy and compliant consent<\/h3>\n\n\n\n<p>Like the GDPR, under the DMA user consent must be obtained for collection and use of personal data in many cases. It must be freely given, specific, informed, and unambiguous, with a clear affirmative action.<\/p>\n\n\n\n<p>This affects the design and function of consent banners, as users must receive clear, easily understood information about their rights and choices, and have user-friendly ways to exercise them.&nbsp;<\/p>\n\n\n\n<p>There is added complexity of companies\u2019 needing to comply with multiple regulations, including the GDPR and country-specific consent and cookie banner requirements. This makes robust geolocation functionality in your consent management platform critical for accuracy to mitigate noncompliance risks.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" height=\"750\" width=\"770\" src=\"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2025\/10\/uc_blog_Privacy-policy-best-practices_100825.svg\" alt=\"\" class=\"wp-image-15974\"\/><\/figure>\n\n\n<div class=\"uc-notice\">\n    <div class=\"uc-notice__icon\">\n        <svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n<path d=\"M10.8177 17.0093H12.8177V11.0093H10.8177V17.0093ZM11.8177 9.00928C12.1011 9.00928 12.3386 8.91344 12.5302 8.72178C12.7219 8.53011 12.8177 8.29261 12.8177 8.00928C12.8177 7.72594 12.7219 7.48844 12.5302 7.29678C12.3386 7.10511 12.1011 7.00928 11.8177 7.00928C11.5344 7.00928 11.2969 7.10511 11.1052 7.29678C10.9136 7.48844 10.8177 7.72594 10.8177 8.00928C10.8177 8.29261 10.9136 8.53011 11.1052 8.72178C11.2969 8.91344 11.5344 9.00928 11.8177 9.00928ZM11.8177 22.0093C10.4344 22.0093 9.13442 21.7468 7.91775 21.2218C6.70108 20.6968 5.64275 19.9843 4.74275 19.0843C3.84275 18.1843 3.13025 17.1259 2.60525 15.9093C2.08025 14.6926 1.81775 13.3926 1.81775 12.0093C1.81775 10.6259 2.08025 9.32594 2.60525 8.10928C3.13025 6.89261 3.84275 5.83428 4.74275 4.93428C5.64275 4.03428 6.70108 3.32178 7.91775 2.79678C9.13442 2.27178 10.4344 2.00928 11.8177 2.00928C13.2011 2.00928 14.5011 2.27178 15.7177 2.79678C16.9344 3.32178 17.9928 4.03428 18.8927 4.93428C19.7927 5.83428 20.5052 6.89261 21.0302 8.10928C21.5552 9.32594 21.8177 10.6259 21.8177 12.0093C21.8177 13.3926 21.5552 14.6926 21.0302 15.9093C20.5052 17.1259 19.7927 18.1843 18.8927 19.0843C17.9928 19.9843 16.9344 20.6968 15.7177 21.2218C14.5011 21.7468 13.2011 22.0093 11.8177 22.0093Z\" fill=\"black\"\/>\n<\/svg>\n    <\/div>\n    <div class=\"uc-notice__content\">\n                <p><b>From compliance to conversions:<\/b> <a href=\"https:\/\/usercentrics.com\/knowledge-hub\/cookie-banner-best-practice\/\"><span style=\"font-weight: 400;\">Best practices for cookie banners<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n            <\/div>\n<\/div>\n\n\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-designing-compliant-consent-flows\">Designing compliant consent flows<\/h4>\n\n\n\n<p>Effective consent flows under the DMA should be transparent, simple, and respectful of user choices. They need to reflect the variety of purposes and choices users now have, and must present options in a clear way, avoid manipulative <a href=\"https:\/\/usercentrics.com\/knowledge-hub\/dark-patterns-and-how-they-affect-consent\/\">dark patterns<\/a>, and enable granular decision-making across different purposes.&nbsp;<\/p>\n\n\n\n<p>Declining consent should not block access to a core platform service. Companies that implement thoughtful, user-friendly consent processes can differentiate themselves by showing commitment to privacy and seamless user experience.<\/p>\n\n\n\n<p>Companies also need to be able to provide proof of consent to gatekeepers to retain access to critical platforms. This is where your CMP needs integration with tools like <a href=\"https:\/\/usercentrics.com\/usercentrics-cmp-and-google-consent-mode-v2\/\">Google Consent Mode<\/a>, <a href=\"https:\/\/usercentrics.com\/usercentrics-cmp-and-microsoft-consent-mode\/\">Microsoft UET Consent Mode<\/a>, and Amazon Consent Signal to signal consent choices to those companies\u2019 services to control their function.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-restrictions-on-combining-data-for-profiling\">Restrictions on combining data for profiling<\/h3>\n\n\n\n<p>The Digital Markets Act has stringent requirements when it comes to combining user data across the different platforms gatekeepers operate and between platforms owned by a gatekeeper and third-party platforms.