Table of Contents
Q: Can I gate performance on agreeing to permit monitoring, or incentivize customers to agree to permit monitoring within the app monitoring transparency immediate?
A: No, per the App Store Review Guidelines: 3.2.2 (vi).
Q: Can I clarify to customers why I would really like permission to trace them earlier than I present the monitoring permission immediate?
A: Sure, as long as you’re clear to customers about your use of the information in your clarification. Per the App Store Review Guidelines: 5.1.1 (iv), apps should respect the consumer’s permission settings and never try to control, trick, or power individuals to consent to pointless knowledge entry.
Q: If I’ve not acquired permission from a consumer by way of the monitoring permission immediate, can I exploit an identifier apart from the IDFA (for instance, a hashed electronic mail deal with or hashed cellphone quantity) to trace that consumer?
A: No. You’ll need to obtain the consumer’s permission by way of the AppTrackingTransparency framework to trace that consumer.
Q: If a consumer offers permission for monitoring by way of a separate course of on our web site, however declines permission within the app monitoring transparency immediate, can I monitor that consumer throughout apps and web sites owned by different corporations?
A: Builders should get permission by way of the app monitoring transparency immediate for knowledge that’s collected within the app and used for monitoring. Information collected individually, outdoors of the app and never associated to the app, shouldn’t be in scope.
Q: Can I fingerprint or use indicators from the gadget to attempt to establish the gadget or a consumer?
A: No. Per the Apple Developer Program License Settlement, you might not derive knowledge from a tool for the aim of uniquely figuring out it. Examples of consumer or gadget knowledge embody, however aren’t restricted to: properties of a consumer’s net browser and its configuration, the consumer’s gadget and its configuration, the consumer’s location, or the consumer’s community connection. Apps which might be discovered to be participating on this apply, or that reference SDKs (together with however not restricted to Advert Networks, Attribution providers and Analytics) which might be, could also be rejected from the App Retailer.
Q: I’ve built-in an SDK from one other firm. Am I answerable for the information assortment and monitoring of customers of my app by that firm?
A: Sure. Builders are answerable for all code included of their apps. If you’re uncertain concerning the knowledge assortment and monitoring practices of code utilized in your app that you simply didn’t write, we propose contacting the developer of the SDK.
Q: I’ve built-in single sign-on performance offered by one other firm. Am I answerable for the information assortment and monitoring practices of that firm?
A: Sure. Builders are answerable for all code included of their app, together with single sign-on (SSO) performance offered by third events. If the consumer will likely be topic to monitoring on account of SSO performance included in your app, you need to use the app monitoring transparency immediate to acquire permission from that consumer first.
Q: What sort of firm constitutes an information dealer?
A: Information brokers are outlined by legislation in some jurisdictions. Normally, an information dealer is an organization that frequently collects and sells, licenses, or in any other case discloses to 3rd events the non-public info of explicit end-users with whom the enterprise doesn’t have a direct relationship.
Q: What identifiers or knowledge are ruled by the “monitoring” coverage?
A: Any consumer or gadget degree identifier that’s used to hitch knowledge out of your app with knowledge from third events (together with SDKs utilized in your app) for functions of promoting or advert measurement or sharing with an information dealer. This consists of, however shouldn’t be restricted to, the gadget’s promoting identifier, session ID, fingerprint IDs, and gadget graph identifiers. In case your app receives or shares any of those identifiers for the above listed functions, you need to use the AppTrackingTransparency framework to acquire consumer consent.