diff --git a/config/api_acl.yaml b/config/api_acl.yaml
index b677f99d..c3834bf9 100644
--- a/config/api_acl.yaml
+++ b/config/api_acl.yaml
@@ -18,6 +18,8 @@ access_keys:
           label: Cancel
         - id: warranty.delete
           label: Delete
+        - id: warranty.set.privacypolicy
+          label: Set Privacy Policy
     - id: batterybrand
       label: Battery Brand Access
       acls:
diff --git a/config/routes/api.yaml b/config/routes/api.yaml
index f55b0d83..1cf3b829 100644
--- a/config/routes/api.yaml
+++ b/config/routes/api.yaml
@@ -149,3 +149,8 @@ api_partner_review:
     path: /api/partners/{pid}/review
     controller: App\Controller\APIController:reviewPartner
     methods: [POST]
+
+api_warranty_privacy_policy:
+    path: /api/warranty/{wid}/privacy_policy
+    controller: App\Controller\APIController::setPrivacyPolicy
+    methods: [POST]
diff --git a/src/Controller/APIController.php b/src/Controller/APIController.php
index fcd49749..2ef7f3cb 100644
--- a/src/Controller/APIController.php
+++ b/src/Controller/APIController.php
@@ -81,7 +81,8 @@ class APIController extends Controller
             else if ($req->getMethod() == 'POST')
             {
                 $check = $req->request->get($param);
-                if (empty($check))
+                //if (empty($check))
+                if (!isset($check))
                     $missing[] = $param;
             }
             else
@@ -2182,4 +2183,55 @@ class APIController extends Controller
 
         return $res->getReturnResponse();
     }
+
+    public function setPrivacyPolicy($wid, Request $req, EntityManagerInterface $em)
+    {
+        $required_params = [
+            'privacy_policy_id',
+        ];
+
+        error_log($req->request->get('privacy_policy_id'));
+
+        $res = $this->checkParamsAndKey($req, $em, $required_params);
+        if ($res->isError())
+            return $res->getReturnResponse();
+
+        $policy_id = $req->request->get('privacy_policy_id');
+
+        // check if warranty exists
+        $warranty = $em->getRepository(Warranty::class)->find($wid);
+        if ($warranty == null)
+        {
+            $res->setError(true)
+                ->setErrorMessage('No warranty found.');
+            return $res->getReturnResponse();
+        }
+
+        if ($policy_id == 0)
+        {
+            $warranty->setPrivacyPolicy(null);
+        }
+        else
+        {
+            // find the privacy policy
+            $privacy_policy = $em->getRepository(PrivacyPolicy::class)->find($policy_id);
+            if ($privacy_policy == null)
+            {
+                $res->setError(true)
+                    ->setErrorMessage('No privacy policy found.');
+                return $res->getReturnResponse();
+            }
+
+            $warranty->setPrivacyPolicy($privacy_policy);
+        }
+
+        // save to db
+        $em->persist($warranty);
+        $em->flush();
+
+        $data = [];
+        $res->setData($data);
+
+        return $res->getReturnResponse();
+    }
 }
diff --git a/src/Entity/Warranty.php b/src/Entity/Warranty.php
index 49fa7f30..c65286ef 100644
--- a/src/Entity/Warranty.php
+++ b/src/Entity/Warranty.php
@@ -382,7 +382,7 @@ class Warranty
         return true;
     }
 
-    public function setPrivacyPolicy(PrivacyPolicy $privacy_policy)
+    public function setPrivacyPolicy($privacy_policy)
     {
         $this->privacy_policy = $privacy_policy;
         return $this;