<\/p>\n\n\n\n<p><a href=\"https:\/\/ec.europa.eu\/competition\/digital_markets_act\/cases\/202417\/DMA_100055_135.pdf\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Art. 5 (2) DMA<\/a> specifically states that unless end users have been presented with a specific choice and provided GDPR-compliant consent, gatekeepers cannot:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Process the personal data of end users who are using third-party services that use gatekeepers\u2019 core platform services for the purpose of digital advertising<\/li>\n\n\n\n<li>Combine personal data from relevant core platform service with personal data from any further core platform services or from any other services provided by the gatekeeper or with personal data from third-party services<\/li>\n\n\n\n<li>Cross-use personal data from the relevant core platform service in other services provided separately by the gatekeeper, including other core platform services, and vice versa<\/li>\n\n\n\n<li>Sign in end users to other services of the gatekeeper in order to combine personal data<\/li>\n<\/ul>\n\n\n\n<p>The goals here are to prevent gatekeepers from gaining an unfair advantage by pooling user data from multiple sources, and to protect user privacy. Gatekeepers and third-party businesses are restricted from using data across multiple platforms to profile customers for targeted advertising.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-user-profiling-under-the-dma\">User profiling under the DMA<\/h4>\n\n\n\n<p>Profiling of minors is already prohibited under the GDPR, but the Digital Markets Act does not prohibit profiling altogether. Gatekeepers need to be transparent about how they carry out user profiling.&nbsp;<\/p>\n\n\n\n<p>They must provide audited information about what data is collected, how it\u2019s processed, for what purposes, how long it will be stored for profiling purposes, and what impact profiling will have on the gatekeepers\u2019 services.<\/p>\n\n\n\n<p>Gatekeepers also have to show how they\u2019re informing users about the profiling, how they\u2019re obtaining valid consent, and provide users with the option of denying or withdrawing consent \u2014 for profiling, but also for data collection broadly. Users who decline or withdraw consent can\u2019t have their data used for profiling.<\/p>\n\n\n<div class=\"uc-notice\">\n    <div class=\"uc-notice__icon\">\n        <svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n<path d=\"M10.8177 17.0093H12.8177V11.0093H10.8177V17.0093ZM11.8177 9.00928C12.1011 9.00928 12.3386 8.91344 12.5302 8.72178C12.7219 8.53011 12.8177 8.29261 12.8177 8.00928C12.8177 7.72594 12.7219 7.48844 12.5302 7.29678C12.3386 7.10511 12.1011 7.00928 11.8177 7.00928C11.5344 7.00928 11.2969 7.10511 11.1052 7.29678C10.9136 7.48844 10.8177 7.72594 10.8177 8.00928C10.8177 8.29261 10.9136 8.53011 11.1052 8.72178C11.2969 8.91344 11.5344 9.00928 11.8177 9.00928ZM11.8177 22.0093C10.4344 22.0093 9.13442 21.7468 7.91775 21.2218C6.70108 20.6968 5.64275 19.9843 4.74275 19.0843C3.84275 18.1843 3.13025 17.1259 2.60525 15.9093C2.08025 14.6926 1.81775 13.3926 1.81775 12.0093C1.81775 10.6259 2.08025 9.32594 2.60525 8.10928C3.13025 6.89261 3.84275 5.83428 4.74275 4.93428C5.64275 4.03428 6.70108 3.32178 7.91775 2.79678C9.13442 2.27178 10.4344 2.00928 11.8177 2.00928C13.2011 2.00928 14.5011 2.27178 15.7177 2.79678C16.9344 3.32178 17.9928 4.03428 18.8927 4.93428C19.7927 5.83428 20.5052 6.89261 21.0302 8.10928C21.5552 9.32594 21.8177 10.6259 21.8177 12.0093C21.8177 13.3926 21.5552 14.6926 21.0302 15.9093C20.5052 17.1259 19.7927 18.1843 18.8927 19.0843C17.9928 19.9843 16.9344 20.6968 15.7177 21.2218C14.5011 21.7468 13.2011 22.0093 11.8177 22.0093Z\" fill=\"black\"\/>\n<\/svg>\n    <\/div>\n    <div class=\"uc-notice__content\">\n                <p><b>Learn more: <\/b><span style=\"font-weight: 400;\">Get our guide on the <\/span><a href=\"https:\/\/usercentrics.com\/guides\/future-of-data-in-marketing\/\"><span style=\"font-weight: 400;\">future of data in marketing<\/span><\/a><span style=\"font-weight: 400;\">. Harness first-party data and advanced measurement tools to drive results while protecting your business.<\/span><\/p>\n            <\/div>\n<\/div>\n\n\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-prohibition-on-self-preferencing\">Prohibition on self-preferencing<\/h3>\n\n\n\n<p>Gatekeepers cannot self-preference their own products in rankings, and must enable users to easily uninstall pre-installed apps or switch to alternative services. Businesses interacting with these platforms must be aware of these obligations, because they will shape the technical and commercial relationships they rely on.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-impact-on-user-experience\">Impact on user experience<\/h3>\n\n\n\n<p>One of the most visible outcomes of the DMA is its influence on how individuals can interact with digital services. Consent requirements are one, but requirements like data portability, interoperability, and prohibitions on self-preferencing also directly impact users.<\/p>\n\n\n\n<p>People can source apps from outside the dominant app stores. They can delete pre-installed apps they don\u2019t want. And they can exercise competitive choice by more easily moving to new providers while taking their data with them.&nbsp;<\/p>\n\n\n\n<p>Companies have strong incentives not only to comply with privacy best practices, but to push for innovation in products and services and exceptional customer service to attract and retain customers in this more competitive landscape.