Submit privacy details to Apple App Store
Apple wants to help users understand an app’s privacy practice before they download it. To achieve this, every app product page in the App Store lists what data types the app collects and whether that data links to individual users or tracks them in so-called nutrition labels.
When your developer submits an app to App Store Connect, they need to answer Apple’s app privacy questions. This includes describing the practices of third-party partners, such as Adjust, whose SDK code is integrated into your app.
From the 1st of May 2024, Apple requires the following additional details to approve your app’s submission if it uses commonly used third-party SDKs:
- Required reasons for each listed API.
- Privacy manifests.
- Valid signatures when the SDK is added as a binary dependency.
Adjust is not on Apple’s list of third-party SDKs. However, Adjust’s SDK accesses some of the listed APIs and collects data points that require declaration. The Adjust SDK includes all the listed requirements in v4.38.0 and above. This guide will help you understand Apple’s requirements as they relate to the Adjust SDK.
When you are submitting your app to the App Store Connect you need to:
- Ensure that any third-party SDKs your app uses include privacy manifest files, or update your app's privacy manifest to include details about the third-party SDK's data usage.
- Declare which sensitive data points your app collects (nutrition labels will be applied based on this).
- Declare your reasons for accessing certain APIs if your app uses them.
- List all Tracking domains.
- Ensure any third-party SDKs you use are signed.
What is the Privacy manifest?
iOS 17 introduced privacy manifests, a mechanism that informs the App Store of your app's privacy requirements. It includes the following details:
- Information on whether data is used for tracking purposes.
- Domains used for tracking purposes.
- Required reasons for each listed sensitive API if used.
- A list of privacy nutrition labels used by the app.
There are two levels of privacy manifest: app-level and SDK-level (individual files of third-party SDKs). If a third-party SDK doesn’t contain a privacy manifest file, the app developer needs to update the app-level privacy manifest to include the details of the third-party SDKs.
The Adjust SDK contains a privacy manifest file that includes the details listed above. The Adjust SDK's privacy manifest will be listed alongside your app's manifest to give a full overview of your app's privacy requirements. When your developer submits a build, the App Store reads the combined manifest. You still need to add the nutrition labels on Apple’s submission interface. The report generated by the privacy manifest will help you to be more efficient in this task.
Before you begin
Here's what you need to know before getting started:
- You need to have integrated Adjust SDK v4.38.0 or above. This version includes the required privacy manifest files.
- You are responsible for keeping your responses accurate and updated in App Store Connect.
- You need to identify all possible data collections and uses - not just by the Adjust SDK but also by you and other third parties. This may include data collected and used only in limited situations, including what is not outlined here.
Your answers should follow the App Store Review Guidelines and any applicable laws.
1. Data collection by Adjust’s SDK
Adjust’s SDK is configurable both in the data it sends you and how you use that data. You can decide what app data Adjust accesses based on how you configure and implement the Adjust SDK into your app. Although the SDK collects some data by default, you can always block or limit sending that data to Adjust or send additional details that would fall into the categories required to declare by Apple.
For example: The Adjust SDK does NOT collect “Contact Info” by default. But if your app collects email addresses
and sends that data to Adjust via custom parameters, then it means that Adjust collects “Contact Info” for your app.
The following table lists the data that Adjust collects by default. Make sure to compare this to your specific configuration of Adjust’s SDK and your data collection practices.
The Adjust SDK can only access a device's IDFA if the user consents to the ATT prompt. The Adjust SDK doesn't require ATT consent to collect the device's IDFV. See Apple's User Privacy and Data Use documentation for more information.
Data types | Data collected by Adjust? |
---|---|
Contact Info
| No |
Health and Fitness
| No |
Financial Info
| No |
Location Info
| No |
Sensitive Info | No |
Contacts | No |
User Content
| No |
Browsing History | No |
Search History | No |
Identifiers
| Yes, Adjust collects Device ID data such as the IDFA and IDFV on your behalf for measurement purposes, in accordance to Apple’s guidelines. |
Purchases
| Optional - Adjust can collect this data on your behalf if you configure it. |
Usage Data
|
|
Diagnostics
| No |
Other Data
| Yes, Adjust collects this data on your behalf. For example: Device metadata, such as OS version and Adjust SDK version. |
1.1 Data used by Adjust
This table lists the purposes for which Adjust uses data.
Purpose | Adjust use |
---|---|
Third-Party Advertising | Optional - Adjust can share data with entities who display third-party ads in your app if you configure the integration. This value is set to "Yes" in Adjust's Privacy manifest as Adjust anticipates most clients will configure this setting. |
Developer’s Advertising | Optional - Adjust can share data with you or other entities who display first-party ads in your app if you configure the integration. |
Analytics | Yes |
Product Personalization | Optional - Adjust can share data with you that is used for product personalization, if you choose to export the relevant data. |
App Functionality | No |
Other Purposes | No |
1.2 Data linked to the user
Adjust collects and stores device identifiers in accordance with Apple’s policies. Adjust uses hashed identifiers to organize analytics data. Some features of Adjust (like Audience Builder) require collecting and storing the IDFA in the unhashed form.
When permitted by Apple’s guidelines, Adjust can give you the ability to associate the data it collects with an Advertising ID or other device identifiers. Any associations you make with Adjust data to unique user identifiers, such as user ID or account ID, are unique to your practice and are at your own discretion.
2. Required reasons APIs
Apple has outlined a set of APIs requiring justification for their utilization. Apps and SDKs employing these APIs are expected to explain their use in the “Required Reason API” section of the Privacy Manifest. These APIs are categorized based on their functions and the data they access, aligning with Apple's specified topics. The following APIs from the Adjust SDK are covered in the Adjust SDK’s privacy manifest:
API | Reason | Elaboration |
---|---|---|
NSPrivacyAccessedAPICategoryFileTimestamp | C617.1 | NSFileCreationDate and NSFileModificationDate APIs are used to determine the app installation date. |
User defaults APIs NSPrivacyAccessedAPICategoryUserDefaults | CA92.1 | The SDK retains necessary data for its functioning, such as maintaining the number of times the app has been opened. |
3. Tracking Domains
Apple will block any declared tracking domains if the user doesn’t provide consent via ATT framework. The Adjust SDK checks whether the user has consented via the ATT framework before making a request. If the user has consented, it sends the request to a tracking domain. If not, the SDK omits data points that require user consent and sends the request to a separate domain. The tracking domains Adjust uses are specified in the Adjust SDK’s privacy manifest file.
4. SDK Signing
Apple’s compliance requires third-party SDKs to be signed. SDK signing is a method app developers use to ensure the authenticity and integrity of third-party SDKs, such as Adjust, by confirming they are unaltered and officially validated versions.
The Adjust SDK contains the required signatures.
5. Set up your app
If you use the latest Adjust SDK, the privacy manifest is bundled with the SDK by default.
You can’t amend the Adjust privacy manifest. However, you might need to make changes at your app-level privacy manifest if any of the following apply:
- Your app’s data collection scope is outside of the basic Adjust functions or you configured the Adjust SDK to collect any of the data points specified in Apple’s policies.
- You are sending sensitive data to other tracking domains for other purposes.
- You are accessing other required reason APIs in your app.
Don’t add Adjust tracking domains to your app-level privacy manifest file even if you added additional data points and/or other details. These domains are already specified in the SDK-level privacy manifest file. If you are using any other tracking domains you should specify them at your app's level privacy manifest.
Once you receive the privacy manifest report, ensure it is accurate and apply correct nutrition labels on the submission interface.