diff --git a/catalyst/api-bundle/Command/TestAPICommand.php b/catalyst/api-bundle/Command/TestAPICommand.php
index ee0b8992..f76a8285 100644
--- a/catalyst/api-bundle/Command/TestAPICommand.php
+++ b/catalyst/api-bundle/Command/TestAPICommand.php
@@ -80,6 +80,14 @@ class TestAPICommand extends Command
         ];
         $api->post('/capi/warranties/'. $id, $params);
 
+        // warranty set privacy policy
+        $id = 86811;
+        $policy_id = 2;
+        $params = [
+            'privacy_policy_id' => $policy_id,
+        ];
+        $api->post('/capi/warranties/' . $id .'/privacypolicy', $params);
+
         // warranty claim
         $id = 86811;
         $serial = 'AJ34LJADR12134LKJL5';
diff --git a/catalyst/api-bundle/Controller/APIController.php b/catalyst/api-bundle/Controller/APIController.php
index 7f359680..74c63d3c 100644
--- a/catalyst/api-bundle/Controller/APIController.php
+++ b/catalyst/api-bundle/Controller/APIController.php
@@ -24,7 +24,8 @@ abstract class APIController extends Controller
             else
             {
                 $check = $req->request->get($param);
-                if (empty($check))
+                //if (empty($check))
+                if (!isset($check))
                     $missing[] = $param;
             }
         }
diff --git a/config/routes/capi.yaml b/config/routes/capi.yaml
index d99fb182..67509914 100644
--- a/config/routes/capi.yaml
+++ b/config/routes/capi.yaml
@@ -102,6 +102,12 @@ capi_warranty_delete:
     controller: App\Controller\CAPI\WarrantyController::delete
     methods: [POST]
 
+# set privacy policy of warranty
+capi_warranty_privacy_policy:
+    path: /capi/warranties/{id}/privacypolicy
+    controller: App\Controller\CAPI\WarrantyController::setPrivacyPolicy
+    methods: [POST]
+
 # customer vehicle api
 
 # find customer vehicle by id 
diff --git a/src/Controller/APIController.php b/src/Controller/APIController.php
index fcd49749..075879bb 100644
--- a/src/Controller/APIController.php
+++ b/src/Controller/APIController.php
@@ -49,7 +49,7 @@ use App\Entity\PrivacyPolicy;
 use DateTime;
 use Exception;
 
-
+// mobile API
 class APIController extends Controller
 {
     protected $session;
diff --git a/src/Controller/CAPI/WarrantyController.php b/src/Controller/CAPI/WarrantyController.php
index 710ea886..d76afffc 100644
--- a/src/Controller/CAPI/WarrantyController.php
+++ b/src/Controller/CAPI/WarrantyController.php
@@ -16,6 +16,7 @@ use App\Entity\BatterySize;
 use App\Entity\SAPBattery;
 use App\Entity\SAPBatterySize;
 use App\Entity\SAPBatteryBrand;
+use App\Entity\PrivacyPolicy;
 
 use App\Ramcar\NameValue;
 use App\Ramcar\WarrantyClass;
@@ -24,6 +25,7 @@ use DateTime;
 
 use Catalyst\APIBundle\Access\Generator as ACLGenerator;
 
+// third party API
 class WarrantyController extends APIController
 {
     protected $acl_gen;
@@ -445,4 +447,50 @@ class WarrantyController extends APIController
 
         return new APIResponse(true, 'Warranty deleted successfully.');
     }
+
+    public function setPrivacyPolicy(Request $req, EntityManagerInterface $em, $id)
+    {
+        $this->denyAccessUnlessGranted('warranty.set.privacypolicy', null, 'No access.');
+
+        // find warranty
+        $warr = $em->getRepository(Warranty::class)->find($id);
+        if ($warr == null)
+        {
+            return new APIResponse(false, 'No warranty found with that id.', null, 404);
+        }
+
+        $params = [
+            'privacy_policy_id',
+        ];
+
+        $msg = $this->checkRequiredParameters($req, $params);
+        error_log('msg - ' . $msg);
+        if ($msg)
+            return new APIResponse(false, $msg);
+
+        $privacy_policy_id = $req->request->get('privacy_policy_id');
+
+        if ($privacy_policy_id == 0)
+        {
+            $warr->setPrivacyPolicy(null);
+        }
+        else
+        {
+            // find privacy policy
+            $privacy_policy = $em->getRepository(PrivacyPolicy::class)->find($privacy_policy_id);
+            if ($privacy_policy == null)
+            {
+                return new APIResponse(false, 'No privacy policy found with that id.', null, 404);
+            }
+
+            // set privacy policy of warranty
+            $warr->setPrivacyPolicy($privacy_policy);
+        }
+
+        $em->persist($warr);
+        $em->flush();
+
+        return new APIResponse(true, 'Privacy policy for warranty set successfully.');
+
+    }
 }
diff --git a/src/Entity/PrivacyPolicy.php b/src/Entity/PrivacyPolicy.php
index b59ee551..c3fbcb55 100644
--- a/src/Entity/PrivacyPolicy.php
+++ b/src/Entity/PrivacyPolicy.php
@@ -48,6 +48,16 @@ class PrivacyPolicy
      */
     protected $cust_promo;
 
+    /**
+     * @ORM\OneToMany(targetEntity="Warranty", mappedBy="privacy_policy")
+     */
+    protected $warranties;
+
+    public function __construct()
+    {
+        $this->warranties = new ArrayCollection();
+    }
+
     public function getID()
     {
         return $this->id;
@@ -108,9 +118,15 @@ class PrivacyPolicy
         return $this->cust_promo;
     }
 
+    public function addWarranty(Warranty $warranty)
+    {
+        $this->warranties[] = $warranty;
+        return $this;
+    }
 
-
-
-
+    public function getWarrantiess()
+    {
+        return $this->warranties;
+    }
 }