<\/p>\n\n\n<div id=\"uc-cta_69dcfba7c1aac\" class=\"uc-cta uc-cta--button uc-cta--size-7 uc-cta--primary uc-ctx--blue\">\n    <div class=\"uc-cta__inner container\">\n        <div class=\"uc-cta__content\">\n                                        <div class=\"uc-cta__heading no-default-margin\">Accelerate your growth while protecting your business<\/div>\n                                        <div class=\"uc-cta__description\">\n                    <p><span style=\"font-weight: 400;\">Businesses face privacy demands from all sides \u2014\u00a0regulations, partners, and customers. Enhance digital strategy, maintain compliance, and build trust with Privacy-Led Marketing.<\/span><\/p>\n                <\/div>\n                                                                    <\/div>\n                            <div class=\"uc-cta__section\">\n                                        <a id=\"0729c0d1-29f6-4761-b2de-9b9186dfc220\" class=\"uc-button uc-button-size-m uc-button-contained  no-default-link-decoration\" href=\"https:\/\/usercentrics.com\/guides\/privacy-led-marketing\/\" target=\"\"><span>Explore the guide<\/span><\/a>                                    <\/div>\n            <\/div>\n<\/div>\n    <script type=\"module\">\n        new Uc_Cta(document.getElementById(\"uc-cta_69dcfba7c1aac\"));\n    <\/script>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-technical-compliance-apis-and-cms-integration\">Technical compliance: APIs and CMS integration<\/h2>\n\n\n\n<p>Meeting DMA requirements is not only a legal exercise; it also presents technical challenges. Gatekeepers must provide interoperability through APIs, and companies need to be prepared to use them. This affects how data is shared, how consent is transmitted, and how businesses integrate with gatekeeper services.<\/p>\n\n\n\n<p>APIs are essential for ensuring that user data can be accessed or ported in a user-friendly way. Similarly, CMS platforms must work seamlessly with consent management tools to ensure that consent signals are properly captured, stored, and transmitted.&nbsp;<\/p>\n\n\n\n<p>For developers, this means paying attention to security, scalability, and the evolving requirements set by both gatekeepers and regulators.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-key-features-of-usercentrics-consent-management-api\">Key features of Usercentrics Consent Management API<\/h3>\n\n\n\n<p>Here are just some of the integrated Usercentrics API product features:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Automated website scan of cookies and trackers, with classifications that website owners can control<\/li>\n\n\n\n<li>Automatic blocking of cookies and trackers until consent is obtained<\/li>\n\n\n\n<li>Automated cookie declaration, widget, and legal text setup and maintenance<\/li>\n\n\n\n<li>Customizable banner template for appearance, text, languages, and geolocation<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-usercentrics-consent-management-api-benefits-for-developers\">Usercentrics Consent Management API benefits for developers<\/h3>\n\n\n\n<p>Platforms that use the Consent Management API have a competitive advantage and deliver benefits to developers and their customers. Make it easy to achieve and maintain privacy compliance.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Robust APIs and documentation make it easy to integrate with popular CMS and other platforms<\/li>\n\n\n\n<li>Pre-built, customizable consent banner templates and popups that website owners can easily add to their sites without coding<\/li>\n\n\n\n<li>Display banners based on user location, language, or website content to obtain legally compliant consent according to applicable data privacy laws around the world<\/li>\n\n\n\n<li>API infrastructure can be implemented at scale, accommodating tens of thousands of websites and handling large numbers of consent banners efficiently and securely<\/li>\n\n\n\n<li>Competitive pricing that\u2019s designed to scale with your business, so you can increase average order value, upsell to existing customers, and activate legacy customers<\/li>\n\n\n\n<li>Increase customer loyalty and reduce churn with a more comprehensive solution that includes data privacy compliance<\/li>\n\n\n\n<li>Build a privacy-first reputation to differentiate yourself from competitors and stand out as a platform that is committed to flexible, scalable, user-friendly data privacy<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-interoperability-data-protection-and-google-services\">Interoperability, data protection, and Google services<\/h3>\n\n\n\n<p>Alphabet, Google\u2019s parent company and one of the designated gatekeepers under the DMA, has implemented various measures to comply with the DMA\u2019s requirements. More changes are likely to come as Google remains somewhat at odds with the European Commission.<\/p>\n\n\n\n<p>Some of these measures are related to interoperability and data protection and impact both EU and UK consumers and businesses.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-google-dma-changes-for-consumers\">Google DMA changes for consumers<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Web browsing: <\/strong>Users will see a choice screen enabling them to choose their default browser and default search engine on Android. Non-Android users will receive only the default search engine choice screen.<\/li>\n\n\n\n<li><strong>Third-party apps and app stores:<\/strong> It\u2019s easier for users to understand how third-party apps and app stores collect, handle, and share their personal data. Developers have a more transparent way to share this information, including adding a clear link to the app\u2019s privacy policy, helping users make informed choices about granting access to permissions.<\/li>\n\n\n\n<li><strong>Data portability: <\/strong>Users can share a copy of their data from Chrome, Google Maps, Play Store, Google Search, Google Shopping, and YouTube with third-party apps and services.<\/li>\n\n\n\n<li><strong>Data sharing and additional consents:<\/strong> Users can select which Google services they\u2019d like to link which can share data between them.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-google-dma-changes-for-businesses\">Google DMA changes for businesses<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Third-party apps and app stores: <\/strong>Several improvements for third-party apps and app stores in Android 14, including app updates that trigger only when the app is not in use.<\/li>\n\n\n\n<li><strong>Billing options:<\/strong> Businesses can offer their own billing system for users to complete in-app purchases alongside, or instead of, purchases made through the Play Store.<\/li>\n\n\n\n<li><strong>Communication outside the app: <\/strong>Developers of apps distributed on the Play Store can lead users away from their app to promote offers.<\/li>\n\n\n\n<li><strong>Google-certified CMP for advertising:<\/strong> Publishers and advertisers must use a Google-certified consent management platform to continue serving ads to EU and UK users to enable GDPR\/UK GDPR compliance. This step also promotes the DMA\u2019s transparency and data protection objectives.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-consent-management-platforms-and-dma-compliance\">Consent management platforms and DMA compliance<\/h3>\n\n\n\n<p>CMPs play a crucial role in enabling companies to comply with the DMA and gatekeepers\u2019 policies as they evolve.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An organized way to <strong>obtain, manage, document, and signal user consent<\/strong> across digital platforms<\/li>\n\n\n\n<li>Designed to <strong>quickly adapt to regulatory and policy changes with automated updates<\/strong> to support ongoing compliance and mitigating risks as laws, technologies, and operations change<\/li>\n\n\n\n<li>Support <strong>transparency and accountability for data processing activities<\/strong> by recording consents and updates to preferences over time, and providing a clear audit trail for how user data is being handled<\/li>\n\n\n\n<li><strong>Default integration of Google Consent Mode v2<\/strong>, like in Usercentrics CMP, enables websites to adjust the operation of Google services based on user consent, respecting privacy choices without compromising collection of essential data analytics<\/li>\n\n\n\n<li>Google-certified CMPs, like Usercentrics CMP, enable websites and apps to<strong> meet the requirements of IAB Europe\u2019s Transparency &amp; Consent Framework (IAB TCF v2.2<\/strong>), a standardized approach for managing user consent across the advertising ecosystem<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-by-step-cmp-dma-compliance-checklist\">Step-by-step CMP DMA compliance checklist<\/h2>\n\n\n\n<p>Many companies that rely on gatekeeper platforms in the EU, EEA, and UK must meet DMA requirements. If you already comply with GDPR, you are partly prepared, but additional steps are often necessary. This checklist outlines a streamlined path to ongoing compliance.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-step-1-implement-a-consent-management-platform-cmp\">Step 1: Implement a consent management platform (CMP)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use a CMP to collect, store, and signal valid user consent.<\/li>\n\n\n\n<li>Provide clear information about what data is collected, why, and who can access it.<\/li>\n\n\n\n<li>Customize consent flows and privacy notices to align with regulatory requirements.<\/li>\n\n\n\n<li>Integrate with your CMS, apps, and advertising tools.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-step-2-customize-your-consent-banner-s\">Step 2: Customize your consent banner(s)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Match the banner design with your website\u2019s branding to promote trustworthiness and consistent user experience.<\/li>\n\n\n\n<li>Use clear language to explain purposes of cookies and data use, ideally with geolocation support to display information in relevant local languages.<\/li>\n\n\n\n<li>Scan for and specify categories of cookies and their functions.<\/li>\n\n\n\n<li>Activate Google Consent Mode \u2014 enabled by default in Usercentrics CMP \u2014 and\/or other consent signaling tools, like from Microsoft or Amazon, to meet platform requirements.<\/li>\n\n\n\n<li>Enable users to easily review and change their consent preferences at any time.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-step-3-optimize-user-experience-for-consent\">Step 3: Optimize user experience for consent<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Place banners prominently without blocking site access.<\/li>\n\n\n\n<li>Present accept\/deny options equally, avoiding dark patterns.<\/li>\n\n\n\n<li>Offer granular controls (e.g., by cookie category.)<\/li>\n\n\n\n<li>Keep the interface flexible with easily accessible settings so users can update preferences anytime.<\/li>\n\n\n\n<li>Regularly review and update your privacy policy to reflect changes in laws, business operations, or technologies in use.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-step-4-monitor-and-audit-data-operations-and-privacy-compliance\">Step 4: Monitor and audit data operations and privacy compliance<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Conduct periodic audits of data processing and consent practices.<\/li>\n\n\n\n<li>Review settings regularly to keep pace with regulatory changes.<\/li>\n\n\n\n<li>Keep secure, detailed records of user consent for proof of compliance or <a href=\"https:\/\/usercentrics.com\/knowledge-hub\/data-subject-access-requests\/\">DSARs<\/a>.<\/li>\n\n\n\n<li>Stay up to date on guidance from the European Commission and data protection authorities.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-smb-vs-enterprise-strategies-for-dma-compliance\">SMB vs. enterprise strategies for DMA compliance<\/h2>\n\n\n\n<p>Small businesses benefit from solutions that are quick to implement, like <a href=\"https:\/\/www.cookiebot.com\/en\/cookie-consent-solution\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Usercentrics Cookiebot CMP<\/a>, which provide automated compliance with minimal technical effort.&nbsp;<\/p>\n\n\n\n<p>Enterprise organizations with more complex needs can meet compliance requirements with <a href=\"https:\/\/usercentrics.com\/website-consent-management\/\">Usercentrics Web CMP<\/a>, which provides advanced integrations and in-depth analytics for multi-platform and multi-market operations. Each company\u2019s roadmap should reflect its size, resources, and regulatory risk profile, as well as its growth plans.<\/p>\n\n\n<div class=\"uc-notice\">\n    <div class=\"uc-notice__icon\">\n        <svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n<path d=\"M10.8177 17.0093H12.8177V11.0093H10.8177V17.0093ZM11.8177 9.00928C12.1011 9.00928 12.3386 8.91344 12.5302 8.72178C12.7219 8.53011 12.8177 8.29261 12.8177 8.00928C12.8177 7.72594 12.7219 7.48844 12.5302 7.29678C12.3386 7.10511 12.1011 7.00928 11.8177 7.00928C11.5344 7.00928 11.2969 7.10511 11.1052 7.29678C10.9136 7.48844 10.8177 7.72594 10.8177 8.00928C10.8177 8.29261 10.9136 8.53011 11.1052 8.72178C11.2969 8.91344 11.5344 9.00928 11.8177 9.00928ZM11.8177 22.0093C10.4344 22.0093 9.13442 21.7468 7.91775 21.2218C6.70108 20.6968 5.64275 19.9843 4.74275 19.0843C3.84275 18.1843 3.13025 17.1259 2.60525 15.9093C2.08025 14.6926 1.81775 13.3926 1.81775 12.0093C1.81775 10.6259 2.08025 9.32594 2.60525 8.10928C3.13025 6.89261 3.84275 5.83428 4.74275 4.93428C5.64275 4.03428 6.70108 3.32178 7.91775 2.79678C9.13442 2.27178 10.4344 2.00928 11.8177 2.00928C13.2011 2.00928 14.5011 2.27178 15.7177 2.79678C16.9344 3.32178 17.9928 4.03428 18.8927 4.93428C19.7927 5.83428 20.5052 6.89261 21.0302 8.10928C21.5552 9.32594 21.8177 10.6259 21.8177 12.0093C21.8177 13.3926 21.5552 14.6926 21.0302 15.9093C20.5052 17.1259 19.7927 18.1843 18.8927 19.0843C17.9928 19.9843 16.9344 20.6968 15.7177 21.2218C14.5011 21.7468 13.2011 22.0093 11.8177 22.0093Z\" fill=\"black\"\/>\n<\/svg>\n    <\/div>\n    <div class=\"uc-notice__content\">\n                <p><b>Data privacy compliance isn\u2019t just for websites and apps.<\/b><span style=\"font-weight: 400;\"> Get our guide on <\/span><a href=\"https:\/\/usercentrics.com\/us\/guides\/social-media-email-marketing-compliance\/\"><span style=\"font-weight: 400;\">social media and email marketing compliance<\/span><\/a><span style=\"font-weight: 400;\">. Learn how to protect your business, build trust, and drive sustainable growth.<\/span><\/p>\n            <\/div>\n<\/div>\n\n\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-compliance-scenarios\">Example compliance scenarios<\/h3>\n\n\n\n<p>Consider an e-commerce company that advertises with Google Ads. Under the DMA, it must use compliant consent flows that align with Google\u2019s <a href=\"https:\/\/www.google.com\/about\/company\/user-consent-policy\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">EU user consent policy<\/a> to maintain ad performance.&nbsp;<\/p>\n\n\n\n<p>Similarly, an app developer using multiple advertising networks must integrate an in-app CMP like <a href=\"https:\/\/usercentrics.com\/in-app-sdk\/\">Usercentrics App CMP<\/a> to obtain and signal consent before serving personalized ads. These scenarios illustrate that DMA compliance is not abstract \u2014 it has direct operational and commercial implications.<\/p>\n\n\n<div class=\"uc-notice\">\n    <div class=\"uc-notice__icon\">\n        <svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n<path d=\"M10.8177 17.0093H12.8177V11.0093H10.8177V17.0093ZM11.8177 9.00928C12.1011 9.00928 12.3386 8.91344 12.5302 8.72178C12.7219 8.53011 12.8177 8.29261 12.8177 8.00928C12.8177 7.72594 12.7219 7.48844 12.5302 7.29678C12.3386 7.10511 12.1011 7.00928 11.8177 7.00928C11.5344 7.00928 11.2969 7.10511 11.1052 7.29678C10.9136 7.48844 10.8177 7.72594 10.8177 8.00928C10.8177 8.29261 10.9136 8.53011 11.1052 8.72178C11.2969 8.91344 11.5344 9.00928 11.8177 9.00928ZM11.8177 22.0093C10.4344 22.0093 9.13442 21.7468 7.91775 21.2218C6.70108 20.6968 5.64275 19.9843 4.74275 19.0843C3.84275 18.1843 3.13025 17.1259 2.60525 15.9093C2.08025 14.6926 1.81775 13.3926 1.81775 12.0093C1.81775 10.6259 2.08025 9.32594 2.60525 8.10928C3.13025 6.89261 3.84275 5.83428 4.74275 4.93428C5.64275 4.03428 6.70108 3.32178 7.91775 2.79678C9.13442 2.27178 10.4344 2.00928 11.8177 2.00928C13.2011 2.00928 14.5011 2.27178 15.7177 2.79678C16.9344 3.32178 17.9928 4.03428 18.8927 4.93428C19.7927 5.83428 20.5052 6.89261 21.0302 8.10928C21.5552 9.32594 21.8177 10.6259 21.8177 12.0093C21.8177 13.3926 21.5552 14.6926 21.0302 15.9093C20.5052 17.1259 19.7927 18.1843 18.8927 19.0843C17.9928 19.9843 16.9344 20.6968 15.7177 21.2218C14.5011 21.7468 13.2011 22.0093 11.8177 22.0093Z\" fill=\"black\"\/>\n<\/svg>\n    <\/div>\n    <div class=\"uc-notice__content\">\n                <p><span style=\"font-weight: 400;\">Make smarter data-backed, privacy-led decisions with our <\/span><a href=\"https:\/\/usercentrics.com\/guides\/marketing-measurement\/\"><span style=\"font-weight: 400;\">marketing measurement guide<\/span><\/a><\/p>\n            <\/div>\n<\/div>\n\n\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-risks-of-dma-noncompliance\">Risks of DMA noncompliance<\/h2>\n\n\n\n<p>The risks of ignoring the DMA because you\u2019re not a gatekeeper are significant and extend beyond financial penalties. The European Commission can \u2014 and already has \u2014 imposed fines of up to 10 percent of global annual revenue, or 20 percent for repeat violations.&nbsp;<\/p>\n\n\n\n<p>Gatekeepers are not going to expose themselves to unnecessary noncompliance risks from their customers. Removing a small customer\u2019s access to Google Ads or Google Analytics isn\u2019t a big deal to Google, but could be a major operational or financial problem for the company that\u2019s not meeting requirements.&nbsp;<\/p>\n\n\n\n<p>Noncompliance also carries reputational risks. Consumers are increasingly aware of their data rights, and failure to respect those rights can damage trust and loyalty. For many companies, the long-term cost of losing customer confidence could exceed the cost of regulatory penalties. Potential advertisers, partners, and investors can also be scared off, affecting future growth.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-how-usercentrics-helps-with-dma-compliance\">How Usercentrics helps with DMA compliance<\/h2>\n\n\n\n<p>A flexible, scalable CMP is a vital tool for achieving and maintaining DMA compliance. Usercentrics helps businesses capture, store, and transmit valid consent signals while maintaining a user-friendly experience, whether your privacy compliance needs are for digital operations in European, American, or global markets.<\/p>\n\n\n\n<p>Whether you\u2019re an indie game developer or a Fortune 500 company, Usercentrics CMPs are <a href=\"https:\/\/usercentrics.com\/knowledge-hub\/usercentrics-cmp-maintains-google-gold-tier-cmp-partner-certification\/\">Gold Tier Google-certified CMP partners<\/a> that integrate seamlessly into your tech stack, and can be fully customized to your branding and regulatory needs. Protect your business, build trusted, long-term customer relationships, and turn privacy compliance into a competitive advantage.<\/p>\n\n\n<div id=\"uc-cta_69dcfba7c3baa\" class=\"uc-cta uc-cta--button uc-cta--size-7 uc-cta--primary uc-ctx--blue\">\n    <div class=\"uc-cta__inner container\">\n        <div class=\"uc-cta__content\">\n                                        <div class=\"uc-cta__heading no-default-margin\">Still have privacy compliance concerns?<\/div>\n                                        <div class=\"uc-cta__description\">\n                    <p><span style=\"font-weight: 400;\">Data privacy is complex and evolving. Book your free demo today \u2014 let\u2019s discuss how to protect your brand and business.<\/span><\/p>\n                <\/div>\n                                                                    <\/div>\n                            <div class=\"uc-cta__section\">\n                                        <a id=\"42176b02-1d7a-45b6-aac9-38041bb802ba\" class=\"uc-button uc-button-size-m uc-button-contained  no-default-link-decoration\" href=\"https:\/\/usercentrics.com\/us\/book-a-consultation\/\" target=\"\"><span>Book demo<\/span><\/a>                                    <\/div>\n            <\/div>\n<\/div>\n    <script type=\"module\">\n        new Uc_Cta(document.getElementById(\"uc-cta_69dcfba7c3baa\"));\n    <\/script>\n","protected":false},"excerpt":{"rendered":"<p>The Digital Markets Act (DMA) has reshaped how large online platforms \u2014 and their millions of business customers \u2014 handle privacy, transparency, and user consent. This guide explores DMA compliance requirements, its impact on user experience and privacy, technical aspects like APIs and CMS integration, risks of noncompliance, and practical steps for companies to build trust and growth.<\/p>\n","protected":false},"featured_media":7153,"template":"","meta":{"_acf_changed":false,"editor_notices":[],"footnotes":""},"tags":[44],"magazine_issue":[],"magazine_tag":[],"resource_tag":[13],"class_list":["post-417","knowledge","type-knowledge","status-publish","has-post-thumbnail","hentry","tag-dma","resource_tag-regulations"],"acf":[],"yoast_head":"<title>Digital Markets Act (DMA): DMA Compliance for Companies<\/title>\n<meta name=\"description\" content=\"Learn everything about DMA compliance, from requirements and privacy to penalties and solutions. Stay compliant by mastering DMA privacy.\" \/>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Digital Markets Act (DMA): DMA Compliance for Companies\" \/>\n<meta property=\"og:description\" content=\"Learn everything about DMA compliance, from requirements and privacy to penalties and solutions. Stay compliant by mastering DMA privacy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/\" \/>\n<meta property=\"og:site_name\" content=\"Usercentrics - US\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/usercentrics\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-14T07:41:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2024\/07\/Digital-Markets-Act-DMA-compliance-step-by-step-guide-3.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"1000\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Digital Markets Act (DMA): DMA Compliance for Companies\" \/>\n<meta name=\"twitter:description\" content=\"Learn everything about DMA compliance, from requirements and privacy to penalties and solutions. Stay compliant by mastering DMA privacy.\" \/>\n<meta name=\"twitter:site\" content=\"@usercentrics\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"19 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/digital-markets-act-dma-compliance-guide-for-companies\\\/\",\"url\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/digital-markets-act-dma-compliance-guide-for-companies\\\/\",\"name\":\"Digital Markets Act (DMA): DMA Compliance for Companies\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/digital-markets-act-dma-compliance-guide-for-companies\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/digital-markets-act-dma-compliance-guide-for-companies\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/wp-content\\\/uploads\\\/sites\\\/7\\\/2024\\\/07\\\/Digital-Markets-Act-DMA-compliance-step-by-step-guide-3.jpg\",\"datePublished\":\"2025-10-06T13:36:38+00:00\",\"dateModified\":\"2025-11-14T07:41:00+00:00\",\"description\":\"Learn everything about DMA compliance, from requirements and privacy to penalties and solutions. Stay compliant by mastering DMA privacy.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/digital-markets-act-dma-compliance-guide-for-companies\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/digital-markets-act-dma-compliance-guide-for-companies\\\/\"}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/digital-markets-act-dma-compliance-guide-for-companies\\\/#primaryimage\",\"url\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/wp-content\\\/uploads\\\/sites\\\/7\\\/2024\\\/07\\\/Digital-Markets-Act-DMA-compliance-step-by-step-guide-3.jpg\",\"contentUrl\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/wp-content\\\/uploads\\\/sites\\\/7\\\/2024\\\/07\\\/Digital-Markets-Act-DMA-compliance-step-by-step-guide-3.jpg\",\"width\":1000,\"height\":1000,\"caption\":\"Computer with DMA badge\",\"copyrightNotice\":\"\u00a9 Copyright 2026 Usercentrics GmbH\",\"creator\":{\"@type\":\"Organization\",\"name\":\"Usercentrics GmbH\"},\"creditText\":\"Image: Usercentrics GmbH\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/digital-markets-act-dma-compliance-guide-for-companies\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Resources\",\"item\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blog\",\"item\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"The Digital Markets Act (DMA): DMA compliance for companies\",\"item\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/knowledge-hub\\\/digital-markets-act-dma-compliance-guide-for-companies\\\/\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/#website\",\"url\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/\",\"name\":\"Usercentrics - US\",\"description\":\"Consent Management Platform (CMP) Usercentrics\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/?s={search_term_string}\"}}],\"inLanguage\":\"en-US\"}]}<\/script>","yoast_head_json":{"title":"Digital Markets Act (DMA): DMA Compliance for Companies","description":"Learn everything about DMA compliance, from requirements and privacy to penalties and solutions. Stay compliant by mastering DMA privacy.","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"Digital Markets Act (DMA): DMA Compliance for Companies","og_description":"Learn everything about DMA compliance, from requirements and privacy to penalties and solutions. Stay compliant by mastering DMA privacy.","og_url":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/","og_site_name":"Usercentrics - US","article_publisher":"https:\/\/www.facebook.com\/usercentrics","article_modified_time":"2025-11-14T07:41:00+00:00","og_image":[{"width":1000,"height":1000,"url":"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2024\/07\/Digital-Markets-Act-DMA-compliance-step-by-step-guide-3.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_title":"Digital Markets Act (DMA): DMA Compliance for Companies","twitter_description":"Learn everything about DMA compliance, from requirements and privacy to penalties and solutions. Stay compliant by mastering DMA privacy.","twitter_site":"@usercentrics","twitter_misc":{"Est. reading time":"19 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/","url":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/","name":"Digital Markets Act (DMA): DMA Compliance for Companies","isPartOf":{"@id":"https:\/\/usercentrics.com\/us\/#website"},"primaryImageOfPage":{"@id":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/#primaryimage"},"image":{"@id":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/#primaryimage"},"thumbnailUrl":"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2024\/07\/Digital-Markets-Act-DMA-compliance-step-by-step-guide-3.jpg","datePublished":"2025-10-06T13:36:38+00:00","dateModified":"2025-11-14T07:41:00+00:00","description":"Learn everything about DMA compliance, from requirements and privacy to penalties and solutions. Stay compliant by mastering DMA privacy.","breadcrumb":{"@id":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/"}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/#primaryimage","url":"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2024\/07\/Digital-Markets-Act-DMA-compliance-step-by-step-guide-3.jpg","contentUrl":"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2024\/07\/Digital-Markets-Act-DMA-compliance-step-by-step-guide-3.jpg","width":1000,"height":1000,"caption":"Computer with DMA badge","copyrightNotice":"\u00a9 Copyright 2026 Usercentrics GmbH","creator":{"@type":"Organization","name":"Usercentrics GmbH"},"creditText":"Image: Usercentrics GmbH"},{"@type":"BreadcrumbList","@id":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Resources","item":"https:\/\/usercentrics.com\/us\/resources\/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https:\/\/usercentrics.com\/us\/knowledge-hub\/"},{"@type":"ListItem","position":3,"name":"The Digital Markets Act (DMA): DMA compliance for companies","item":"https:\/\/usercentrics.com\/us\/knowledge-hub\/digital-markets-act-dma-compliance-guide-for-companies\/"}]},{"@type":"WebSite","@id":"https:\/\/usercentrics.com\/us\/#website","url":"https:\/\/usercentrics.com\/us\/","name":"Usercentrics - US","description":"Consent Management Platform (CMP) Usercentrics","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/usercentrics.com\/us\/?s={search_term_string}"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/knowledge\/417","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/knowledge"}],"about":[{"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/types\/knowledge"}],"version-history":[{"count":0,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/knowledge\/417\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/media\/7153"}],"wp:attachment":[{"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/media?parent=417"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/tags?post=417"},{"taxonomy":"magazine_issue","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/magazine_issue?post=417"},{"taxonomy":"magazine_tag","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/magazine_tag?post=417"},{"taxonomy":"resource_tag","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/resource_tag?post=417"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}